Senior DevSecOps Engineer

TL;DR

Senior DevSecOps Engineer (Azure): Lead management and optimization of hirify.global’s Azure-based infrastructure across commercial and FedRAMP regions with an accent on secure, scalable platform architecture and compliance automation. Focus on building and evolving Terraform/Terragrunt IaC and CI/CD security gates, supporting FedRAMP authorization activities, and remediating CVEs to maintain continuous monitoring.

Location: U.S. citizenship required; residing and working from within the United States. Candidate must be local within the Seattle area and available to work until 6pm Pacific daily.

Salary: $164,000–$200,000 USD

Company

hirify.global builds a software platform for Governance, Risk, and Compliance (GRC) to help organizations operate programs with higher effectiveness and accountability.

What you will do

• Develop and execute DevOps strategy across hirify.global regions, including FedRAMP-authorized environments.
• Own and evolve Terraform/Terragrunt IaC pipelines for multi-subscription promotion with continuous monitoring.
• Architect secure, scalable infrastructure and CI/CD pipelines (GitHub Actions, GitLab, ADO) with security gates, Kubernetes environments, observability, and compliance automation.
• Support FedRAMP authorization and continuous monitoring activities (SSP documentation, NIST 800-53 control implementations, 3PAO coordination, readiness assessments).
• Design and implement a Seattle-based on-premise build/test platform with SOC 2-aligned security and parity to AKS patterns.
• Establish security/compliance architecture patterns (encryption, segmentation, secrets management, supply chain security, incident response) and remediate CVEs across infrastructure, container images, and dependencies.

Requirements

• U.S. citizenship and ability to reside and work from within the United States; access to FedRAMP-authorized environments from outside the U.S. is not permitted.
• 5+ years of experience in SRE, DevSecOps, or Platform engineering with a focus on Azure-based infrastructure.
• Strong programming skills (Python, Bash, Go, or Node.js) and ability to drive initiatives from architecture through production.
• Expertise in Kubernetes security, infrastructure-as-code (Terraform/Terragrunt), GitOps (Helm/ArgoCD/Flux), Ansible, CI/CD security, observability, and secrets management.
• Familiarity with compliance standards and regulations, especially NIST 800-53 and FedRAMP.
• Excellent communication and collaboration skills for cross-functional work.

Nice to have

• Experience contributing to FedRAMP authorization efforts (Moderate or High), including SSP documentation, control implementation, or 3PAO coordination.
• Experience with Azure networking and security boundaries.
• Experience with compliance automation, supply chain security (SBOM, image signing), and secrets management at scale.
• Certifications such as CISSP, Azure Security Specialty, CKS, or equivalent.
• Experience with CMMC, OSCAL, compliance-as-code, and vulnerability scanning/remediation tools (e.g., Trivy, Snyk, Qualys, Defender for Cloud).

Culture & Benefits

• Fully remote work environment with annual in-person events and quarterly in-person connects.
• Unlimited PTO (encouraged to unplug and recharge).
• Health coverage for medical, dental, and vision for employees and dependents.
• 401K with immediate vesting and a 4% company match; annual compensation reviews and equity.
• 12 weeks of parental leave and a home office stipend ($500 at hire) plus a $100 quarterly paid wellness stipend.
• Slack notifications turn off after 5pm based on your time zone; two company-wide rest weeks (July & Dec).

Hiring process

• 30-minute initial chat with the Principal People & Talent Partner.
• Take-home assessment completed in GitHub.
• Three 60-minute 1:1 interviews with engineering team members, including the hiring manager.