RemoteLeaf Logo
Log in Sign up

Senior DevSecOps Engineer

1 month ago
Remote
Full-time
Senior
DevOps Engineer
DevOps and Infrastructure
AWS Bash CI/CD Docker Git GitHub Actions Linux MariaDB Memcached MySQL Nginx PHP Secrets Management SonarQube Terraform
Apply Now
ThriveCart

ThriveCart

ThriveCart is a powerful cart, funnel, and course creator for entrepreneurs, offering high-converting cart pages, one-click upsell funnels, bump offers, trials, subscriptions, and more. With over $2.6 billion in sales generated for online businesses, T...

Internet Software & Services
11-50
Founded 2016
$35M raised
View All Jobs 4

Description

  • Implement and maintain automated security scanning in CI/CD pipelines (SAST, dependency, container).
  • Harden and manage AWS infrastructure (WAF, Security Groups, network segmentation) and audit IAM policies.
  • Monitor security advisories, coordinate patching, and track vulnerability remediation to reduce critical vulnerabilities.
  • Manage encryption at rest/in transit, secure compute resources, and administer secrets management.
  • Provide security tooling, dashboards, and developer support for findings and remediation.
  • Configure and maintain threat detection and observability (CloudWatch dashboards, GuardDuty, Security Hub) and build alerts for DDoS, intrusion, and anomalies.
  • Investigate production incidents, perform root cause analysis, build investigation queries, and maintain incident response runbooks.
  • Manage AWS resources with Terraform using security-first configurations and maintain zero-downtime CI/CD pipelines with security gates and rollback mechanisms.
  • Administer MariaDB databases including performance tuning, backups, and access controls; maintain Docker-based dev environments and container security.
  • Support compliance requirements (PCI-DSS) and manage evidence collection for audits.

Requirements

  • 3–5 years of production operations experience for high-traffic web applications with a security focus.
  • Hands-on experience implementing security controls in AWS (WAF, IAM, GuardDuty, Security Hub) and monitoring via CloudWatch.
  • Proven experience with Infrastructure as Code using Terraform and integrating security into CI/CD pipelines (e.g., GitHub Actions).
  • Database administration experience with MariaDB/MySQL, including performance tuning and backups.
  • Container security experience with Docker and vulnerability scanning tools (e.g., Trivy).
  • Familiarity with security scanning tools and IaC/static analysis (Snyk/SonarQube, Checkov) and secrets management (AWS Secrets Manager).
  • Experience with DDoS mitigation, incident response, threat detection, and compliance frameworks (PCI-DSS).
  • Practical skills with Linux, Bash scripting, log analysis, and common components in the stack (EC2, RDS, Nginx, Memcached, PHP 7.4).
  • Soft skills: security-first mindset, calm under pressure, and ability to communicate and educate engineering teams.
  • Must be authorized to work in your country of residence within South America and be available for shared on-call rotation.

Benefits

  • Competitive salary plus equity package.
  • Security certification sponsorship (e.g., CISSP, AWS Security).
  • Remote role based in South America (work-from-home).
  • Shared on-call rotation focused on revenue‑critical and security alerts.
  • Regular knowledge-sharing sessions and opportunities for professional growth.
  • Opportunity to impact and secure a revenue-critical platform serving real businesses.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sporty Group

Weekend DevOps Engineer

Sporty Group 51-250 Media

Weekend DevOps Engineer at Sporty working remotely to operate, maintain, and improve the company’s cloud infrastructure across multiple countries to ensure reliable, cost‑effective, and scalable production deployments.

Europe Asia Full-time Mid Level DevOps Engineer
AWS CDN Chef CI/CD Cloudflare Docker Drone Druid Grafana HTTP Java Jenkins Kubernetes Linux Memcached Microservices MySQL Nginx Oracle Prometheus Rancher Redis Spring Boot TCP/IP TypeScript Vue.js
1 month ago
Databricks

Head of Corporate Engineering

Databricks 1K-5K IT Services

Databricks is hiring a Head of Corporate Engineering to lead global enterprise engineering and operations, building and scaling secure cloud infrastructure, identity and access, endpoints, collaboration and engineering tools to enable developer velocity and enterprise compliance.

United States Full-time Lead Infrastructure Engineer Security Engineer
$265k-$364k
Agile AWS Azure Confluence GCP GitHub JIRA macOS
1 month ago
Veeam Software

Software Development Engineer in Test (SDET), Kasten 

Veeam Software 1K-5K Internet Software & Services

Software Development Engineer in Test at Veeam Kasten working on the infrastructure and test frameworks for the Kubernetes-focused Veeam Kasten data management platform to ensure high-quality, secure backup and recovery capabilities.

Poland Full-time Mid Level DevOps Engineer SDET (Software Development Engineer in Test)
AWS Bash CI/CD Docker Git Go Helm Kubernetes OpenShift Python Rancher Shell Scripting
1 month ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

Security practitioner role at ClickHouse focused on scaling incident detection and response capabilities, driving adoption of security processes and tooling, and protecting the company’s cloud and product infrastructure for customer-facing services.

United Kingdom Full-time Senior Security Engineer
AWS Azure ClickHouse GCP Penetration Testing Python SIEM
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers