DevSecOps Engineer

Remote Full-time
The company is systematically building out its security and compliance function. We have already launched the SOC 2 and ISO 27001 processes on Drata, with the goal of completing them by the end of Q2. In the mid-term roadmap, we also plan to cover GDPR, HIPAA, and HITRUST.
We are looking for our first dedicated DevSecOps Engineer who will take ownership of this area.
Above all, we are seeking a strong, hands-on engineer, someone who can not only describe security and compliance processes but also independently implement them across infrastructure, CI/CD, Kubernetes, cloud environments, and production services.
This role is not about β€œpaper compliance”. However, working with policies, procedures, and evidence will also be an important part of the responsibility. We need someone who can connect compliance requirements to real technical controls and ensure they are properly implemented, validated, documented, and audit-ready.

Requirements

5+ years of hands-on experience in security / DevSecOps for production infrastructure.
Direct experience with SOC 2 implementation: controls, evidence collection, audit preparation, and communication with auditors. Experience with Drata, Vanta, or a similar compliance automation platform.
Ability to write security policies and procedures yourself β€” and implement them in a way that actually works in day-to-day operations, not just sits in Notion as a checkbox.
Strong hands-on experience with Docker, Kubernetes, and cloud environments β€” GCP and/or AWS. This includes IAM, network policies, secrets management, hardening, and production operations, not just theory.
Strong understanding of IAM/SSO: centralized access management, provisioning/deprovisioning, and periodic access reviews.
Experience building onboarding and offboarding processes from a security and compliance perspective.
Ability to automate routine work using Python and/or Bash.
Ownership mindset: you take responsibility for a task, drive it to completion, and think one step ahead.
Friendly, non-toxic, and pleasant to work with.
Strong communication with developers: you can clearly and constructively explain your position, defend it when needed, and find common ground.
Willingness and ability to mentor, teach, and share knowledge with others.
Analytical mindset: you dig down to the root cause instead of just treating symptoms.
Proactivity: you would rather prevent an outage than heroically fight it later.
Strong attention to detail and reliability.

Nice to have
Experience with GDPR, HIPAA, and HITRUST β€” these are the next steps on our roadmap.
Experience in regulated industries such as banking, fintech, or healthcare, including customer/vendor security audits.
Experience with both on-prem and SaaS environments.
Kubernetes security tooling: Falco, OPA/Gatekeeper, Pod Security Standards, Trivy.
Experience using AI agents to automate routine tasks β€” this is already part of our engineering culture.
Terraform/Ansible and GitOps experience.
Experience with bug bounty or responsible disclosure programs.

Responsibilities

Own Drata, controls, evidence collection, and communication with auditors. Support SOC 2 and ISO 27001, with GDPR, HIPAA, and HITRUST planned next.
Develop and maintain security policies and procedures, including Vulnerability Management, Access Control, Incident Response, Data Protection, and others. These should be practical, living documents that reflect how we actually work, not generic templates.
Build onboarding, offboarding, and access review as a real process. Today, this is mostly handled through manual tickets; you will own the process and automate it through SSO, centralized IAM, and automated provisioning/deprovisioning across GCP, AWS, GitHub, and SaaS tools.
Drive SDLC security: Dependabot, CodeQL/SAST, SCA, dependency update policies, secrets management, and related controls. The goal is to find the right balance between compliance requirements, common sense, and a smooth developer experience.
Own vulnerability management: scanning, CVE triage, patching, annual penetration testing, vendor selection, coordination, and follow-up on findings.
Participate in response to critical vulnerabilities and security incidents.
Improve security observability: audit logging, change tracking, and reporting across all production platforms.
Spend around 60% of your time on the general infrastructure track: Kubernetes, deployments, monitoring, automation, and on-call. Infrastructure should not be a black box for you.

What we offer

The team has built award-winning AI products for tech corporations β€” devices, voice assistants, products that are actually in the world
Cutting-edge tech stack: Speech Technologies, NLP, Generative AI (LLMs, diffusion models), voice-first agentic architecture with privacy-first and on-premises deployment
High engineering bar and real ownership β€” the team cares about what actually works in production, not what looks good in a demo, and you'll see the impact of your work directly
Fast career progression β€” a senior-heavy team and a high volume of real problems means you grow faster than you would anywhere else
Startup pace with enterprise stability β€” real clients, real revenue, no bureaucracy
Fully remote across Europe
21 vacation days + public holidays + 5 sick days
Private English lessons via Preply
Apply Now β†’

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Food and Beverage Manager

Remote

Onestream System Administrator

Remote

Personal Finance for Teens Tutor

Remote

Experienced Data Entry Specialist – Remote Opportunity at careerzynith

Remote

Platform Engineer mit Karriereambitionen - jetzt mit uns voll durchstarten!

Remote

**Experienced Technical Customer Support Specialist – Hybrid Model – arenaflex**

Remote

Immediate Hiring: Director Sales (Cross OpCo Reorg)

Remote

Associate, Sales and Customer Service - Laval

Remote

Pella Hill Field Trip/Activities Coordinator

Remote

Sales Development Representative

Remote
← Back