Senior DevSecOps Engineer, BillionToOne

• The ideal candidate will have a strong background in both security and system administration, with expertise in AWS infrastructure and the ability to automate security controls, monitor vulnerabilities, and implement secure coding practices across the entire software development lifecycle
• Bachelor’s degree in Computer Science, Engineering, or related field or equivalent relevant years of experience
• 6–10 years of experience in DevOps, DevSecOps, or related roles
• Deep expertise with AWS cloud services and cloud-native security tools
• Proficiency with container orchestration (Kubernetes, Docker)
• Strong scripting/programming skills (Python, Bash, or Go)
• Experience with version control tools (Git, Bitbucket, SVN, or CVS)
• Solid background in Linux and Windows administration, networking, databases, and data center operations
• Strong understanding of security protocols and secure system design
• Excellent problem-solving, troubleshooting, and communication abilities—able to clearly and concisely express multifaceted technical concepts
• Demonstrated ability to work independently with minimal oversight while driving projects to completion

Desirable

• We are seeking a highly skilled Senior DevOps Engineer to help us integrate security practices within our DevOps pipeline while managing and developing secure, scalable solutions on Amazon Web Services (AWS)
• You will work closely with development, operations, and security teams to ensure that our products and infrastructure are secure, resilient, and compliant
• AWS Infrastructure Management: Design, build, and maintain scalable, secure infrastructure on AWS, leveraging services like EC2, ECS/EKS, Lambda, RDS, S3, VPC, IAM, and Route 53
• Infrastructure as Code (IaC): Automate provisioning and management using Terraform, CloudFormation, or Ansible; ensure infrastructure is defined, versioned, and secured according to best practices
• CI/CD Pipeline Security: Implement and secure continuous integration and deployment pipelines, ensuring security in every stage from development through production
• Security Integration: Integrate security practices into the development lifecycle—baking in secure coding, vulnerability monitoring, and automated controls across the SDLC
• Monitoring & Observability: Develop and maintain dashboards and alerts using DataDog, AWS CloudWatch, CloudTrail, GuardDuty, and Config; track vulnerabilities, incidents, and system performance
• Day-to-Day Operations: Support user account management, troubleshooting, and system monitoring to ensure uptime and reliability
• Collaboration: Partner with development, operations, and security teams to define and enforce security best practices, policies, and procedures
• Incident Response: Assist with detection, analysis, and response efforts to resolve issues quickly and thoroughly
• Compliance & Governance: Ensure environments comply with industry regulations and internal security policies (HIPAA, SOC 2, GDPR, PCI DSS, CLIA, CAP)