Dune Security · 2 days ago
Senior DevSecOps Engineer
New York, NY
Full-time
Onsite
Mid, Senior Level
$140K/yr - $190K/yr
4+ years expDune Security is the world’s first User Adaptive Risk Management solution, empowering organizations to manage user risk proactively. They are seeking a Senior DevSecOps Engineer to own and operate secure infrastructure and developer platforms, focusing on CI/CD pipelines, cloud security architecture, and incident response capabilities.
Artificial Intelligence (AI)Cyber SecurityInformation TechnologySecurity
Hiring Manager
David DellaPelle
Responsibilities
Design, build, and operate secure CI/CD pipelines, including GitLab CI/CD
Enforce secure Git workflows, protected branches, and MFA for code pushes
Embed security best practices across the SSDLC and developer workflows
Own production infrastructure and participate in on-call rotations
Investigate, respond to, and remediate security incidents and availability events
Perform CVE analysis, vulnerability assessments, risk scoring, and prioritization
Conduct risk assessments and risk modeling for infrastructure, applications, and identity systems
Implement and operate intrusion detection, runtime security, and anti-ransomware controls
Deploy and manage honeypots and deception technologies
Perform network traffic analysis for threat detection and incident response
Design and operate secure VPN access and remote connectivity
Support red team, blue team, and purple team exercises and remediation efforts
Build and maintain observability, SIEM integrations, detection pipelines, and security visualization dashboards
Integrate threat intelligence indicators into detection and response workflows
Design and operate SOAR workflows to automate triage, response, and remediation
Apply UEBA techniques to identify anomalous behavior across users, systems, and services
Partner with engineering, security, and governance teams to continuously improve security posture
Qualification
Required
Strong experience with DevOps and DevSecOps practices in production environments
CI/CD experience with GitLab CI/CD, secure artifact handling, SAST, DAST, dependency and container scanning
Infrastructure-as-code and policy-as-code experience
Cloud architecture security experience, including secure design, segmentation, and workload isolation
Zero Trust access design and architecture across users, services, and infrastructure
Advanced Linux systems administration, Linux internals, kernel-level security concepts (kernel hacking or tuning preferred)
Strong proficiency in Golang, including building production services and internal security tooling
Experience with logging, monitoring, SIEM platforms, intrusion detection systems, network telemetry, and observability tooling
Direct production experience operating Keycloak, including OAuth2, OIDC, SSO, federation, RBAC/ABAC, upgrades, and scaling
Secrets and vault management (e.g., HashiCorp Vault or equivalent)
ACL design and enforcement, PKI, certificate, key, and token lifecycle management
Encryption at rest and in transit, MFA enforcement, identity governance
Applied cryptography knowledge, including TLS, hashing, MACs, key exchange mechanisms
Familiarity with modern cryptographic algorithms such as AES-GCM, ChaCha20-Poly1305, Salsa20, SHA-2, and SHA-3
Experience implementing and operating controls aligned with SOC 2, ISO/IEC 27001, GDPR, CCPA, and PCI DSS
Intrusion detection, alerting, and response in production environments
SIEM-based correlation, investigation, and alerting
SOAR-based automation for incident response and remediation
UEBA-driven detection for insider risk and anomalous behavior
Threat intelligence ingestion and indicator-based detection
Network traffic analysis and flow-based monitoring
Endpoint security, EDR tooling, and ransomware mitigation
Honeypots, deception technologies, and advanced threat detection
Penetration testing participation, remediation ownership, and validation
Audit readiness, evidence collection, and governance collaboration
4+ years of DevOps, DevSecOps, or Operations experience required
Bachelor's degree in Computer Science, Computer Engineering, Information Security, or a related field required
Industry-recognized security certifications required (e.g., CISSP, CISM, OSCP, GIAC, CEH, or equivalent)
Preferred
7+ years preferred, with demonstrated ownership of real production systems
Public credibility in security preferred, including publications, patents, open-source contributions, or conference talks
Benefits
Medical, dental, and vision insurance
Unlimited PTO
Commuter benefits
Ongoing professional development and educational support
Company
Dune Security
Dune Security's AI quantifies user risk, delivering adaptive training and dynamic, integrated controls for proactive remediation.
51-200 employees
H1B Sponsorship
Dune Security has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
Funding
Current Stage
Growth StageTotal Funding
$8MKey Investors
Toba CapitalCraft VenturesAntler
2025-01-29Seed· $6M
2024-04-22Pre Seed· $2M
2023-09-29Pre Seed
Leadership Team
David DellaPelle
Co-Founder and CEO
Michael Waite
Co-Founder and CTO
Recent News
BiometricUpdate.com
2025-09-13
Help Net Security
2025-09-12
Company data provided by crunchbase