[Hiring] Senior DevSecOps Engineer @Benchmark Solutions LLC

Role Description

We’re looking for a Senior DevSecOps Engineer to join our Infrastructure & Security team. In this role, you’ll own the intersection of platform reliability, cloud infrastructure, and security. You will do this by embedding security practices directly into our engineering lifecycle, rather than treating it as an afterthought.

You’ll work closely with the Director of Infrastructure & Security and across engineering teams to:

• Harden our AWS environment
• Mature our CI/CD pipelines
• Maintain our Kubernetes platform
• Ensure we remain audit-ready against CJIS and SOC 2 requirements

You’ll also have the opportunity to drive automation and AI-assisted operations initiatives as we continue scaling.

This is a high-ownership role. You’ll be trusted to operate independently, make sound engineering and security tradeoffs, contribute significantly to security decisions, and lead incident response when things go wrong.

Qualifications

• 5–8 years of experience in DevOps, DevSecOps, SRE, Cloud Engineering, or Platform Engineering roles
• Strong hands-on AWS experience: EC2, EKS, IAM, VPC, S3, and related services
• Production Kubernetes experience including cluster operations and workload security
• Experience building and maintaining CI/CD pipelines with integrated security tooling
• Working knowledge of SOC 2 or similar compliance frameworks and their operational implications
• Infrastructure-as-code fluency with Terraform or OpenTofu
• Strong incident response skills: you’ve been in the hot seat and know how to stay calm and methodical
• Excellent written communication: you can document a runbook, write a post-mortem, and explain a technical risk to a non-technical stakeholder

Requirements

• Design, build, and maintain secure AWS infrastructure across standard and GovCloud environments
• Own infrastructure-as-code (Terraform / OpenTofu) with a security-first mindset
• Manage IAM strategy, least-privilege access controls, and cloud security posture
• Operate and evolve our EKS-based platform including node lifecycle, workload isolation, and cluster security
• Implement and maintain admission control, network policies, and runtime security tooling
• Partner with engineering teams on deployment patterns and container security
• Build and maintain secure, automated deployment pipelines (GitHub Actions)
• Integrate SAST, dependency scanning, secrets detection, and container image scanning into the SDLC
• Drive shift-left security practices across the engineering organization
• Maintain and improve security controls aligned to CJIS Security Policy and SOC 2 Trust Services Criteria
• Effectively and efficiently triage or resolve security alerts by working with engineering teams and/or committing code yourself
• Manage vulnerability management workflows, prioritization, and remediation tracking
• Support audit preparation, evidence collection, and control documentation
• Monitor for threats and respond to security findings across cloud, application, and endpoint layers
• Enforce and maintain software supply chain security across the organization
• Serve as an on-call responder for infrastructure and security incidents
• Drive post-incident reviews and own follow-up remediation items
• Develop and refine runbooks, alerting, and on-call procedures
• Identify and implement automation opportunities that reduce manual operational toil
• Contribute to AI-assisted operations initiatives, including agentic workflows and observability improvements
• Apply security controls to AI tooling and LLM-integrated systems as they are introduced

Benefits

• A competitive salary and benefits package
• Unlimited Paid Time Off
• Ability to work in a fully remote environment (must be based in the U.S. and willing to work in Central Time Zone)
• Summer Half-Day Fridays
• Freed Up Fridays during Spring, Fall, and Winter months to promote productivity and dedicated heads-down work time
• Medical, dental, and vision plan offerings along with 401(k)
• Employer-paid Short-Term Disability, Long-Term Disability, and Life Insurance
• Other Voluntary Benefits include additional Life Insurance, Spouse Life Insurance, and Accident Insurance
• The satisfaction that comes with being part of a solution that has real impact in the world
• A diverse workforce and inclusive environment that embraces unique contributions and experiences
• An empowered culture that encourages creativity and professional growth