🛠 Tech Stack

💼 About This Role

You'll implement and manage DevSecOps practices across the entire SDLC, ensuring a shift-left approach to security for a rapidly growing AI-driven accounting platform. Your work will directly secure our cloud infrastructure and CI/CD pipelines, enabling safe, compliant deployments at scale.

🎯 What You'll Do

• Harden CI/CD pipelines with minimal permissions and OIDC
• Integrate SAST, dependency, and secret scanning into builds
• Secure GCP infrastructure with least privilege IAM and VPC controls
• Manage encryption keys and secret rotation using Cloud KMS

📋 Requirements

• 4+ years in DevSecOps or Security Engineering
• Hands-on experience with Kubernetes and container orchestration
• Proven experience securing GCP (IAM, Secret Manager, VPC, KMS)
• Strong background hardening CI/CD systems (e.g., GitHub Actions)

✨ Nice to Have

• Familiarity with compliance standards like SOC 2 or ISO 42001
• Proficiency in Golang, TypeScript, or Python

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 🏥 Health Insurance
• 📈 Equity
• 💰 Competitive Salary
• 🚀 Fast-growing startup

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min