DevSecOps Engineer – Policy & Access Control
We're looking for a hands-on Infrastructure Security Engineer with a strong focus on policy-driven access control and modern cloud-native security practices. You'll be working at the intersection of DevOps, security architecture, and policy enforcement, helping to design and implement scalable, testable, and auditable access control systems across our infrastructure.
What You’ll Do:
• Design and implement access control models (RBAC, ABAC, REBAC) tailored for distributed systems.
• Integrate and manage Policy-as-Code frameworks, including Open Policy Agent (OPA) and related tooling.
• Develop and maintain robust BDD-style test suites using tools like Cucumber to ensure policy logic behaves as expected.
• Collaborate with platform and infrastructure teams to deploy security components such as sidecars, interceptors, and policy decision points within Kubernetes and service mesh environments.
• Engineer secure infrastructure patterns using DevOps best practices, and contribute to CI/CD pipelines to embed security throughout the lifecycle.
• Apply deep knowledge of security architectures, including policy enforcement points (PEP) and decision points (PDP), across microservices and cloud workloads.
• Implement defense-in-depth strategies, ensuring layers of protection are both effective and manageable at scale.
• Operate and support these systems in production, continuously improving observability, auditability, and resilience.
What We’re Looking For:
• Proven experience with OPA, Rego, or similar policy frameworks.
• Practical knowledge of building and managing RBAC, ABAC, or REBAC in real-world systems.
• Hands-on experience with Kubernetes, service meshes (e.g., Istio, Linkerd), and cloud-native infrastructure.
• Strong scripting and automation skills (e.g., Bash, Python, Terraform, etc.).
• Familiarity with DevOps toolchains, container orchestration, and infrastructure-as-code.
• Solid grasp of security principles, threat modeling, and zero-trust architectures.
• Background in building testable, verifiable, and auditable security solutions.
We're looking for a hands-on Infrastructure Security Engineer with a strong focus on policy-driven access control and modern cloud-native security practices. You'll be working at the intersection of DevOps, security architecture, and policy enforcement, helping to design and implement scalable, testable, and auditable access control systems across our infrastructure.
What You’ll Do:
• Design and implement access control models (RBAC, ABAC, REBAC) tailored for distributed systems.
• Integrate and manage Policy-as-Code frameworks, including Open Policy Agent (OPA) and related tooling.
• Develop and maintain robust BDD-style test suites using tools like Cucumber to ensure policy logic behaves as expected.
• Collaborate with platform and infrastructure teams to deploy security components such as sidecars, interceptors, and policy decision points within Kubernetes and service mesh environments.
• Engineer secure infrastructure patterns using DevOps best practices, and contribute to CI/CD pipelines to embed security throughout the lifecycle.
• Apply deep knowledge of security architectures, including policy enforcement points (PEP) and decision points (PDP), across microservices and cloud workloads.
• Implement defense-in-depth strategies, ensuring layers of protection are both effective and manageable at scale.
• Operate and support these systems in production, continuously improving observability, auditability, and resilience.
What We’re Looking For:
• Proven experience with OPA, Rego, or similar policy frameworks.
• Practical knowledge of building and managing RBAC, ABAC, or REBAC in real-world systems.
• Hands-on experience with Kubernetes, service meshes (e.g., Istio, Linkerd), and cloud-native infrastructure.
• Strong scripting and automation skills (e.g., Bash, Python, Terraform, etc.).
• Familiarity with DevOps toolchains, container orchestration, and infrastructure-as-code.
• Solid grasp of security principles, threat modeling, and zero-trust architectures.
• Background in building testable, verifiable, and auditable security solutions.
