DevSecOps Engineer

Company Description: Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations. At the center of it is an omnipresent, intelligent, and multilingual Anomali Copilot that automates important tasks and empowers your team to deliver the requisite risk insights to management and the board in seconds. The Anomali Copilot navigates a proprietary cloud-native security data lake that consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention. Do more with less. Be Different. Be the Anomali. Learn more at http://www.anomali.com. Job Description:  DevSecOps Engineer We’re looking for a DevSecOps Engineer to take a lead role in securing and scaling our AWS-based SaaS platform. You’ll own the end-to-end cloud security posture, embed security into our CI/CD pipelines, and collaborate closely with Pen Testing and Red Teams to ensure a robust, proactive security defense.  What You'll Do: • Build and maintain defense-in-depth strategies across AWS and Kubernetes (WAF, NACLs, IAM, encryption, segmentation). • Integrate security automation into CI/CD (SAST, DAST, dependency and container scanning). • Partner with Pen Testers and Red Teams on offensive testing, threat modeling, and vulnerability remediation. • Drive continuous compliance with SOC 2, GDPR, and FedRAMP standards. • Implement and monitor cloud security controls with AWS Security Hub, GuardDuty, CloudTrail, and CloudWatch. • Secure secrets and credentials with AWS Secrets Manager, Vault, or SSM Parameter Store. • Define and enforce security guardrails through Infrastructure as Code (Terraform / CloudFormation). • Lead incident response, security reviews, and risk assessments. Qualifications: Required Skills/Experience: • 3+ years in DevSecOps / Cloud Security / Infrastructure Security. • Deep hands-on experience with AWS (EKS, IAM, VPC, RDS, Lambda, etc.) and Kubernetes security (RBAC, Network Policies, Admission Controllers). • Solid grasp of network security and Zero Trust principles. • Proven collaboration with Pen Testing / Red Team operations. • Proficiency in Terraform, CloudFormation, or Pulumi. • Familiarity with CIS Benchmarks, NIST 800-53, OWASP Top 10. • Scripting skills in Python, Bash, or Go. • AWS Certified Security – Specialty, CKS, or CKAD. • Experience with Aqua, Prisma Cloud, Trivy, Falco, or Snyk. • Background in multi-tenant SaaS or multi-account AWS environments. • This position is an onsite/hybrid role. Currently, the team is working Mon/Tue/Wed onsite in Redwood City, CA. • This position does have an on-call rotation. ~One week on-call every month, as this responsibility is shared across the team. This position is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future, require visa sponsorship to work in the United States.