DevSecOps Engineer – remote

We’re looking for aDevSecOps Engineerto lead our security-first infrastructure scaling and automation efforts. You’ll work closely with our development teams to strengthen our CI/CD pipelines, manage secure customer-specific container deployments, and build the foundation for orchestrated, cloud-native growth.

If you’re someone who gets excited by container orchestration, DevSecOps best practices, and designing systems that are both secure and scalable, this is your role.

Key Responsibilities

• Secure and Scale Infrastructure:Architect and maintain secure infrastructure to support 1,000+ isolated Docker-based customer deployments.
• CI/CD Ownership:Build and manage GitHub Actions pipelines, integrating security tooling such as static/dynamic analyzers, dependency checkers, and image scanners.
• Infrastructure as Code:Use Terraform and Ansible to ensure repeatable, consistent deployments across cloud environments.
• Container Security & Orchestration:Implement and enforce container best practices (e.g., image minimization, secrets management), and lead the migration to a container orchestration platform like Kubernetes.
• SSO & Identity:Partner with the dev team to securely integrate SSO providers (Auth0, Okta, EntraID) using OAuth2/OIDC standards.
• Monitoring & Alerting:Set up centralized logging, monitoring, and alerting systems to ensure observability and rapid anomaly detection.
• Security Automation:Embed security checks and compliance gates into the development lifecycle.
• Threat Modeling:Participate in threat modeling sessions and conduct regular architecture reviews.
• Incident Readiness:Develop incident response playbooks and prepare infrastructure for rapid mitigation and recovery.

Required:

• 3+ years in a DevOps or DevSecOps role within a cloud-native or SaaS environment.
• Deep expertise inKubernetesand containerized deployments.
• Strong command ofDocker,GitHub Actions, and major cloud providers (AWS, GCP, or Azure).
• Proficiency withTerraformandAnsible.
• Solid understanding of SSO protocols (OAuth2, OIDC) and experience integrating identity providers (Auth0, Okta, EntraID).
• Familiarity with Python-based applications and MongoDB.
• Experience implementing CI/CD-integrated security tooling (SAST, DAST, image scanning).
• Excellent documentation and cross-functional communication skills.

Nice to Have

• Experience in a cybersecurity company or with attack surface management tools.
• Background in building multi-tenant or customer-isolated SaaS platforms.
• Relevant certifications (e.g., OSCP, CISSP, AWS/GCP Security Specialty).

Reference:1024797

Worried that you don’t meet every single requirement listed in the job ad? Studies have shown that individuals from marginalized groups are less likely to apply to jobs unless they meet every single qualification. Level is dedicated to building a diverse, inclusive and representative workplace, so if you’re excited about this role, but worried that you don’t meet every requirement, we encourage you to apply anyways. We’d love to get to know you.