Principal DevSecOps Engineer
Second Front SystemsSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
TechnologyIndustries
Requirements
- Successful candidates often come from senior engineering roles and are experienced in leading complex projects, mentoring peers, and making architectural contributions across teams (L3 opportunity)
- Autonomous and highly organized, thriving in a fast-moving environment
- Passionate about enabling secure cloud engineering without blocking developer velocity
- Intellectually curious, always experimenting with new concepts/tools
Responsibilities
- Design, implement, and continuously improve security controls in AWS, including IAM policies, VPC network segmentation, Security Groups, and secure service configuration (e.g., S3, RDS, Lambda)
- Own WAF management (Cloudflare WAF) — authoring rules, tuning managed rulesets, and monitoring attacks
- Integrate automated security guardrails into CI/CD pipelines (GitHub Actions) for IaC, container images, and serverless deployments
- Implement and enforce Infrastructure-as-Code (IaC) security scanning using tools such as tfsec, Trivy, Checkov, or Terrascan, with gating for critical findings
- Lead container and orchestration security for Docker and Kubernetes/EKS, including image scanning, admission controls, runtime monitoring (Falco), and benchmark enforcement (kube-bench)
- Establish and operate secrets-management best practices using tools like HashiCorp Vault, AWS Secrets Manager, or SOPS, ensuring least-privilege access
- Deploy, tune, and maintain AWS security services — GuardDuty, Security Hub, Config, CloudTrail, IAM Access Analyzer — for continuous detection and compliance
- Conduct cloud threat modeling and risk assessments (STRIDE, AWS Well-Architected Framework) to identify gaps and prioritize mitigations
- Automate security compliance reporting against frameworks such as CIS Benchmarks and NIST 800-53 using IaC and policy-as-code (e.g., Open Policy Agent)
- Collaborate with infrastructure and product engineering teams to embed security early and unblock delivery velocity
Skills
AWS
DevSecOps
CI/CD
Cloud Security
Infrastructure Security
Envoy
Workplace technology for visitor and space management
About Envoy
Envoy provides a platform that improves safety, flexibility, and guest experiences in office settings. Its main services include visitor management, which simplifies the check-in process for guests, and workplace management, which helps organizations use their space more effectively while adhering to safety standards. The platform allows for visitor pre-registration, health questionnaires, desk booking, and offers real-time analytics to enhance the workplace experience. Envoy operates on a subscription model with tiered pricing to meet the needs of various clients, including corporate offices and co-working spaces. What sets Envoy apart from competitors is its focus on user-friendly design and comprehensive functionality, addressing the increasing demand for secure and adaptable workplace solutions. The company's goal is to create a seamless and secure environment for businesses, especially in light of changing work patterns and heightened health concerns.
San Francisco, CaliforniaHeadquarters
2013Year Founded
$194.7MTotal Funding
SERIES_CCompany Stage
Enterprise Software, HealthcareIndustries
201-500Employees
Benefits
Health Insurance
Dental Insurance
Vision Insurance
401(k) Company Match
Paid Vacation
Paid Sick Leave
Paid Holidays
Risks
Increased competition from startups offering similar solutions at lower costs threatens market share.
Data privacy concerns may arise from managing sensitive visitor and employee information.
Economic downturns could reduce corporate investment in workplace technology, affecting revenue.
Differentiation
Envoy offers a comprehensive platform integrating people, spaces, and data for workplace management.
The company provides unique features like data-enriched workplace maps and dynamic space recommendations.
Envoy's focus on security solutions includes visitor recognition and self-serve mobile sign-in.
Upsides
Envoy's new features enhance space utilization and employee experience for return-to-office success.
The appointment of experienced leaders like George Mogannam and Cormac Twomey boosts growth potential.
High workspace utilization correlates with 38% higher employee retention and 24% revenue growth.
Related Jobs
RemoteRemoteStaff Cloud Security Engineer
Assured$190,000 - $220,000/year
- Full Time
- Senior (5 to 8 years)
RemoteInfrastructure Engineer
Hatch ITSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Application Security Engineer
M&T BankSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteLead AWS DevOps Engineer
Research InnovationsSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteManager, Engineering (Guarded Containers)
ChainguardSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteStaff Infrastructure Security Software Engineer (Remote)
QuoraSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSenior Network Security Engineer
Flock Safety$130,000 - $170,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)