Software Engineer, DevSecOps

Siftstack
Marina Del Rey, US
On-siteCareer-pivot friendly

Who this role is best for

Best suited to mid-level security engineers with cloud-native automation experience working in aerospace or defense sectors with partial in-office requirements.

Best fit for

  • Security builders who automate compliance rather than manage checklists.
    — “not just documenting or managing compliance programs
  • Cloud infrastructure specialists comfortable embedding security into IaC and Kubernetes.
    — “embed security guardrails directly into infrastructure-as-code
  • Founding security engineers who thrive in ambiguous, fast-moving environments.
    — “Comfort operating as a founding security engineer

Things to consider

  • Requires twice-weekly in-office presence in Marina Del Rey plus quarterly full weeks.
    — “collaborate in person twice a week—on Mondays and Thursdays
  • US citizenship or permanent residency is mandatory due to ITAR regulations.
    — “Must be a U.S. citizen, lawful permanent resident

How to stand out

  • Show concrete examples of translating compliance frameworks into automated technical controls.
    — “Translate compliance requirements into pragmatic, enforceable technical implementations
  • Highlight security tooling you've built rather than just managed.
    — “bias toward building custom tooling over relying solely on off-the-shelf products
  • Demonstrate how your solutions improved both security and engineering velocity.
    — “ship fast without compromising security
Pace · Fast PacedCollaboration · HighAutonomy · HighDecision Impact · TeamLevel · Mid

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • secure cloud environments
  • automated compliance
  • enhanced security posture
Typical background
security engineeringdevopscloud infrastructure

Skills & requirements

Required

Security EngineeringCloud InfrastructureAutomationScripting

Preferred

PythonGoBash

Stack & domain

PythonGoBashAWSTerraformKubernetesCI/CDSoc 2FedrampCloud InfrastructureSecurity EngineeringDevSecOps

About the role

Original posting from Siftstack via Ashby

ABOUT SIFT

SIFT is the data infrastructure platform for hardware engineering teams. SIFT turns high-frequency telemetry into engineering insights for mission-critical systems. Teams use Sift to build and operate rockets, satellites, autonomous vehicles, energy systems, defense platforms, and more.

Founded by former SpaceX engineers who built the tools behind Dragon and Starlink, Sift is building the data infrastructure to herald the AI era for physical systems.

About the Role

As a Software Engineer, Security Infrastructure, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments.

You will be both hands-on and strategic, building controls, automating compliance, and owning SIFT’s security posture end-to-end, with technical security engineering as the primary focus. You will set the standard for how we protect our systems and data, ensuring resilience against modern threats while partnering with external compliance specialists to meet the requirements of aerospace, defense, and enterprise sectors.

In This Role, You’ll:

  • Build and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across our AWS cloud environments, Kubernetes clusters, and CI/CD pipelines.
  • Develop lightweight internal solutions (e.g., policy-as-code, custom scanners, CI/CD integrations) that make security and compliance automatic, auditable, and invisible to the rest of engineering.
  • Embed security guardrails directly into infrastructure-as-code (Terraform), container orchestration, and deployment workflows so that secure-by-default becomes the path of least resistance.
  • Partner closely with the infrastructure and platform engineering teams to harden cloud-native systems, implement access controls, encryption, logging/monitoring, and vulnerability management at scale.
  • Improve visibility into our overall security posture through automated reporting, dashboards, and real-time observability that highlight risks and control coverage.
  • Translate compliance requirements (SOC 2, FedRAMP, and related frameworks) into pragmatic, enforceable technical implementations rather than manual checklists.
  • Reduce toil by automating security workflows, compliance validation, and remediation so engineering can ship fast without compromising security.
  • Support incident response and post-incident improvements by building better observability and tooling that accelerates detection and recovery.
  • Conduct security reviews of new features, services, and infrastructure changes, providing clear guidance that helps teams design and implement secure solutions.

The Skillset You’ll Bring:

Technical Skills

  • 4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles (founding or early-stage security builder experience strongly preferred).
  • Proven track record shipping production-grade security automation in cloud-native environments (AWS strongly preferred) — not just documenting or managing compliance programs.
  • Deep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems.
  • Strong proficiency in scripting and automation (Python, Go, Bash, or similar) and a bias toward building custom tooling over relying solely on off-the-shelf products.
  • Hands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems — and how to embed security directly into them.
  • Working knowledge across core security domains:
  • Access control, identity management, and least-privilege enforcement
  • Logging, monitoring, auditing, and security observability
  • Encryption, key management, and secrets handling
  • Vulnerability scanning, policy-as-code, and continuous compliance
  • Incident response and change management
  • Ability to quickly assess system state, identify meaningful gaps, and deliver pragmatic, high-impact solutions in a fast-moving environment.
  • Comfort operating as a founding security engineer: you thrive in ambiguity, own standards end-to-end, and focus on enabling velocity while raising the security bar.
  • Strong problem-solving skills with a builder mindset — you enjoy making complex security requirements disappear into clean, automated systems that engineering teams actually love to use.

Location:

SIFT’s headquarters is in Marina Del Rey, CA (Next to LAX). We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. We are open to relocating candidates to LA or working from our San Francisco office for the right candidate.

Salary range: $170,000 - $220,000 per year. Plus equity and benefits.

Eligibility:

U.S. Person Required: Must be a U.S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.

Source: Siftstack careers (Ashby)

Similar roles