Senior DevOps Engineer
SGNLSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Communications, SoftwareIndustries
Requirements
- Advanced technical expertise in integrating security, automation, and observability across software development and infrastructure environments
- Experience executing secure-by-default practices and embedding protection, compliance, and telemetry into CI/CD and cloud operations
- Ability to apply “shift-left” principles to ensure security is built in at every stage of development and deployment
- Proficiency with security tools including SAST, DAST, SCA, IaC scanning, supply-chain scanning, CSPM, CWPP, SIEM, SOAR, EDR/XDR
- Experience with CI/CD pipelines such as GitHub Actions, GitLab CI, Jenkins, ArgoCD, Azure DevOps
- Knowledge of Infrastructure-as-Code (IaC) and Policy-as-Code (PaC) technologies like Terraform, CloudFormation, OPA, Conftest
- Familiarity with observability tools including OpenTelemetry, Prometheus, DataDog, AWS CloudWatch, Sumo Logic
- Expertise in cloud platforms AWS, Azure, and GCP, including CSPM, CWPP, Zero Trust, and workload-protection tools
- Understanding of compliance benchmarks such as CIS, NIST, and FedRAMP
- Ability to collaborate with Security Operations (SecOps), Application Security (AppSec), Governance Risk and Compliance (GRC), Cloud, and Engineering teams
Responsibilities
- Implement, maintain, and optimize security tooling across build, test, and deploy stages (SAST, DAST, SCA, IaC scanning, supply-chain scanning, CSPM, CWPP, SIEM, SOAR, EDR/XDR)
- Build and maintain automated security testing and compliance validation in CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, ArgoCD, Azure DevOps)
- Develop and support reusable automation frameworks and APIs for vulnerability data exchange, control testing, and alerting
- Use IaC and PaC technologies (Terraform, CloudFormation, OPA, Conftest) to continuously enforce governance and compliance controls
- Collaborate with the Application Security team on code scanning, vulnerability triage, and secure code-review automation
- Integrate and maintain unified observability solutions, consolidating metrics, traces, and logs across OpenTelemetry, Prometheus, DataDog, AWS CloudWatch, and Sumo Logic
- Develop and enforce security and performance observability standards for services and environments
- Collaborate with the SecOps team to link security telemetry with detection rules, correlation logic, and automated response systems
- Support metrics collection and dashboards to assess observability coverage and detection performance
- Implement secure configurations and controls across AWS, Azure, and GCP environments using CSPM, CWPP, Zero Trust, and workload-protection tools
- Embed visibility and control baselines into multi-cloud and containerized environments
- Contribute to automation for compliance and configuration validation using CIS, NIST, and FedRAMP benchmarks
- Partner with Cloud and Infrastructure teams to ensure cloud security posture meets enterprise standards
- Collect and report DevSecOps metrics related to vulnerability reduction, automation coverage, observability, and compliance
- Identify opportunities to improve tool integrations, automation pipelines, and detection methods
- Research and pilot emerging technologies, including AI/ML-based threat detection, runtime protection, and automated remediation tools
- Support the implementation of Bandwidth’s AI Security Framework to uphold the security, privacy, and ethical use of AI systems
- Collaborate with Security and Product teams on threat modeling and validation for AI/ML systems, addressing model integrity, prompt injection, data leakage, and bias mitigation
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the salary range for the Senior DevSecOps Engineer position?
This information is not specified in the job description.
Is this Senior DevSecOps Engineer role remote or does it require office work?
This information is not specified in the job description.
What key skills and tools are required for the Senior DevSecOps Engineer role?
Required skills include expertise in security tooling like SAST, DAST, SCA, IaC scanning; CI/CD pipelines with GitHub Actions, GitLab CI, Jenkins, ArgoCD, Azure DevOps; IaC and PaC with Terraform, CloudFormation, OPA, Conftest; observability tools like OpenTelemetry, Prometheus, DataDog; and cloud security across AWS, Azure, GCP.
What is the company culture like at Bandwidth?
Bandwidth celebrates differences and encourages BANDmates to be their authentic selves, with a focus on being part of the BAND where your music matters.
What makes a strong candidate for the Senior DevSecOps Engineer position?
Strong candidates have advanced technical expertise in integrating security, automation, and observability, experience applying shift-left principles, and the ability to collaborate with SecOps, AppSec, GRC, Cloud, and Engineering teams.
Bandwidth
Cloud-based voice and messaging services
About Bandwidth
Bandwidth provides voice, messaging, and emergency services through cloud-based solutions tailored for businesses, including enterprises, service providers, and application developers. Their services allow clients to integrate reliable communication capabilities into their applications and systems. Bandwidth's offerings include voice calling, text messaging, and emergency calling, all designed to ensure high reliability and scalability, which are essential for uninterrupted communication. The company generates revenue through subscription models, where clients pay a recurring fee, and usage-based models, where charges are based on the volume of calls or messages. Regular maintenance and updates are conducted to enhance service performance and reliability. Bandwidth's goal is to deliver dependable communication solutions that meet the evolving needs of businesses in a competitive telecommunications market.
Raleigh, North CarolinaHeadquarters
2005Year Founded
$19.9MTotal Funding
IPOCompany Stage
Enterprise SoftwareIndustries
1,001-5,000Employees
Benefits
100% Medical & Dental Coverage
401(k) & College Savings Plan
PTO with Email Embargo
Free Gym Membership
90 Minute Workout Lunches
Employee Development Opportunities
Risks
Emerging CPaaS providers offering lower-cost services threaten Bandwidth's market share.
Rapid AI advancements may outpace Bandwidth's current capabilities, risking competitive edge loss.
Potential regulatory changes in data privacy laws could increase Bandwidth's compliance costs.
Differentiation
Bandwidth offers a unique owner-operated network with global reach and regulatory expertise.
The company integrates AI-ready capabilities into its cloud communications platform, Maestro.
Bandwidth's focus on secure and compliant communication solutions sets it apart in the market.
Upsides
Growing demand for CPaaS solutions boosts Bandwidth's market potential and revenue growth.
AI-driven communication tools enhance customer experience and operational efficiency for Bandwidth.
5G network expansion globally enhances the quality and speed of Bandwidth's services.
Related Jobs
RemoteRemotePrincipal DevSecOps Engineer
Second Front SystemsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Engineer, IT & Information Security Automation
SmithRxSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Platform Security Engineer
Imagine PediatricsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Cloud Security Engineer
PaytientSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSr. DevOps Architect - Cloud Infrastructure & Security (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)