Senior Security Engineer, DevSecOps jobs in United States
cer-icon
Apply on Employer Site
company-logo

Lila Sciences · 8 hours ago

Senior Security Engineer, DevSecOps

positionCambridge, MA
timeFull-time
remoteOnsite
senioritySenior Level
money$144K/yr - $210K/yr
date5+ years exp

Lila Sciences is the world’s first scientific superintelligence platform and autonomous lab for life, chemistry, and materials science. The Senior DevSecOps Engineer will lead the integration of security best practices into software development and deployment pipelines, focusing on building and maintaining secure CI/CD environments across cloud and on-premises infrastructures.

Artificial Intelligence (AI)Foundational AILife ScienceSoftware
check
H1B Sponsor Likelynote

Responsibilities

Secure CI/CD pipelines with build attestations, provenance (SLSA concepts), code signing, SBOM generation, dependency and secret scanning, and container image hardening
Infrastructure-as-code security (Terraform/Helm) with policy-as-code guardrails (OPA/Kyverno/Checkov) and drift detection, primarily on AWS
Cloud security controls in AWS: IAM least privilege, network segmentation and private endpoints, key/secret management, centralized logging/telemetry, and runtime protections for EKS
Kubernetes runtime security: admission controls and policy engines (Kyverno/OPA Gatekeeper), Pod Security Standards, CIS benchmarks, RBAC and Network Policies, and EDR/agent integrations
Software supply chain safeguards: artifact signing with Sigstore/Cosign, registry governance, vulnerability management and exceptions, and automated remediation
Security embedded in ML/AI and data workflows: secure data movement/storage, encryption and access patterns, lineage, isolation for training/inference, and scanning of ML artifacts/model registries
Threat modeling with platform, ML, and lab engineering for AISF components (APIs, orchestration, lab devices/edge gateways) and implementation of mitigations
Detection-as-code and response playbooks for cloud and Kubernetes integration with SIEM/SOAR; tuning detections to AISF context
Self-service guardrails and “golden paths” (templates, modules, policies) that enable speed with secure defaults and compliance as an outcome
Support for audits and evidence collection for SOC 2/ISO 27001, translating controls into engineering artifacts

Qualification

DevSecOpsAWS securityKubernetes SecurityCI/CD pipelinesPolicy-as-codeSupply chain securityInfrastructure-as-codePythonGoBashSoft skills

Required

Certification in Kubernetes Security
5–8+ years in Security Engineering/DevSecOps with deep experience across CI/CD (GitHub Actions/GitLab CI/Jenkins), cloud, containers, and IaC (Terraform, Helm/Kustomize); demonstrated ownership of secure-by-default pipelines and production Kubernetes hardening
Proficiency with policy-as-code (OPA, Kyverno, Checkov)
AWS security depth across EKS, IAM, KMS, VPC/PrivateLink, ECR, S3, and logging/monitoring stacks; container security including admission control, RBAC, and network policies
Supply chain security experience: SBOMs (CycloneDX/SPDX), image signing (Cosign), and SLSA-aligned provenance; vulnerability and secret scanning (e.g., Trivy/Grype, Dependabot/Renovate)
Strong coding for automation and tooling in Python or Go, plus bash proficiency; experience integrating cloud/K8s telemetry with SIEM/SOAR and building detections

Preferred

Securing ML/AI pipelines (feature stores, model registries, training clusters, inference gateways) and scanning ML artifacts; knowledge of confidential computing/GPU isolation and privacy-enhancing tech
Edge/IoT or lab device security (secure gateways, cert provisioning, zero trust patterns) relevant to autonomous labs
Experience in regulated/audit-heavy environments (SOC 2, ISO 27001; familiarity with lab quality systems)
SRE-adjacent skills applied to security controls (observability, reliability, chaos/scenario exercises)
Prior startup/high-growth experience enabling developer velocity with strong guardrails; advanced supply chain maturity with Sigstore/Cosign and SLSA concepts
Experience with at least one modern language (Python, Go, Rust, JavaScript) for automation

Benefits

Bonus potential
Generous early equity

Company

Lila Sciences

twittertwittertwitter
company-logo
Lila Sciences creates a scientific superintelligence platform and autonomous labs for life sciences, chemistry, and materials science. It is a sub-organization of Flagship Pioneering.
dateFounded in 2023
location
Cambridge, Massachusetts, USA
people-size201-500 employees
web-link
https://www.lila.ai

H1B Sponsorship

Lila Sciences has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (8)

Funding

Current Stage
Growth Stage
Total Funding
$550M
Key Investors
NVenturesFlagship Pioneering
2025-10-14Series A· $115M
2025-09-14Series A· $235M
2025-03-10Seed· $200M

Recent News

Axios
2025's AI-fueled scientific breakthroughs
2026-01-03
masslive
Here’s what happened to Mass. startup investing in 2025
2025-12-17
MIT Technology Review
AI materials discovery now needs to move into the real world
2025-12-15
Company data provided by crunchbase