Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Overflow

DevSecOps Engineer

Overflow

First DevSecOps Engineer for a fintech company focusing on cloud security and compliance in AWS environment. Responsible for managing CI/CD and security processes while maintaining SOC 2 compliance.

Posted 7/14/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSeniorWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in managing and securing cloud environments, implementing IAM policies, and ensuring compliance with SOC 2 and PCI-DSS standards. Proficient in deploying CI/CD pipelines and integrating automated security testing within development workflows.

Highest-signal resume keywords
Cloud Environment ManagementInfrastructure as Code (IaC)Continuous Integration and Deployment (CI/CD)Docker and AWS ECS FargateSOC 2 and PCI-DSS Compliance

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Infrastructure as Code (IaC)Continuous Integration and Deployment (CI/CD)Automated Security TestingThreat ModelingArchitectural ReviewsSecure Coding TrainingDockerAWS ECS FargateGitHub ActionsData Encryption
Soft Skills
CollaborationCommunicationProblem-SolvingLeadership
Tools & Technologies
VPCsWAFsSecurity GroupsLogging FrameworksAlerting Frameworks
Industry Keywords
SOC 2PCI-DSSData Privacy RegulationsSecurity AuditsPenetration TestingVendor Risk Assessments

Tech Stack

Tools & technologies
AWSCloudDocker

About the role

Key responsibilities & impact
  • Secure, manage, and scale Overflow’s cloud environment, implementing least-privilege IAM policies, network security (VPCs, WAFs, Security Groups), and robust secret management.
  • Refine existing infrastructure provisioning using Infrastructure as Code (IaC) tools, ensuring security best practices.
  • Deploy and manage comprehensive observability, logging, and alerting frameworks to detect performance bottlenecks, anomalous behavior, or potential security incidents.
  • Own and optimize our continuous integration and deployment (CI/CD) pipelines.
  • "Shift Left" by integrating automated security testing (SAST, DAST, dependency scanning, container scanning) directly into the developer workflow.
  • Act as a security champion, partnering with software engineers to perform threat modeling, architectural reviews, and secure coding training.
  • Action on compliance requirements (SOC 2, PCI-DSS, and data privacy regulations)
  • Partner with our legal and operations teams to streamline security audits, penetration testing, and vendor risk assessments.
  • Ensure that PII and sensitive financial data are properly encrypted at rest and in transit across all databases and caching layers.

Requirements

What you’ll need
  • 5+ years in DevOps, Site Reliability, or Cloud Platform roles
  • Deep, hands-on experience with Docker and AWS ECS Fargate
  • Extensive experience building and maintaining robust deployment pipelines using GitHub Actions
  • Practical experience maintaining SOC 2 technical controls and a strong understanding of the architectural requirements for PCI-DSS (ideally Level 1) compliance

Benefits

Comp & perks
  • Competitive base salary with equity eligibility
  • Medical, dental, and vision coverage for employees and dependents
  • Generous paid time off and company holidays
  • Paid parental leave
  • 401(k) retirement plan
  • Dedicated mental health and therapy stipend to support personal well-being
  • Team retreats and intentional in-person gatherings throughout the year