DevSecOps Engineer

At Authentic8, we empower organizations to redefine how digital investigations are conducted in an increasingly complex online world. With Silo for Research, our industry-leading solution, we enable secure and anonymous investigations across the surface, deep, and dark web—helping national security, defense, law enforcement, and enterprises uncover critical insights while staying protected. Designed from the ground up with zero-trust principles and built on globally scaled infrastructure, Silo for Research addresses today's toughest cybersecurity challenges, allowing investigators to work smarter, faster, and safer. Trusted by more than 700 customers worldwide, our platform transforms how intelligence work is done. Join us, and be part of a mission to protect and empower those who safeguard our world. From our collaborative teams to our cutting-edge technology, we’re not just building solutions—we’re shaping the future of digital investigations.

Responsibilities:

• IOC Monitoring & Incident Response: Keep Icinga, Grafana, and LogRhythm dashboards visible and acted upon at all times, detect, triage, and resolve service or security anomalies; lead first-line response and publish station logs and FLASH/SitRep updates during active incidents.
• Security Operations: Perform vulnerability scanning, configuration hardening, and security impact assessments (SIA) for planned changes and develop and tune security detection use-cases; investigate alerts to conclusion.
• Technical Operations: Execute patching, build-system management, release deployments, DNS and capacity changes, and routine maintenance windows and own change-management tickets through CCB approval and post-deployment verification.
• Code, Automation & Tooling: Write or enhance infrastructure-as-code, CI/CD pipelines, monitoring plugins, and remediation scripts to eliminate toil and follow the SDLC: branch, peer-review, test in QA, and tag in GitLab before Production rollout.
• Project & Sprint Work: Deliver project tasks, tuning tickets, and cross-functional requests in weekly sprints and participate in backlog grooming, sprint planning, retrospectives, and daily SitRep meetings.
• On-Call Rotation: Serve as primary/secondary on-call outside business hours; acknowledge PagerDuty alerts within 15 minutes and drive resolution or escalation.
• Documentation & Compliance Support: Create/maintain runbooks, SOPs, and system documentation; gather evidence for FedRAMP, SOC 2, PCI-DSS and other audits.

Qualifications:

• Bachelor’s degree or equivalent experience.
• 3 + years hands-on experience in DevSecOps, SRE, security engineering, or systems reliability roles.
• Proficiency with Linux (Ubuntu preferred), GitLab, CI/CD, configuration management (Chef or similar), and one or more scripting languages (Python, Bash, Ruby).
• Working knowledge of monitoring/alerting stacks (Grafana, Icinga) and incident platforms (PagerDuty).
• Familiarity with security frameworks and hardening standards (NIST 800-53/171, CIS benchmarks, FedRAMP).
• Clear, concise communicator able to write actionable incident timelines and technical runbooks.

Desired:

• Cloud experience with GCP and/or AWS (compute, networking, IAM, security services).
• Certifications: SECOPS/SRE (GCP Professional DevOps, Linux Foundation KCNA/Kubernetes), Security (CISSP, GCIH), or Cloud/Infra (CKA, RHCE).
• Prior participation in 24 × 7 operations centers or regulated SaaS environments.
• Experience building dashboards for SLI/SLO monitoring and error-budget tracking.

Salary Range:

$110,000 - $140,000 + Bonus & Equity