Tunnl · 5 hours ago
Senior DevSecOps Engineer
Hybrid- DC Metro Area
Full-time
Hybrid
Senior Level
5+ years expTunnl is leveraging AI to transform insights and outcomes, and they are seeking a highly skilled Senior DevSecOps Engineer to design, build, and secure their cloud infrastructure and software delivery pipelines. The role involves embedding security controls into CI/CD processes, automating compliance, and ensuring operational excellence across cloud security practices.
Artificial Intelligence (AI)Information ServicesInformation Technology
Responsibilities
Establish and enforce cloud security standards across AWS, including IAM, network segmentation, encryption, secrets management, and secure workload patterns
Implement continuous security posture monitoring aligned to the AWS Well-Architected Framework and security best practices (e.g., CIS benchmarks, NIST guidance, ISO principles)
Design automated guardrails for vulnerability management, patching, configuration drift detection, key rotation, and secrets lifecycle management
Improve detection and response readiness through centralized logging, alerting, and security event workflows
Own the technical engagement with security and data privacy auditors, serving as Tunnl’s primary point of contact for infrastructure, cloud security, and DevSecOps controls
Architect and maintain CI/CD pipelines with built-in security scanning and enforcement (SAST/DAST, dependency scanning, IaC scanning, artifact signing, policy-as-code)
Implement repeatable, secure infrastructure deployment using Infrastructure-as-Code (Terraform and/or equivalent tooling)
Build and maintain containerized and cloud-native deployment environments (Docker, Kubernetes and/or ECS/Fargate) with hardened images, runtime controls, and supply chain protections
Improve developer experience by making secure workflows easy, fast, and consistent across engineering teams
Help define and implement standards for availability, backup/restore, disaster recovery, and operational maturity
Partner with engineering leadership to evolve incident response practices including on-call readiness, runbooks, and post-incident learning loops
Proactively identify reliability/security risks, prioritize remediation, and drive cross-team follow-through
Partner across software, data, and cyber teams to ensure security requirements are integrated into system design and delivery
Serve as a trusted advisor to engineering leadership on cloud security strategy, risk tradeoffs, and platform evolution
Coach engineers on DevSecOps patterns, secure-by-default architecture, and operational excellence
Communicate clearly with both technical and non-technical stakeholders to build trust and adoption of platform/security initiatives
Contribute to Tunnl’s mission and culture through principled execution, respectful collaboration, and high ownership
Qualification
Required
5+ years of experience in Cloud Engineering, DevOps, SRE, Platform Engineering, or DevSecOps, with strong focus on security and automation
Demonstrated senior-level ownership of cloud infrastructure and CI/CD systems supporting production workloads
Deep knowledge of AWS core infrastructure and security services (e.g., IAM, VPC, EC2, RDS, DynamoDB, Lambda, SQS/SNS, ECS/ECR, CloudTrail, Config, Security Hub, Inspector)
Strong knowledge of IAM design, network security controls, encryption systems (KMS, key rotation), secrets management, and secure service-to-service access patterns
Experience implementing vulnerability scanning and compliance controls using tools such as Ethyca, Security Hub, Inspector, Aqua, Prisma, or similar
Familiarity with container security, dependency security, and software supply chain security best practices
Strong proficiency with Infrastructure-as-Code tooling such as Terraform (preferred), CloudFormation, CDK, or Ansible
Proven ability to standardize environments and reduce human risk through automation
Experience with SIEM/log aggregation and incident workflows, including Splunk or comparable systems
Comfort supporting operational readiness through logs, traces, metrics, and post-incident analysis
Strong scripting/programming ability (Python preferred) for automation, tooling, and integrations
Experience with CI/CD tools (GitHub Actions, Jenkins, CodePipeline, or similar)
Familiarity with observability tooling (Prometheus, Grafana, ELK/EFK, or equivalents)
Strong Linux/Unix command-line skills and solid networking fundamentals (TCP/IP, DNS, VPNs, firewalls, load balancing)
Preferred
AWS certifications: Solutions Architect, Security Specialty, or DevOps Engineer – Professional
Experience implementing Zero Trust principles and modern identity-driven security patterns
Hands-on experience with cloud-native security architecture for microservices and serverless environments
Background in security operations, incident response, and security program execution in regulated environments
Benefits
Eligible for the Company Bonus Plan (targeting 15% of Base Salary)
Comprehensive benefits with excellent medical, vision, and dental coverage
Health Savings Account (HSA) and Flexible Spending Account (FSA) options
Employer-paid life insurance, with voluntary additional coverage available
Voluntary short- and long-term disability, accident, and critical illness insurance
Flexible hybrid work policy
Flexible unlimited paid vacation plus 80 hours of paid sick leave
10 paid company holidays per year plus the week between Christmas and New Year’s off
401(k) plan with 100% match up to 3%, plus 50% match up to 5% (subject to IRS limits)
Cell phone reimbursement stipend
Monthly parking or commuter stipend for VA-based employees
Company
Tunnl
Tunnl is a data intelligence firm providing a platform that offers data for TV advertising.
11-50 employees
Funding
Current Stage
Early StageTotal Funding
$2.6M2023-01-30Series Unknown· $2.6M
Leadership Team
Sara Fagen
CEO, Tunnl
Alex Lundry
Co-Founder
Recent News
Company data provided by crunchbase