# Software Engineer, DevSecOps
**Company:** [Siftstack](https://hotfix.jobs/companies/siftstack)
**Location:** Marina Del Rey, CA, San Francisco, CA
**Salary:** $170K-$220K
**Experience:** 4+ years
**Skills:** Python, Go, Bash, Terraform, Kubernetes, AWS, CI/CD, SOC 2, FedRAMP, Policy-As-Code
**Posted:** 2026-05-15
> Software Engineer, Security Infrastructure role building and automating security controls, compliance tooling, and DevSecOps practices across AWS, Kubernetes, and CI/CD pipelines. Requires 4–7+ years of hands-on cloud-native security automation experience.
## Job Description
## In This Role, You’ll:
- Build and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across AWS cloud environments, Kubernetes clusters, and CI/CD pipelines.
- Develop lightweight internal solutions (policy-as-code, custom scanners, CI/CD integrations) that make security and compliance automatic, auditable, and invisible to engineering.
- Embed security guardrails directly into Infrastructure-as-Code (Terraform), container orchestration, and deployment workflows for secure-by-default.
- Partner with infrastructure and platform engineering teams to harden cloud-native systems, implement access controls, encryption, logging/monitoring, and vulnerability management at scale.
- Improve visibility into security posture through automated reporting, dashboards, and real-time observability.
- Translate compliance requirements (SOC 2, FedRAMP, and related frameworks) into pragmatic, enforceable technical implementations.
- Reduce toil by automating security workflows, compliance validation, and remediation.
- Support incident response and post-incident improvements with better observability and tooling.
- Conduct security reviews of new features, services, and infrastructure changes.

## The Skillset You’ll Bring:
- 4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles (founding or early-stage security builder experience strongly preferred).
- Proven track record shipping production-grade security automation in cloud-native environments (AWS strongly preferred).
- Deep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems.
- Strong proficiency in scripting and automation (Python, Go, Bash, or similar) and a bias toward building custom tooling.
- Hands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems.
- Working knowledge across core security domains: access control, identity management, least-privilege enforcement, logging/monitoring/auditing, encryption/key management/secrets handling, vulnerability scanning, policy-as-code, continuous compliance, incident response, and change management.
- Ability to assess system state, identify gaps, and deliver pragmatic, high-impact solutions.
- Comfort operating as a founding security engineer in ambiguity, owning standards end-to-end.
**Apply:** https://hotfix.jobs/jobs/software-engineer-devsecops-at-siftstack-b0e12de5-bb2c-4704-b8bd-1c3572921c1d
**Canonical:** https://hotfix.jobs/jobs/software-engineer-devsecops-at-siftstack-b0e12de5-bb2c-4704-b8bd-1c3572921c1d