[Hiring] Staff DevSecOps Engineer @Counterpart

Role Description

As a Staff Engineer, DevSecOps, you own Counterpart's security posture. Traditional security was designed for a human-to-system world. As we scale an increasingly agentic stack, that model breaks. Agents acting on behalf of humans introduce new attack surfaces, trust boundaries, and failure modes that require a fundamental redesign of how we think about security. You are the person who leads that redesign. You are the internal authority on security and compliance, own IT operations end-to-end, and you act as a hands-on member of the DevOps team building and securing our platform infrastructure. You build on our SOC 2 Type 2 and HIPAA foundations, extending them as the threat surface evolves. This role is the foundation of our in-house security function.

• Own the organization's security posture.
• Define, implement, and maintain the controls, policies, and practices that keep Counterpart secure across human and agentic interactions.
• Own our SOC 2 Type 2 and HIPAA compliance programs.
• Manage and automate audits, maintain evidence, and extend our compliance posture as the business and the threat surface grow.
• Stay ahead of emerging threats and regulations.
• Continuously evaluate our security posture against new attack vectors, including data poisoning, adversarial inputs, and agent hijacking.
• Track how AI security standards and regulatory requirements are evolving and get ahead of them before they become mandatory.
• Own IT operations end-to-end, from onboarding to offboarding.
• Manage and automate device procurement and provisioning, access controls, identity management, and the internal tooling stack.
• Own platform infrastructure security as a hands-on member of the DevOps team.
• Build and maintain sandbox architecture that allows safe experimentation without risking production systems.
• Design and implement secure environments for AI agent workloads, including trust boundaries, defenses against prompt injection, data exfiltration, and other unexpected behaviors.

Qualifications

• 10+ years in DevSecOps, security engineering, or a combination of DevOps, security, and IT roles.
• Hands-on experience with cloud infrastructure and security on AWS.
• Experience owning or co-owning SOC 2 and HIPAA compliance programs, not just contributing to them.
• Experience managing IT operations, including device management, identity and access management, and internal tooling.
• A solid foundation in security frameworks and compliance standards, including hands-on familiarity with AI agent risks such as prompt injection, data poisoning, and adversarial inputs.
• The ability to communicate security risks clearly to non-technical stakeholders and translate compliance requirements into engineering decisions.
• The drive to build a security function from the ground up and grow into owning it fully.
• Domain curiosity about insurance.
• Experience working with distributed, remote teams.

Benefits

• Unlimited Vacation: We offer flexible time off, allowing you to take time when you need it.
• Work from Anywhere: Counterpart is a fully distributed company, meaning there is no office.
• Stock Options
• Health, Dental, and Vision Coverage
• 401(k) Retirement Plan
• Parental Leave
• Home Office Allowance: to set up your home office with the necessary equipment and accessories.
• Book stipend
• Professional Development Reimbursement
• No working birthdays: Take your birthday off, giving you the opportunity to relax, enjoy your special day, and spend time with loved ones.
• Charitable Contribution Matching

Company Description

Counterpart believes in small businesses and is dedicated to helping them do more with less risk. By pairing leading insurance experts with cutting-edge technology, Counterpart empowers small business owners to grow with confidence. Exceptional underwriters, trusted insurance brokers, and prominent insurance carriers come together on the Counterpart platform to support small businesses by providing AI-driven management and professional liability underwriting and claims services.