Staff DevSecOps Engineer

Redox

DevSecOps Engineer ensuring secure software development at Redox, enhancing healthcare data exchange. Collaborating with platform engineers to implement security best practices across the AWS/EKS infrastructure.

Posted 6/24/2026full-timeRemote • 🇺🇸 United StatesLead💰 $190,000 - $199,000 per yearWebsite

Tech Stack

Tools & technologies

AWSCloudGoJavaScriptKubernetesNode.jsPythonTerraformTypeScript

About the role

Key responsibilities & impact

Champion a security-first mindset within Engineering to help set the security posture of our platform infrastructure — supply chain hardening, secrets management, IAM/IRSA, container image integrity, and vulnerability remediation across our AWS/EKS environment
Design and build automation that makes compliance evidence continuous, not manual — translating HITRUST controls into passing tests and structured outputs that flow into our compliance tooling (Vanta)
Embed security into the platform by default: make the secure path the easy path for application engineers, through guardrails, policy-as-code, and well-documented patterns
Partner with our Security team to translate threat assessments and control gaps into engineering proposals with clear scope, tradeoffs, and recommended paths forward
Lead platform security initiatives from design to operationalization — requirements, technical design, code and code review, deployment, and documentation
Contribute hands-on to the broader platform: CI/CD pipelines, container orchestration, observability, and developer tooling — this is an IC role, not a governance role
Participate in on-call rotation and own the systems you build, including production incidents
Mentor engineers on security practices and raise the security baseline across the team

Requirements

What you’ll need

8+ years in cloud-native infrastructure or platform engineering roles, with demonstrable progression in technical scope and leadership
Hands-on expertise with AWS and Kubernetes (EKS) — you've operated these in production, not just deployed them
Security depth: you understand supply chain risk, IAM/zero-trust patterns, secrets management, and vulnerability management at the platform level — not just as concepts
Experience translating compliance frameworks (HITRUST, SOC 2, or equivalent) into concrete engineering controls — bonus if you've worked with Vanta or similar compliance automation tooling
Fluency in infrastructure-as-code (Terraform/HCL) and at least one scripting language (Python, Go, or Node.js/TypeScript)
Experience with modern CI/CD systems and the security surface they introduce — pipeline integrity, artifact signing, registry controls
Strong written communication and a track record of driving technical decisions in async, remote environments - you write proposals, not just Slack messages, and convert them to impact

Benefits

Comp & perks

100% remote first culture (must be based in the US)
Unlimited Flexible Time Off
15+ Observed Holidays
Rest & R^Charge days (guaranteed a 3-day weekend each month)
R^Charge (6 weeks paid sabbatical + stipend)
401k match 50% for up to 8% on Day 1
Medical/Dental/Vision Benefits on Day 1
HSA & FSA, Life, Disability, Medical Travel & Employee Assistance Program
Paid Parental Leave (16 weeks)
Productivity Stipend & Wellness Fund
Redox Issued MacBook
Virtual and/or in-person Team & Company Events
Stock Options
Employee Referral Bonus Program

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AWSKubernetesTerraformPythonGoNode.jsTypeScriptCI/CDvulnerability managementcompliance frameworks

Soft Skills

written communicationleadershipmentoringtechnical decision making

Certifications

HITRUSTSOC 2