Senior DevSecOps Engineer

[ABOUT ISTARI DIGITAL] Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering ecosystems a reality – where new technologies and systems are created digitally, free from the real-world constraints of costs and schedules. We are creating the world’s best engineering model sharing platform, allowing our customers to simply and securely integrate their models across different engineering disciplines, organizations, and security levels. At Istari, we are passionate about our mission of creating the world's first open and scalable industrial metaverse. Whether our customers are designing prototypes, performing virtual testing, or training AI and autonomy for complex systems, we know that going digital will save them time, resources, and reduce their environmental impact.   While we are a distributed team with most team-members working remotely, we place an emphasis on staying connected and collaborative, prioritizing in-person opportunities to build trust as a team. At Istari, we still believe that trust is best built in-person. To do this, we have an engineering headquarters in Cambridge, MA for focused technical development and several times per year we gather for an off-site that allows us to develop our professional skills and our team relationships. [VALUES] At Istari, we live by our values, which include: - Focus is rewarded. Finish is remembered.  - Facts are friendly. Even when they are not fun. - Fellowship is fundamental. Make others successful. Equal Opportunity Istari is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. We are seeking a Senior DevSecOps Engineer to join our Engineering team. This role is critical to securing, hardening, and scaling the infrastructure that powers our platform across cloud-hosted production environments. This engineer will work closely with platform, infrastructure, and security stakeholders to improve the security and operational maturity of our AWS and Kubernetes environments, support compliance and audit readiness, and help ensure our systems are reliable, secure, and maintainable as we grow. This role will also support environments serving regulated and security-sensitive customer needs, including an environment we host for a Government organization. The ideal candidate combines strong hands-on infrastructure expertise with sound security judgment and a practical, execution-focused mindset. They should be comfortable working across cloud infrastructure, Kubernetes, operating systems, compliance controls, and production operations. Core Responsibilities

Responsibilities include collaborating with the platform and engineering teams to secure and improve production infrastructure, harden cloud and host configurations, and build repeatable operational practices across environments. Key responsibilities include:

Design, implement, and maintain secure, scalable infrastructure in AWS

Manage, secure, and improve Kubernetes-based environments, including production workloads

Build and maintain infrastructure as code using Terraform

Harden production systems across cloud, compute, container, identity, and network layers

Develop and maintain secure baseline configurations for infrastructure and platform services

Support vulnerability management, patching, remediation, and configuration compliance efforts across environments

Configure, administer, and patch both Linux and Windows VMs

Support identity and access management practices, including least privilege, role design, and privileged access controls

Contribute to administration and integration of Active Directory domains where needed

Partner with engineering teams to improve security within CI/CD pipelines, deployment workflows, and operational processes

Support compliance initiatives, audits, evidence collection, and technical control validation

Develop and maintain documentation, operational runbooks, technical standards, and playbooks

Monitor, troubleshoot, and resolve complex infrastructure and security issues with clear and timely communication

Participate in incident response and post-incident analysis when infrastructure or platform issues arise

Stay current on cloud, infrastructure, and security best practices that can improve platform resilience and delivery

Required Qualifications

Minimum of 5 years of experience in DevOps, DevSecOps, Infrastructure Engineering, Platform Engineering, or Security Engineering

Strong hands-on experience with AWS in production environments

Proven experience with Kubernetes, preferably in production

Strong experience with Terraform and infrastructure-as-code practices

Experience hardening production environments and implementing secure configuration standards

Experience supporting compliance frameworks, audit preparation, evidence gathering, and control validation

Experience with vulnerability remediation, system patching, and operational security practices

Experience configuring and maintaining both Linux and Windows virtual machines

Strong understanding of IAM, secrets management, network security, logging, monitoring, and operational controls

Proven experience improving or securing CI/CD pipelines and deployment workflows

Excellent troubleshooting and problem-solving skills in complex production environments

Strong communication skills with the ability to explain technical concepts to both technical and non-technical stakeholders

Must live/work in the U.S.

Preferred Qualifications