DevSecOps

DevSecOps Engineer  

The DevSecOps Engineer is a foundational role in our client’s project, responsible for architecting and maintaining the high-security infrastructure required for an enterprise-grade Agent Development Platform (ADP). You will be tasked with building the secure "sandbox" where autonomous agents live, ensuring zero-trust connectivity and managing the specialized data stores that power agentic reasoning. 

About the Role 

You will lead the setup of the AWS production environment and the implementation of Firecracker MicroVMs to provide isolated, ephemeral runtimes for agents. You are the guardian of the platform's "Egress Controls," ensuring that while agents can reason over proprietary data, they can never exfiltrate it. 

Key Responsibilities 

Agent Sandboxing & Isolation: Implement and manage Firecracker MicroVMs (or restricted Kubernetes/Docker environments) to ensure agents execute in strictly isolated, secure runtimes. 

Secure Data Infrastructure: Provision and optimize the platform's multi-layered data stack, including PostgreSQL (OLTP), ChromaDB/PGVector (VectorStore), and GraphDB (Neo4j) for relational knowledge mapping. 

Event Orchestration: Build and manage high-performance Event Streams (AWS SQS, Event Bridge, or Kafka) to handle agent-to-agent communication and Human-in-the-Loop (HITL) escalation triggers. 

Infrastructure as Code (IaC): Automate the provisioning of AWS cloud infrastructure and Kubernetes clusters using industry-standard tools. 

Security & Identity Integration: Implement WorkOS for B2B identity management and multi-tenancy, ensuring strict logical separation of tenant data and configurations. 

Network Hardening: Design and enforce strict egress firewalls and proxy-only outbound routing to prevent data exfiltration by autonomous agents. 

Required Skills & Experience 

Cloud & Containers: Deep expertise in AWS, Kubernetes, and container security; proven experience with Firecracker MicroVMs is highly desirable. 

Database Management: Hands-on experience managing and scaling Vector Databases (Chroma, PGVector) and Graph Databases for AI applications. 

Security First Mindset: Strong understanding of zero-trust architecture, OWASP principles, and secure design for AI systems. 

Messaging & Events: Proficiency in managing event-driven architectures and streaming platforms for real-time data processing. 

Automation: Advanced scripting skills (Python, Bash) and a track record of implementing automated security gates in CI/CD pipelines. 

Workflow Orchestration: Experience with Temporal for managing long-running, multi-stage agentic workflows. 

Desirable 

Compliance: Experience preparing infrastructure for SOC 2, ISO 27001, or GDPR readiness. 

Agentic Frameworks: Familiarity with LangSmith or Langfuse for observability and tracing of agent workloads.