DevSecOps Engineer (Cloud Security and Compliance)

Come Back Agency supports US software and technology companies by running their hiring process. We work with delivery and leadership teams to define roles, screen candidates, and manage interviews. Successful candidates are hired directly by the company and become part of its team.

This position is with a US-based software company providing custom development and AI implementation for North American clients. The team builds and maintains production software, including AI-enabled systems, and works in long-term client engagements. Team members operate as part of an internal, distributed team and collaborate directly with client stakeholders.

About the role

The company is moving deeper into enterprise work. We need a DevOps engineer who can help harden our infrastructure, implement security best practices, and drive compliance readiness so we can pass enterprise vendor reviews and pursue certifications like SOC 2 and ISO 27001. You will work closely with engineering and leadership across infrastructure, security, and compliance.

What you will do:

• Build and maintain secure cloud infrastructure and CI/CD pipelines
• Implement access control, least privilege, and secrets management across environments
• Standardize logging, monitoring, alerting, and audit trails
• Create and maintain secure SDLC practices, including code scanning, dependency scanning, and change control
• Set up incident response basics, including runbooks, on-call expectations, and post-incident process
• Compliance readiness for SOC 2 and ISO 27001 by implementing required technical controls and gathering evidence
• Vulnerability management and patching routines for infrastructure and dependencies
• Improve backup, disaster recovery, and business continuity practices
• Support client security questionnaires with clear technical answers and evidence

Requirements:

• Up to 2 years of DevOps experience with cloud infrastructure and deployment pipelines
• Hands-on experience with AWS, including IAM, networking, compute, and logging services
• Experience with Infrastructure as Code such as Terraform
• Experience with containerization and orchestration, Docker and Kubernetes preferred
• Comfort setting up security tooling, SAST, DAST, dependency scanning, secret scanning
• Ability to document systems clearly and work with auditors or compliance tools when needed
• English at B2 level or higher - you will collaborate directly with US client stakeholders

Nice to have:

• SOC 2 or ISO 27001 experience, even if you were the technical owner not the compliance PM
• Experience with Vanta, Drata, Secureframe, or similar evidence automation tools
• Experience working with HIPAA or other regulated client environments
• AWS certifications such as Solutions Architect or Security Specialty

What We Offer:

• Working hours aligned with US time zones, typically 16:00-23:59 Kyiv time
• English lessons to support clear and confident communication
• Paid vacation and sick days
• Fully remote work
• Opportunities for professional growth within the team
• Structured, personalized onboarding to help you ramp up effectively

Apply with your resume and a short note outlining your relevant experience. You can also submit it through our website at comeback.ua. Selected candidates will be contacted by Come Back Agency.