DevSecOps Engineer

Anomali

full-time

Posted on: 10/17/2025

Location Type: Hybrid

Location: Redwood City • California • 🇺🇸 United States

✨ AI Apply

💰 $145,000 - $170,000 per year

Mid-LevelSenior

AWSCloudGoKubernetesPythonTerraformVault

About the role

Build and maintain defense-in-depth strategies across AWS and Kubernetes (WAF, NACLs, IAM, encryption, segmentation).
Integrate security automation into CI/CD (SAST, DAST, dependency and container scanning).
Partner with Pen Testers and Red Teams on offensive testing, threat modeling, and vulnerability remediation.
Drive continuous compliance with SOC 2, GDPR, and FedRAMP standards.
Implement and monitor cloud security controls with AWS Security Hub, GuardDuty, CloudTrail, and CloudWatch.
Secure secrets and credentials with AWS Secrets Manager, Vault, or SSM Parameter Store.
Define and enforce security guardrails through Infrastructure as Code (Terraform / CloudFormation).
Lead incident response, security reviews, and risk assessments.

3+ years in DevSecOps / Cloud Security / Infrastructure Security.
Deep hands-on experience with AWS (EKS, IAM, VPC, RDS, Lambda, etc.) and Kubernetes security (RBAC, Network Policies, Admission Controllers).
Solid grasp of network security and Zero Trust principles.
Proven collaboration with Pen Testing / Red Team operations.
Proficiency in Terraform, CloudFormation, or Pulumi.
Familiarity with CIS Benchmarks, NIST 800-53, OWASP Top 10.
Scripting skills in Python, Bash, or Go.
AWS Certified Security – Specialty, CKS, or CKAD.
Experience with Aqua, Prisma Cloud, Trivy, Falco, or Snyk.
Background in multi-tenant SaaS or multi-account AWS environments.
Must not now, or in the future, require visa sponsorship to work in the United States.

Benefits