Apply on Employer Site

DEFCON AI · 6 hours ago

Senior DevSecOps / Platform Security Engineer (AWS + Kubernetes)

United States

Full-time

Remote

Senior Level

$175K/yr - $215K/yr

5+ years exp

DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. They are seeking a Senior DevSecOps/Platform Security Engineer to build and operate production security controls across their AWS and Kubernetes platform, ensuring secure delivery through automation and policy enforcement.

Artificial Intelligence (AI)TransportationLogisticsSupply Chain Management

Responsibilities

Design, build, and maintain CI/CD security controls that scale across repositories and teams (reusable pipeline components, templates, and standards)

Implement Kubernetes security architecture and guardrails (RBAC hardening, workload security baselines, admission policies, network policies, and safe multi-tenant patterns as applicable)

Improve container security end-to-end: base-image strategy, vulnerability scanning, registry controls, image signing, and promotion workflows

Operationalize vulnerability management with risk-based prioritization, measurable remediation SLAs, and dashboards/metrics (MTTR, exposure trends, top recurring root causes)

Drive developer enablement: clear documentation, lightweight design reviews/threat modeling for high-impact changes, office hours, and high-signal guidance embedded in tooling

You'll ship code and infrastructure, not just recommendations

You'll own reliability and outcomes for the controls you build

You'll response to incidents and on-call rotation related to platform security controls and pipeline reliability (scope aligned with Platform/SRE)

This role supports delivery into regulated environments and works closely with Security/GRC to implement engineering-owned controls and produce audit-ready evidence. You'll help translate requirements (for example, NIST SP 800-171 and CMMC expectations) into practical, automated guardrails within CI/CD, AWS, and Kubernetes

Qualification

AWS securityKubernetes securityCI/CD security automationInfrastructure as CodeScripting/codingSoftware supply chain securityAnalytical aptitudeAgile methodology experienceEffective communicationContinuous learner

Required

5+ years of experience in DevOps/SRE/Platform Engineering and/or Security Engineering with a strong automation and delivery focus

Hands-on experience securing AWS environments: IAM (least privilege), network controls, encryption (KMS), and centralized logging/detection

Strong Kubernetes security experience (EKS or equivalent): RBAC, workload hardening, and policy enforcement via admission control

Experience integrating security into CI/CD pipelines and developer workflows (SAST, SCA, secrets scanning, container scanning, IaC scanning)

Infrastructure as Code proficiency (Terraform, CloudFormation, CDK, or Pulumi) and ability to embed guardrails into IaC workflows

Proficiency scripting/coding (e.g., Python, Go, Bash) to build integrations, automations, and internal tooling

Able to communicate risk and tradeoffs clearly and pragmatically to engineers; improves signal-to-noise rather than adding friction

Preferred

Experience with Kubernetes policy-as-code tooling (OPA/Gatekeeper, Kyverno) and secure workload identity patterns (OIDC/IRSA)

Experience with software supply chain security: SBOM generation and management, signing/verification (e.g., cosign), and provenance concepts

Experience building 'golden paths' or internal developer platforms that improve both delivery velocity and security outcomes

Familiarity with regulated delivery expectations (NIST SP 800-171/CMMC) and evidence-driven control implementation

Analytical Aptitude: Possess keen analytical and problem-solving skills, coupled with the capability to understand complex software challenges and collaborate toward viable solutions

Effective Communication: Skilled in distilling technical complexities into comprehensible terms for varied audiences

Adaptive Nature: Resilience and adaptability in the face of an ever-changing tech landscape, with a knack for rapidly integrating new technologies and methodologies

Agile Methodology Experience: An understanding and hands-on experience with agile development methodologies and version control tools

Agility in Tech: Demonstrated adaptability in the fast-paced tech landscape, continually embracing and integrating new technologies and methodologies

Education: While formal education in Computer Science or related fields is a plus, DefconAI values hands-on experience and demonstrable skills above all. Candidates with 6+ years of relevant experience will be considered regardless of their academic pedigree

Continuous Learner: A commitment to perpetually update one's skill set, staying aligned with the latest in technology trends and best practices

Benefits

100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family

Unlimited PTO, with your manager's approval

Flexible work environment where you manage your work day

14 weeks of fully-paid parental leave

Company

DEFCON AI

DEFCON AI optimize logistics and mobility decision-making through the use of advanced AI technology.

Founded in 2022

Mclean, Virginia, USA

11-50 employees

https://www.defconai.com

Funding

Current Stage

Early Stage

Total Funding

$44M

Key Investors

Bessemer Venture Partners

2024-08-20Seed· $44M

Leadership Team

Yisroel Brumer

Co-Founder and Chief Executive Officer

Grant Verstandig

Co-Founder & Executive Chairman

Recent News

Yahoo Finance

BigBear.ai (BBAI) Partners with DEFCON AI to Deliver Next-Gen Military Decision Intelligence Solutions

2025-08-17

WebProNews

BigBear.ai Rebounds to Profit on AI Demand and $165M Army Deal

2025-08-11

FN Media Group LLC

Artificial Intelligence is Fundamentally Reshaping the Defense Radar Systems Targeting Threat Detections

2025-08-05

Company data provided by crunchbase