Senior DevSecOps Engineer - Multi-cloud & Full Stack

About CloudSmiths:

At CloudSmiths, we foster a high autonomy, high trust engineering culture.
We are a team of curious, experienced engineers who are passionate about our craft and achieving impactful outcomes.
We believe in solving real infrastructure problems at scale using modern tooling
and champion a culture of continuous learning with flexible working conditions.

About the Role:

CloudSmiths is seeking an experienced Senior DevSecOps Engineer with a strong background in one or more major cloud platforms (GCP, Azure, or AWS) and full-stack software engineering.
While expertise in a single cloud is welcome, candidates with multi-cloud experience will have a distinct advantage.

In this pivotal role, you will be instrumental in building, scaling, and automating infrastructure for high-performance systems.
We are looking for an individual with deep technical competence, a passion for robust system design, and an independent, proactive mindset who can deliver outcomes without excessive oversight.
You will be expected to apply sound architectural thinking across the entire stack.

Key Responsibilities:

• Design, build, and maintain cloud-native and hybrid infrastructure across AWS, GCP, and/or Azure.
  
  
• Own CI/CD pipelines end-to-end, optimizing for reliability, speed, and security.
  
  
• Lead efforts in infrastructure-as-code (e.g., Terraform, Pulumi) and Kubernetes operations.
  
  
• Partner with software engineers to ensure seamless deployments, observability, and scaling.
  
  
• Architect and maintain secure, cost-efficient cloud environments aligned with business goals.
  
  
• Write clean, maintainable code in one or more backend and frontend stacks (e.g., Python, Node.js, Go, React, etc.).
  
  
• Lead incident response and postmortem processes, focusing on improving system resilience.
  
  
• Champion DevSecOps best practices and infrastructure observability.
  
  
• Contribute to internal technical standards, architecture documentation, and mentoring.
  
  
• Integrate security scanning tools (e.g., Snyk, Checkov, Trivy, Aqua) into CI/CD pipelines.
  
  
• Implement and manage policy-as-code using tools like OPA (Open Policy Agent) or HashiCorp Sentinel.
  
  
• Manage secrets using tools such as HashiCorp Vault, AWS KMS, Azure Key Vault, or Google Secret Manager.
  
  
• Enforce least privilege IAM policies and manage secure identities across multi-cloud environments.
  
  
• Work with container image signing, SBOMs, and supply chain security (e.g., Sigstore, Cosign, Chainguard).
  
  
• Align infrastructure and pipelines with compliance frameworks (e.g., ISO27001, SOC 2, CIS Benchmarks).
  
  
• Implement runtime security monitoring in containerized/Kubernetes environments (e.g., Falco, Sysdig Secure, Datadog CSPM).
  
  
• Build automated security guardrails and pre-deployment checks to prevent misconfigurations or vulnerabilities.
  
  
• Apply deep familiarity with threat modeling, vulnerability management, and infrastructure risk mitigation techniques.
  
  

Requirements:

• 5+ years in DevSecOps/SRE roles with production-level responsibilities.
  
  
• 3+ years as a lead developer in a production environment; experience in enterprise corporates will be a bonus.
  
  
• Production experience deploying and maintaining workloads in at least one major cloud platform (GCP, Azure, or AWS) is required; experience with two or more is preferred.
  
  
• Strong hands-on experience with Google Cloud – particularly in secure CI/CD pipelines, IAM, and infrastructure automation – is highly desirable.
  
  
• Prior experience as a full-stack engineer, fluent in at least two backend languages and familiar with frontend frameworks.
  
  
• Expertise with container orchestration (Kubernetes), service mesh, and logging/monitoring stacks (Prometheus, Grafana, ELK).
  
  
• Hands-on experience with tools like Terraform, Helm, GitOps workflows, Docker, Vault, ArgoCD, etc.
  
  
• Deep understanding of distributed systems, networking, and cloud security principles.
  
  
• University Degree in Computer Engineering, Software Engineering, or a similar technical discipline.
  
  
• Proven track record of shipping infrastructure and product features at scale.
  
  
• Strong grasp of systems architecture and an interest in making design trade-offs.
  
  
• Comfortable working in asynchronous and distributed teams.
  
  

Bonus Points:

• Experience with hybrid environments.
  
  
• Exposure to serverless architectures, data engineering, or MLOps workflows.
  
  
• Active participation in open-source or internal tooling contributions.
  
  
• Experience with designing and deploying AI Solutions.
  
  

Why Join CloudSmiths?

• Culture: Enjoy a high autonomy, high trust engineering culture.
  
  
• Impact: Solve real infrastructure problems at scale with modern tooling.
  
  
• Team: Work alongside a team of curious, experienced engineers who care about craft and outcomes.
  
  
• Growth: Benefit from flexible working conditions and a culture of continuous learning.
  
  

Ready to make an impact? Apply now to join our innovative Cloud Practice at CloudSmiths!