Skip to main content
H

DevOps Engineer

Huxley

Location

Boston, MA

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

DevSecOps \| DevOps \| Remote \| FedRAMP \| AWS \| Azure \| GCP \| CI/CD \| US Citizen \| Series A

Role

: DevSecOps Engineer

Location

: Remote -

have to be a US Citizen located in the US

Package

: $110,000 - $150,000 \+ 10% Bonus \+ Benefits

We are seeing a hands-on DevSecOps Engineer, who will be responsible for securing cloud‑native, multi‑tenant environments operating under federally regulated security frameworks. This role centers on preventative security, automation, and continuous compliance by embedding security controls directly into infrastructure, CI/CD pipelines, and runtime operations.

The engineer will manage a leading CNAPP platform alongside CSPM tooling to reduce risk, prevent misconfigurations, and maintain ongoing audit readiness, while collaborating closely with internal engineering teams and external customers.

Key Responsibilities

Customer Onboarding \& Communication

  • Act as a primary security contact for customers deploying applications into regulated cloud environments.
  • Support onboarding by assessing application security posture and deployment readiness for federally compliant environments.
  • Review customer documentation, architectures, and deployment processes against established security requirements.
  • Clearly communicate security expectations, updates, incidents, and compliance‑related inquiries.

Federal Compliance \& Governance

  • Implement and operate security controls aligned to federal frameworks such as NIST SP 800‑53\.
  • Strong understanding of FedRAMP.
  • Participate in Continuous Monitoring activities, including vulnerability tracking, compliance reporting, and POA\&M updates.
  • Maintain and validate required compliance artifacts (e.g., network diagrams, data flows, trust boundaries).
  • Verify deployed infrastructure and traffic patterns against approved security architectures using logs and telemetry.

Security Tooling \& Vendor Coordination

  • Operate a CNAPP platform as a core enforcement and DevSecOps security control, including analysis, workload protection, and log review.
  • Integrate CNAPP and CSPM signals into automated workflows (SOAR, CI/CD) to support preventive controls and monitoring.
  • Coordinate third‑party penetration testing engagements, including scoping, access provisioning, and remediation tracking.
  • Use application security tools to support internal testing, assessment, and remediation

DevOps, Automation \& Preventative Security

  • Implement security and compliance gates within CI/CD pipelines to prevent unauthorized or non‑compliant deployments.
  • Enforce policy‑as‑code standards for IAM, networking, encryption, logging, and workload protection using IaC tools such as Terraform.
  • Ensure required security agents, logging, and monitoring are in place before deployment.
  • Enforce network segmentation, approved traffic paths, and least‑privilege access to prevent exposure.
  • Detect and remediate configuration drift using CSPM tools and automated workflows.
  • Secure Kubernetes clusters and containerized workloads according to approved baselines.

Minimum Qualifications

  • 4\+ years of experience in Cloud Security, DevSecOps, or Security Operations.
  • Hands‑on experience operating a cloud workload protection platform in production environments.
  • Direct experience supporting federally regulated cloud environments and implementing NIST SP 800‑53 controls.
  • Experience working directly with customers on security onboarding or deployment readiness.
  • Strong experience with CSPM/CNAPP platforms.
  • Proficiency with Terraform and CI/CD tools (e.g., GitHub Actions).
  • Experience securing multi‑cloud environments (AWS required; Azure and/or GCP preferred).
  • Excellent written and verbal communication skills.

Preferred Qualifications

  • Experience collaborating with SOC or incident response teams.
  • Experience managing external penetration testing activities.
  • Familiarity with compliance documentation and audit artifacts (e.g., SSPs).
  • Relevant certifications (e.g., AWS Security Specialty, CISSP, CISM, CCSP).
  • Experience applying automation or AI‑assisted tools to security workflows.

Full benefits package including

  • Medical Insurance, 401(k), Dental, Vision, PTO, 10% Bonus etc

** This role requires you to be a US Citizen, located in the US **

[email protected] \| (857) 317-5044 \| LinkedIn DM

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

All JobsSoftware Engineer JobsData Scientist JobsCareer Tips
Browse All Jobs
More JobsApply Now