[Hiring] Principal DevOps Engineer @Malwarebytes

Role Description

Malwarebytes is looking for a sharp, security-minded Principal DevOps Engineer to join our Consumer team. You will architect and manage our AWS infrastructure using Terraform, enforce cloud security best practices at every layer, make cost-conscious infrastructure decisions that balance performance with efficiency, and drive modern CI/CD automation across the organization. You will own site reliability for our production systems and set the engineering standards that the team builds against. In addition to deep technical execution, you will provide leadership and mentorship to the engineering team, interface with executive leadership on platform strategy and investment, and lead cross-functional infrastructure projects.

If you hold security and reliability to a high standard, default to automation over manual process, and can operate credibly at every level of the organization, we want to hear from you.

Annual Compensation Range: $125 - 145K

What You Will Do

• Own and evolve our AWS cloud infrastructure using Terraform, applying security best practices — least-privilege IAM, network segmentation, secrets management, and compliance guardrails — as non-negotiable defaults.
• Design, implement, and continuously improve CI/CD pipelines using GitHub Actions, ensuring automated security scanning (SAST, secrets detection, container image scanning), policy enforcement, and quality gates are built into every pipeline.
• Champion infrastructure security: proactively identify and remediate cloud misconfigurations, leverage GuardDuty, Security Hub, and Config, and partner with the Security team on vulnerability management and incident response.
• Own and improve SRE practices: define SLOs, build alerting and observability solutions using CloudWatch and related tooling, and drive blameless post-mortems.
• Participate in on-call rotation and own production incidents end-to-end — from detection through resolution and follow-up.
• Maintain build and release environments for development teams and develop automation and test tooling for client applications.
• Evaluate and adopt emerging DevOps technologies through structured proof-of-concept testing.
• Keep documentation, runbooks, and architecture diagrams current and actionable.
• Provide technical leadership, mentorship, and strategic guidance to the engineering team; conduct architecture and code reviews and define team engineering standards.
• Interface with executive leadership to communicate platform strategy, risk, and investment tradeoffs; lead and drive cross-functional infrastructure projects from scoping through delivery.

Qualifications

• 10+ years of hands-on DevOps or SRE experience, with at least 5 years operating production workloads in AWS at scale — EC2, ECS, ECR, Lambda, RDS, CloudWatch, IAM, VPC, EKS, and CloudFront required.
• BA/BS in Engineering or Computer Science preferred; equivalent experience demonstrated through a proven track record accepted.
• An ideal candidate holds one or more AWS Professional-level certifications (Solutions Architect Professional, DevOps Professional, or equivalent).
• Deep Terraform expertise: you write modular, reusable, well-tested infrastructure code and treat IaC security as seriously as application security.
• Strong GitHub Actions experience building pipelines as code, including integrated security scanning (SAST, secrets detection, and container image scanning).
• Jenkins experience is a plus.
• Demonstrable cloud security depth: hands-on experience with GuardDuty, Security Hub, Config, SCPs, and related tools and practices.
• Strong scripting and automation — Python, Go, or Bash — with a track record of eliminating manual toil.
• Solid Linux system administration and container management (Docker). Windows Server and Windows container experience is a plus.
• Proven SRE practice experience: SLO definition, observability design, and post-mortem-driven reliability improvement.
• Familiarity with cross-platform code compilation (Windows and macOS), code signing, and software supply chain security.
• Active, daily use of AI coding assistants (Claude Code, GitHub Copilot, or equivalent) is expected as a core part of this role.
• Strong communication and documentation skills: capable of writing architecture proposals, leading design reviews, and producing runbooks that on-call engineers can act on under pressure.
• Demonstrated ability to operate at a principal or staff engineer level — influencing architecture across teams, driving technical decisions through ambiguity, and raising engineering quality across the organization.
• Proven experience providing technical leadership and mentorship to engineering teams and interfacing with executive leadership on platform strategy, risk, and infrastructure investment decisions.

Benefits

• Comprehensive medical, dental, and vision insurance coverage
• Employee Referral Bonus Program
• Wellness programs
• 401k and employer matching for US Employees
• Comprehensive Time Off policy
• An opportunity to do something great for yourself and the world!