Find The RightJob.

Senior DevSecOps Engineer

This position reports to: Director of Engineering

Overview: At Atlas Travel & Technology Group, our purpose is to Stand-Up, Stand-Out. To do something every day that makes the next day better for all. We value creativity to build new paths forward, collaborate respectfully, have the drive to get up and do it, open ourselves to grow, do what we say, love what we do, and have fun along the way. This is who we are, our culture.

Atlas Travel is a technology-driven corporate travel management company operating at the intersection of travel, payments, and embedded finance. As we continue scaling our engineering organization and financial services platform, we’re looking for a Senior DevSecOps Engineer to help build the infrastructure, security, and operational foundations that support the next stage of growth.

This is a high-autonomy, greenfield role. You’ll be our first dedicated DevSecOps engineer, responsible for improving the reliability, security, scalability, and cost efficiency of our cloud environment and delivery pipelines. You’ll work across engineering and IT to establish operational standards, automate security and compliance workflows, and build the tooling and processes that allow teams to move quickly without compromising security or stability.

Foundational tooling and platforms already exist, but the operational maturity, automation, governance, and standardization behind them are still evolving. This role is responsible for helping turn a growing engineering environment into a scalable, reliable, and audit-ready platform.

You’ll sit within Engineering with a dotted line to IT, partnering closely with teams that build software, operate infrastructure, and manage sensitive customer and financial data.

Responsibilities and Duties:

Platform & Infrastructure Engineering

Build and evolve infrastructure standards across our Google Cloud Platform environments.
Manage infrastructure-as-code using Terraform and improve consistency, reliability, and repeatability across environments.
Build and maintain CI/CD pipelines in GitHub Actions to improve deployment reliability, release velocity, and developer experience.
Operate and optimize containerized workloads using Docker and Kubernetes.
Improve observability, operational monitoring, and production reliability across systems and services.

Security Operations & Hardening

Improve the security posture of our cloud and application environments through hardening, automation, and continuous remediation.
Establish and operate a vulnerability management program with defined remediation SLAs and measurable operational reporting.
Deploy and maintain endpoint protection and detection tooling, including SentinelOne.
Partner with engineering teams to remediate infrastructure and application security findings.
Implement and operationalize security controls supporting PCI, SOC 2, and ISO 27001 requirements.
Improve logging, alerting, and threat detection capabilities across the environment.

Identity & Access Management

Administer and improve our Okta environment in partnership with IT, including SSO configuration, lifecycle automation, provisioning workflows, and access policy enforcement.
Build and automate access review and audit workflows that improve governance while reducing manual overhead.
Help evaluate and implement security and governance tooling that improves visibility, auditability, and operational maturity.

Incident Response & Security Engineering

Lead technical investigations into security and infrastructure incidents, including triage, containment, root cause analysis, and remediation.
Develop runbooks and operational procedures that improve response consistency and reduce recovery time.
Coordinate and support external penetration testing engagements and drive remediation efforts through closure.
Partner with engineering teams to improve resilience and reduce recurring operational and security risks.

Cloud Cost & Environment Optimization

Improve visibility into cloud spend through tagging, reporting, alerting, and budgeting practices.
Identify opportunities for rightsizing, waste reduction, and operational efficiency across our GCP environment.
Partner with engineering leadership to ensure infrastructure scales predictably and cost-effectively.

What Success Looks Like

Cloud infrastructure is reliable, well-governed, and operationally consistent across environments.
CI/CD pipelines are fast, stable, and reduce friction for engineering teams shipping code.
Vulnerabilities are identified quickly, prioritized consistently, and remediated within defined SLAs.
Security controls and operational practices support ongoing PCI, SOC 2, and ISO 27001 compliance efforts without excessive manual effort.
Logging, monitoring, and incident response processes are mature, actionable, and well-documented.
Cloud spend is predictable, attributed, and trending efficiently over time.
Infrastructure, security, and operational decisions are documented and scalable beyond any one individual.

Skills/Qualifications:

Required:

5+ years of hands-on experience in DevOps, Platform Engineering, or DevSecOps roles supporting production environments.
Strong experience operating cloud infrastructure in GCP, AWS, or Azure, including provisioning, networking, IAM, monitoring, and cost management.
Experience building and maintaining CI/CD pipelines using GitHub Actions or comparable tooling.
Hands-on experience with Terraform, Docker, and Kubernetes in production environments.
Experience implementing security tooling, vulnerability management processes, and operational remediation workflows.
Experience administering Okta or a comparable enterprise identity provider.
Experience supporting or implementing security and compliance controls aligned to PCI, SOC 2, ISO 27001, or similar frameworks.
Strong troubleshooting, incident response, and operational problem-solving skills.
Ability to work cross-functionally with engineering, IT, and leadership teams.

Preferred:

Direct experience operating workloads in Google Cloud Platform.
Experience with SentinelOne or comparable endpoint security platforms.
Experience supporting regulated or fintech environments handling sensitive financial or customer data.
Experience building or maturing infrastructure and security practices in a growing engineering organization.
Familiarity with SIEM platforms, centralized logging, and threat detection workflows.
Experience improving cloud cost governance and operational efficiency at scale.

Core Competencies:

Core Competencies identify behaviors and skills all employees are expected to demonstrate to carry out the mission and goals of the company

Initiative and Creativity
Judgment
Cooperation / Teamwork
Quality of Work
Reliability
Support Diversity / CSR

Why This Role Matters

This role has strong executive sponsorship and broad organizational visibility. Infrastructure reliability, operational maturity, security posture, and compliance readiness are strategic priorities for the business, and this role will directly influence how those capabilities evolve over the coming years.

The right person for this role is someone who enjoys building, improving, and owning systems that make engineering organizations more secure, scalable, and effective.

Language Skills:
Ability, to communicate in standard business English both written and spoken. Ability to read and comprehend simple instructions, correspondence and memos. Ability to effectively present information in one-on-one, small group situations to customers, clients and other employees of the organization.

Physical and Mental Demands:

The requirements described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Requires an adequate range of body motion and mobility to enable the individual to perform the essential functions of the job.
Requires ability to remain in a stationary position for prolonged periods of time throughout the workday.
Requires ability to move about to access file cabinets, office equipment, etc.
Requires ability to operate a computer, telecommunication devices and other office equipment for prolonged periods of time throughout the workday.
Requires ability to express or exchange ideas by means of the spoken word. Talking is important for those activities in which the employee must impart oral information to other employees, clients and customers, in person or via telephone, and in those activities in which they must convey detailed or important spoken instructions and information to others accurately, clearly and quickly.
Requires the ability to perceive the nature of sounds. Hearing is important for those activities that require the ability to receive detailed information through oral communication, in person or via telephone, and to make fine discriminations in sound.
Requires clarity of near vision. This factor is important when special and or minute accuracy is demanded and defective near acuity would adversely affect job performance and/or safety of self and others
Requires the ability to work and cooperate with other employees and clients at all levels and from diverse backgrounds to exchange ideas, information and opinions to facilitate the task at hand.

Travel (for positions requiring travel):

Requires ability to travel by car, plane and train for prolonged periods of time domestically and internationally and to move and transport personal luggage.

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The work environment is a hybrid remote / office environment.

Similar jobs

No similar jobs found

Term of use Privacy policy