Senior DevSecOps Engineer
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of experience in DevSecOps, Cloud Security, or Security Engineering roles • Deep experience securing AWS and GCP environments • Advanced Terraform expertise including infrastructure as code, reusable modules, and policy-as-code • Strong Python proficiency for automation, API integrations, and custom tooling • Hands-on experience with SIEM and SOAR platforms including detection engineering and integration • Deep familiarity with CI/CD security best practices and GitHub Actions • Experience designing and managing identity architectures including Okta, Azure AD, or similar platforms, covering SSO, SCIM, lifecycle automation, and conditional access • Familiarity with Elastic SIEM or modern log aggregation platforms • Experience with EDR/XDR platforms such as SentinelOne, CrowdStrike, or Defender, including policy tuning and telemetry integration • Experience managing endpoint security controls and MDM solutions such as Jamf or Intune • Experience securing Google Workspace environments
Responsibilities
• Design and implement cloud security guardrails across AWS and GCP • Embed policy enforcement and compliance checks directly into Terraform modules • Conduct architecture reviews and continuously harden multi-cloud environments • Lead threat modeling efforts for new infrastructure and product initiatives • Lead secrets management strategy across Vault, AWS Secrets Manager, and GCP Secret Manager • Integrate SAST, DAST, and dependency scanning into GitHub Actions workflows • Lead secure code review initiatives and drive secure-by-design engineering practices • Partner with engineering teams to eliminate vulnerabilities before production • Design, build, and tune high-fidelity detection logic within SIEM platforms • Map detections to MITRE ATT&CK and relevant threat models • Improve signal-to-noise ratio through advanced alert tuning and correlation logic • Develop log aggregation and monitoring strategies across application and infrastructure layers • Conduct detection coverage gap analysis • Build and maintain SOAR playbooks to automate repeatable response workflows • Reduce mean time to detect (MTTD) and mean time to respond (MTTR) • Continuously improve response playbooks through post-incident analysis • Automate evidence collection for audits and regulatory requirements • Translate security controls into technical enforcement mechanisms • Help scale compliance programs without adding operational overhead
Benefits
• You will own security architecture across multiple cloud environments. You will influence engineering standards across the company. You will not be reviewing tickets. You will be building scalable systems that embed security into how we operate at scale. • This role is built for someone who thrives on ownership, automates everything possible, and wants to design modern security infrastructure from the ground up. • We are redefining what entertainment and storytelling look like at global scale. Every piece of content we publish reaches millions and influences culture in real time. This is your opportunity to lead the team that decides how those moments come to life across every screen. • Competitive Salary • Generous Medical (Blue Cross Blue Shield), Dental, Vision and company-paid Life Insurance • Company contributions to employee Health Savings Accounts (HSA) • 401k Plan with Safe Harbor company-matching • Flexible vacation policy and paid company holidays • Company-provided technology package • Relocation assistance where applicable, including travel and company-provided housing for the first 90 days