SecOps/DevOps Engineer (Senior/Strong Middle)

📍 Remote | 🕒 Full-time | 🌐 Project from scratch

We’re building a new, security-sensitive journalism platform in a confidential environment.
The product itself is not cybersecurity software — but it will operate under very strict security, compliance, and communication protocols.

We are looking for an experienced DevOps / SecOps Engineer who can design, implement, and maintain a secure infrastructure for a greenfield web platform. This person will play a foundational role in establishing the architecture, CI/CD pipelines, access control systems, and overall security posture of the project.

🧭 Role Overview

You will be responsible for:

• Architecting secure infrastructure (multi-environment, access-controlled, auditable).
• Implementing defense-in-depth principles across infrastructure, CI/CD, and application layers.
• Setting up secure CI/CD pipelines with secrets management and least privilege policies.
• Designing network isolation, zero-trust access, and secure communication workflows for all team members.
• Ensuring compliance with industry security frameworks and standards.
• Supporting security audits, penetration tests, and incident response procedures.

✅ Requirements

• 4+ years of professional experience in DevOps / SecOps / Infrastructure roles.
• Proven experience designing and managing secure architectures for production systems with sensitive data.
• Deep understanding of cloud security best practices (AWS / GCP / Azure), including:
  • VPC segmentation, private networking, security groups
  • IAM and role-based access control (RBAC)
  • Key & secret management (Vault, SSM, KMS, etc.)
• Expertise with secure CI/CD pipelines, including:
  • Secrets rotation
  • Signed artifacts and integrity checks
  • Static/dynamic security scanning and policy enforcement
• Experience implementing:
  • Zero-trust principles
  • Network & environment isolation
  • Secure artifact repositories and registries
• Solid understanding of secure SDLC frameworks and collaboration with development teams.
• Practical experience with security hardening (OS, containers, network).
• Familiarity with incident response, intrusion detection, monitoring, and log aggregation.
• Hands-on experience with compliance frameworks (ISO 27001, SOC 2, GDPR, NIST, or similar).

🧱 Nice to Have

• Background in penetration testing, threat modeling, or security assessments.
• Experience with Kubernetes security (OPA, PodSecurityPolicies, Admission Controllers).
• Familiarity with automated vulnerability management tools.
• Previous work in journalism, NGO, or sensitive-data environments.
• Certifications such as CISSP, CCSP, AWS Security Specialty, or equivalent are a plus.

🔐 Security & Communication

• All operations and communications occur over secure, encrypted channels.
• Infrastructure will follow zero-trust and least privilege principles.
• You will define access control, audit policies, and environment segregation from day one.
• You’ll be the key security authority inside the project team.

🚀 Why Join

• Build the entire infrastructure from scratch with full technical influence.
• Work in a compact, senior team on a meaningful journalism project.
• Define secure architecture and DevOps culture from day one.
• Growth path toward Security Lead / Infrastructure Lead as the platform scales.