DevSecOps Engineer – Aspect Build

We’re seeking a DevSecOps Engineer to own and evolve the security, compliance, and reliability posture of Aspect Build’s infrastructure and release processes. In this role, you’ll work across the full stack of our cloud platform, self-hosted products, and internal systems—ensuring they are secure, compliant, and continuously improving.

You’ll lead initiatives in SOC 2 compliance, secure release engineering, infrastructure hardening, and automated monitoring, helping us scale our operations confidently while maintaining customer trust and regulatory alignment.

Security & Compliance

• Lead and maintain SOC 2 Type II compliance, including audit readiness, evidence collection, and control implementation.
  
• Define and automate security policies for access management, secrets handling, and data protection.
  
• Collaborate with leadership to evolve security practices, threat modeling, and incident response procedures.
  
• Manage vulnerability scanning, dependency management, and patch pipelines across environments.
  
• Ensure compliance with customer and industry standards for cloud and on-premise deployments.
  

Release Engineering

• Design and maintain secure, automated build and release pipelines for Aspect Build’s commercial and open-source software.
  
• Enforce supply chain security best practices, including signed releases and reproducible builds.
  
• Integrate code quality, testing, and artifact verification into CI/CD pipelines (e.g., Bazel, GitHub Actions).
  
• Coordinate with engineering teams on versioning, changelogs, and secure deployment workflows.
  

Infrastructure Security & Reliability

• Manage and secure Aspect Build’s multi-cloud infrastructure (GCP, AWS, etc.) and self-hosted product environments.
  
• Implement zero-trust principles, network segmentation, and least-privilege configurations.
  
• Automate infrastructure provisioning and monitoring using IaC tools (Terraform, Helm, Kubernetes).
  
• Lead internal reviews, penetration test coordination, and continuous improvement of observability and resilience.

Required:

• 5+ years of experience in DevOps, Site Reliability Engineering, Release Engineering or Security Engineering roles.
  
• Proven experience implementing SOC 2 Type II or similar compliance frameworks (ISO 27001, FedRAMP, etc.).
  
• Strong expertise in cloud infrastructure security (AWS or GCP), containerization (Kubernetes, Docker), and IaC tools.
  
• Hands-on experience managing CI/CD pipelines and release automation for complex software systems.
  
• Familiarity with Bazel, GitHub Actions, or equivalent build tools.
  
• Proficiency in Python, Go, or Bash scripting for automation and tooling.
  
• Excellent documentation, communication, and cross-functional collaboration skills.
  

Preferred:

• Background securing developer infrastructure or build/release systems.
  
• Experience with self-hosted enterprise software and hybrid deployment models.
  
• Knowledge of supply chain security frameworks (SLSA, SBOMs, code signing).
  
• Familiarity with monitoring and observability stacks (Prometheus, Grafana, OpenTelemetry).
  
• Contributions to open-source security or infrastructure projects.

• Be part of a world-class engineering team shaping the next generation of build systems and developer platforms.
  
• Work directly on the infrastructure that enables reproducible, secure, and high-performance builds for top engineering organizations.
  
• Remote-first, engineering-led culture with deep open-source roots
• Competitive compensation, meaningful equity, and strong benefits.