Vanilla · 3 days ago
Senior DevSecOps Engineer
United States
Full-time
Remote
Senior Level
$180K/yr - $210K/yrVanilla is a startup with big ambitions to modernize estate planning through AI-powered technology. They are seeking a Senior DevSecOps Engineer to manage their security tooling and drive application and cloud security programs, ensuring the security of their platform and infrastructure.
Artificial Intelligence (AI)FinanceFinTechInformation TechnologyLegalSoftwareFinancial ServicesLegal TechWealth Management
No H1B
Responsibilities
Secure AWS infrastructure, systems, and networking
Review infrastructure-as-code (Terraform) changes for security implications
Support secrets management, IAM policy reviews, and encryption standards
Triage and respond to cross-team IT requests that carry security implications
Operate and tune security tooling including SentinelOne (EDR), Sublime (email security), Panther (SIEM), and Cloudflare
Monitor and triage security alerts across dedicated channels
Serve as the primary responder for cross-team security requests
Manage the vCISO relationship, including coordinating on cloud security posture, endpoint coverage, and SOC 24x7 operations
Own the annual penetration test lifecycle: vendor selection, scoping, coordination, remediation tracking, and reporting
Scope and coordinate AI red team engagements
Run tabletop exercises and maintain the incident response playbook
Build and maintain a multi-quarter security roadmap in partnership with engineering leadership
Own and evolve pre-deploy security gates across CI/CD pipelines
Run vulnerability management for libraries and application code: scanning, prioritization, and remediation workflows
Conduct threat modeling for new features, integrations, and architecture changes
Champion secure coding practices across engineering teams
Scope and coordinate AI red team exercises against Vanilla’s AI-powered features
Assess security of AI/ML pipelines, inference endpoints, and third-party AI vendor integrations
Implement and maintain guardrails for AI outputs, including controls against prompt injection and data exfiltration
Establish data governance practices for sensitive training data (PII/PHI in estate and financial documents)
Qualification
Required
Hands-on AWS experience: infrastructure, networking, and cloud security posture
Experience with infrastructure-as-code (Terraform or CloudFormation)
Strong understanding of IAM, network security, encryption, and secrets management
Hands-on vulnerability management experience: scanning, triage, remediation workflows
Experience with threat modeling, secure code review, and CI/CD security gating
Strong scripting and automation skills (Python, Bash, or similar)
Preferred
Experience operating security tooling: EDR, SIEM, email security, WAF, or similar
Familiarity with SentinelOne, Sublime, Panther, or Cloudflare specifically
Prior incident response or tabletop exercise facilitation
Exposure to AI/ML security: LLM risks, securing inference endpoints, or data privacy in ML contexts
Experience in fintech, wealthtech, or other regulated industries
Familiarity with supply chain security
Benefits
Flexible paid time off policy and 10 company-wide paid holidays
Parental leave, 6 weeks for all full-time employees and up to 14 weeks for birthing parents
Medical, dental, and vision benefits coverage for employees and their families
401K eligibility after one month of employment
Free estate planning documents
Budget for learning & development and home office setup
Paid parking or transit for hybrid and in office employees
Company
Vanilla
Vanilla is an estate planning software platform designed for financial advisors, estate planners, and family offices.
Founded in 2019
51-200 employees
Funding
Current Stage
Growth StageTotal Funding
$81.4MKey Investors
Insight PartnersVenrock
2024-08-15Series B· $35M
2022-04-28Series B· $30M
2021-08-30Series A· $11.6M
Leadership Team
David Hauser
Founder
Jim Sinai
Chief Marketing Officer
Recent News
2026-05-20
2026-03-10
Company data provided by crunchbase