DevSecOps Engineer

About the Role

We are looking for a security-focused, automation-driven DevSecOps Engineer to embed security across every stage of the software development lifecycle. This is a shift-left security role where security is integrated directly into coding, testing, deployment, and production operations.

You will work at the intersection of development, security, and operations, ensuring that LockedIn AI’s infrastructure and AI systems remain secure, scalable, and resilient while maintaining fast delivery cycles.

Key Responsibilities

Secure CI/CD & Automation

• Design and maintain security-first CI/CD pipelines
• Integrate SAST, DAST, SCA, and secret scanning into deployment workflows
• Enforce security gates with automated remediation guidance
• Implement secure deployment strategies including canary and blue-green releases

Application & Infrastructure Security

• Conduct security reviews, threat modeling, and architecture analysis
• Secure cloud infrastructure across AWS, GCP, or Azure
• Harden Kubernetes clusters, container images, and runtime environments
• Manage Infrastructure as Code security using Terraform or similar tools
• Implement secrets management and access control systems

Monitoring & Incident Response

• Build security monitoring systems using SIEM and log aggregation tools
• Detect and respond to security incidents and vulnerabilities in real time
• Participate in on-call rotations and incident resolution
• Develop detection rules and automated response workflows

Vulnerability & Compliance Management

• Manage full vulnerability lifecycle from detection to remediation
• Perform continuous scanning across code, infrastructure, and dependencies
• Support compliance readiness and security documentation
• Prioritize fixes based on real-world threat intelligence

Security Culture & Collaboration

• Promote “security as code” across engineering teams
• Deliver security training and best practices to developers
• Collaborate with engineering, product, and leadership teams
• Continuously improve security systems and automation

Required Qualifications

• 3+ years experience in DevSecOps, security engineering, or DevOps roles
• Strong experience with CI/CD security integration
• Hands-on cloud security experience (AWS, GCP, or Azure)
• Strong Kubernetes and container security expertise
• Experience with Infrastructure as Code tools (Terraform, Pulumi, etc.)
• Familiarity with security tools (SAST, DAST, SCA, SIEM platforms)
• Proficiency in Python, Go, or Bash for automation
• Experience working in fast-paced startup or high-growth environments

Preferred Qualifications

• Experience securing AI/ML systems or LLM-based applications
• Knowledge of WAF, RASP, and API security
• Familiarity with SOC 2, ISO 27001, or GDPR frameworks
• Experience in supply chain security and SBOM practices
• Contributions to open-source security tools or research
• Background in SaaS, edtech, or career tech platforms

What We Offer

• Competitive compensation and early-stage equity
• High-impact role on a product used by over 1 million users
• Remote-first flexibility with optional NYC collaboration
• Fast-paced environment focused on shipping and learning
• Ownership of core security infrastructure and strategy

Why Join LockedIn AI

LockedIn AI is building a category-defining AI copilot that helps users perform better in live interviews, coding tests, and professional communication scenarios. Security is critical to our mission, and this role ensures that trust, reliability, and protection scale alongside our growth.

How to Apply

Candidates should submit:

• Resume or CV
• Short note on why you want to join LockedIn AI
• Optional: GitHub, portfolio, or technical writing