VantageScore
About The Role
We are seeking an experienced Site Reliability Engineer (SRE) with a strong focus on DevSecOps to join our growing engineering team. In this role, you will oversee and maintain the reliability, security posture, and operational hygiene of our cloud infrastructure, APIs, and software supply chain. You will drive patch management programs, harden our Cloud infrastructure, and maintain our code repositories to ensure all systems remain compliant, secure, and scalable.
This role is ideal for an engineer who thrives at the intersection of operations and security, is passionate about automation, and takes pride in keeping complex environments clean, auditable, and resilient.
Key Responsibilities
- Own and execute end-to-end patch management across AWS compute resources (EC2, ECS, Lambda runtimes, EKS nodes), third-party dependencies, and OS-level packages.
- Monitor, triage, and remediate vulnerabilities identified by security scanning tools (e.g., AWS Inspector, Dependabot, Security Hub, or equivalent), prioritizing by CVSS severity and business impact.
- Maintain and enforce branch protection rules, secret scanning policies, and dependency update workflows across all code repositories.
- Design and implement automated pipelines for continuous compliance checking, security testing (SAST/DAST/SCA), and infrastructure drift detection.
- Collaborate with IT & Info-Sec SMEs on AWS IAM roles and policies, VPC configurations, Security Groups, CloudTrail, Config, and GuardDuty to ensure least-privilege access and auditability.
- Collaborate with development teams to embed security controls into CI/CD pipelines (GitHub Actions, CodePipeline, or equivalent) without impeding developer velocity.
- Support the reliability and availability of production APIs — including uptime monitoring, incident response, runbook creation, and post-incident reviews.
- Partner with Legal and Data Governance SMEs on API access procedures and monitoring.
- Define and track SLOs/SLAs for internal and external APIs; implement alerting and dashboards using observability tooling (e.g., CloudWatch, Datadog, Grafana).
- Lead periodic infrastructure and dependency audits; produce clear reports on patch compliance status and open risk items for engineering and security leadership.
- Maintain thorough documentation of patching schedules, runbooks, access policies, and environment configurations.
- Participate in on-call rotation and contribute to a culture of continuous improvement.
Required Qualifications
- Bachelor’s Degree in Computer Science, Information Systems, or a related field (or equivalent practical experience).
- 5+ years of professional experience in a Site Reliability Engineering, Software Engineering, DevOps, or DevSecOps role.
- Demonstrated expertise managing AWS environments — including EC2, Lambda, ECS/EKS, S3, RDS, IAM, VPC, CloudTrail, Config, and GuardDuty.
- Experience with various cloud environments: AWS, Azure, GPC
- Strong experience with GitHub administration: branch protection, Actions workflows, secret scanning, Dependabot, and code owners.
- Hands-on experience with patch management and vulnerability remediation at scale, including OS-level patching (Amazon Linux, Ubuntu) and dependency lifecycle management.
- Proficiency with infrastructure-as-code tools (Terraform, CloudFormation, or AWS CDK).
- Experience integrating security tooling (SAST, DAST, SCA, container scanning) into CI/CD pipelines.
- Solid understanding of API reliability patterns: health checks, rate limiting, circuit breakers, and observability.
- Familiarity with compliance frameworks relevant to cloud environments (SOC 2, CIS Benchmarks, NIST CSF).
- Strong scripting skills in Python, Bash, or similar for automation and tooling.
- Excellent communication skills and ability to translate technical risk for non-technical stakeholders.
- Build observation (logging, metrics, alerting) systems to make sure system works well, and develop response plans.
Preferred Qualifications
- AWS certifications (e.g., AWS Certified Security – Specialty, AWS Certified DevOps Engineer – Professional).
- Experience with container security and Kubernetes (EKS) hardening.
- Familiarity with CSPM tools (e.g., Wiz, Prisma Cloud, AWS Security Hub) for continuous cloud posture management.
- Experience managing API gateways (AWS API Gateway, Kong, or similar) including security policy enforcement.
- Exposure to secrets management solutions (AWS Secrets Manager, HashiCorp Vault).
- Knowledge of SBOM (Software Bill of Materials) generation and management.
- Experience with incident response playbooks and tabletop exercises.
- Familiarity with Agile/Scrum methodologies and cross-functional engineering teams.
Compensation
The anticipated base salary range for this position is $150,000 annually, plus eligibility for a 15% annual performance bonus. Actual compensation will be determined based on several factors, including skills, experience, education, certifications, and geographic location.
In addition to base salary and bonus eligibility, we offer a competitive benefits package, including medical, dental, vision, 401(k), paid time off, and other employee benefits.
To apply for this job please visit job-boards.greenhouse.io.
Terms used in this posting
- on-call
- You may be required to be reachable and available to work outside normal scheduled hours, typically for a set rotation.
Explore VantageScore online
Working in San Francisco, California
Weather right now in San Francisco, California: checking… · Local time: · Air quality: · Daylight: · UV index:
San Francisco, officially the City and County of San Francisco, is the fourth-most populous city in California and the 17th-most populous in the United States, with a population of 826,079 in 2025. Among U.S. cities with a population of 200,000 or more, San Francisco is ranked first by per capita income, second by population density, and sixth by aggregate income as of 2024. Some 4.6 million residents live in the city's metropolitan statistical area, which is the 13th-largest in the United States. Around 9.2 million live in the San Jose–San Francisco–Oakland combined statistical area, the fift
California is a U.S. state in the Western United States that lies on the Pacific Coast. It borders Oregon to the north, and Nevada and Arizona to the east; it also shares an international border with the Mexican state of Baja California to the south. With over 39 million residents across an area of 163,696 square miles (423,970 km2), it is the largest U.S. state by population and third-largest by
🇨🇦 Relocation safety for Canada: Very Safe — via Warnely, CC BY 4.0
National unemployment rate in Canada: 6.9% — via World Bank
Recent seismic activity: 2 earthquakes (M4.5+) within 200km in the last 6 months — largest M5.6 near 11 km N of Redwood Valley, CA. via USGS
- Elevation 38m (125 ft)
Source: Wikipedia (state)
Market context
- Similar listings in San Francisco, CA 1
Job details above are provided by the employer/source. The sections on this page are compiled from public data sources with AI assistance.
Accommodations: if you need a workplace accommodation to apply for or perform this job, see ADA.gov or EEOC.gov for guidance on your rights and how to request one.
Keep exploring on Get A Job.ai
Not quite the right fit? Your next opportunity is a click away.
- Browse all jobs
- More jobs by category
- Remote jobs you can do from anywhere
- Research typical pay for this role
- Set a job alert so new matches reach you first
- Upload your resume to apply faster
Hiring instead? Post a job and reach candidates searching right now.
