CO - DevSecOps - 234

Clearco is hiring a Senior DevSecOps Engineer to strengthen cloud security, platform reliability, and incident response across our systems. This hands-on role sits at the intersection of infrastructure, security, and reliability, and focuses on making security a practical, repeatable part of how we build and operate services.

You will work closely with Product Engineering, Data Science, and IT to implement secure-by-default guardrails, improve detection and telemetry, and drive vulnerability and supply-chain risk reduction across our GCP environment and CI/CD pipelines. This is an opportunity to shape security posture and practices at scale while delivering measurable impact.

Responsibilities

• Own platform security and reliability improvements across our GCP environment.
• Harden identity and network controls in GCP, including IAM patterns, service accounts/workload identity, organization policies, and network segmentation.
• Build security into CI/CD by implementing and enforcing SAST, SCA, secret detection, and container/image scanning.
• Drive vulnerability management and reduce software supply chain risk across services, dependencies, container images, and build pipelines.
• Lead threat modeling and security design reviews for new features and significant architecture changes.
• Improve security observability by tuning telemetry, reducing alert noise, and building high-signal detections and dashboards.
• Lead investigations and coordinate incident response for security alerts and incidents, and drive post-incident improvements.
• Champion secure SDLC practices through standards, documentation, guardrails, and coaching for product engineering teams.
• Define and maintain end-user device security standards, including requirements for EDR and remote access tooling, and partner with stakeholders for execution.
• Support compliance and audit readiness by conducting internal security reviews and helping align practices with SOC 2, GDPR, and NIST frameworks.

Requirements:
• 5+ years of experience across cloud infrastructure and security (DevSecOps, platform security, security engineering, or SRE with strong security focus).
• Deep hands-on experience with Google Cloud Platform (GCP); AWS experience acceptable as alternative.
• Strong hands-on experience with Kubernetes and service networking.
• Proven Infrastructure-as-Code skills (for example Terraform) and ability to build reusable automation.
• Practical experience integrating security into CI/CD workflows (implementing and enforcing scanners and policy controls).
• Experience driving vulnerability management and addressing software supply chain risk.
• Experience leading incident response: investigation, coordination, post-incident follow-through, and continuous improvement.
• Strong fundamentals in cloud networking and identity controls (IAM, service accounts, workload identity).
• Comfortable partnering cross-functionally and driving work end-to-end in ambiguous areas.
• Hands-on experience with container tooling and build pipelines (Docker, Jenkins).

Nice to Have

• Experience with Istio.
• Familiarity with application security scanning tools such as Semgrep, Veracode, or GitHub Advanced Security.
• Familiarity with CrowdStrike (EDR) and Splunk (SIEM).
• Experience supporting compliance and audit readiness for SOC 2, GDPR, or NIST, including evidence support.