DevSecOps Engineer

Description

Summary: This Senior DevSecOps Engineer will embed security deeply into cloud, platform, and delivery workflows, driving security automation and ensuring a resilient, scalable, and compliant platform. Highlights: 1. Lead security architecture for a fast-growing global hospitality group. 2. Drive security automation and secure-by-default practices. 3. Pivotal role in maturing security capabilities across AWS, Kubernetes, CI/CD. Senior DevSecOps Engineer Location: Remote hired though remote.com Employment Type: Permanent Reports to: Head of DevOps Engineering About us We are a fast\-growing, global hospitality and lifestyle group, supporting a diverse portfolio of brands, properties, and digital experiences across multiple regions. With a strong focus on innovation, scalability, and guest\-facing technology, the platform continues to evolve rapidly, requiring modern cloud\-native architectures, high availability, and a strong security foundation to support ongoing growth and transformation. About the Role We are expanding rapidly and continuing to evolve a global technology ecosystem as new digital platforms, brands, and customer experiences are brought onto our cloud environment. To support this growth—and to strengthen our security posture—we are hiring a Senior DevSecOps Engineer through remote.com to embed security deeply into our cloud, platform, and delivery workflows. This is a newly created role and will be pivotal in maturing security capabilities across AWS, Kubernetes (EKS), CI/CD pipelines, and infrastructure as code. You will work closely with DevOps, QA, and application engineering teams in a highly collaborative environment. This is a hands\-on technical leadership position, where you will drive security automation, implement secure\-by\-default practices, and help ensure the platform remains resilient, scalable, and compliant as the organisation continues to grow. What You’ll Do Platform Security \& Architecture * As a newly created position, this role will provide security leadership and oversight for our environment, working alongside the parent company’s security team to align standards and practices. * Lead the implementation of secure\-by\-design patterns across AWS, EKS, and microservices. * Define and evolve cloud security baselines, identity policies, network segmentation, and access controls. * Drive workload hardening for Kubernetes clusters, containers, and supporting infrastructure. CI/CD \& SDLC Security * Integrate security controls directly into GitHub Actions and ArgoCD pipelines. * Implement SAST, DAST, IaC scanning, dependency scanning, and container security checks. * Embed policy\-as\-code, automated approvals, and compliance automation into delivery workflows. Cloud, Kubernetes \& Infrastructure Security * Leverage Wiz to monitor posture, vulnerabilities, misconfigurations, and cloud risk. * Implement secure configuration patterns for EKS, including RBAC, network policies, service mesh considerations, and runtime protection. * Lead the governance, validation, and security hardening of our Terraform infrastructure. Observability, Threat Detection \& Incident Response * Expand monitoring, logging, and alerting using Datadog, including security signals, anomaly detection, and audit monitoring. * Establish and improve incident response processes, playbooks, and forensics capability. * Partner with platform teams to ensure security events are actionable, measurable, and tuned. Security Automation \& Tooling * Build automated guardrails to remove manual effort and reduce operational risk. * Integrate Wiz insights into workflows, reporting, and continuous improvement. * Drive adoption of new security tooling, standards, and architectural best practices. Collaboration \& Culture * Work closely with DevOps, Product, Engineering, and Security stakeholders to ensure consistency and alignment. * Influence engineering teams to adopt secure patterns without slowing delivery. * Champion a mature DevSecOps culture across the organisation through education, documentation, and knowledge sharing. What We’re Looking For Essential Experience * 5\+ years in DevSecOps, Cloud Security Engineering, or Platform Security roles. * Strong hands\-on experience securing AWS environments including IAM, networking, encryption, and cloud services at scale. * Deep expertise with Kubernetes (EKS), container hardening, cluster security, and workload isolation. * Proven experience embedding security into GitHub Actions and ArgoCD pipelines. * Excellent proficiency with IaC security—Terraform, OPA, Checkov, security scanning. * Experience supporting ISO27001 / SOC2 / PCI initiatives. * Strong background in vulnerability management, threat modelling, and cloud posture monitoring (Wiz or similar). * Strong understanding of distributed systems, microservices, and cloud\-native security patterns. Nice\-to\-Have * Experience in hospitality, travel, or multi\-tenant SaaS platforms. * Familiarity with secrets management (Vault), SCA/SAST/DAST tooling, and runtime protection. * Knowledge of container networking, service meshes, and eBPF technologies. Why This Role Matters We are scaling fast as we onboard new hotels, expand our membership ecosystem, and build modern digital experiences. This role is critical to ensuring that our platform remains secure, resilient, and enterprise\-ready—without slowing down engineering teams. You will be instrumental in driving maturity, reducing risk, and shaping the future of our DevSecOps practices across the entire organisation. What We Offer * Competitive compensation * Opportunity to influence the long\-term security strategy of a global hospitality group * Collaboration with high\-performing DevOps, Engineering, and Platform teams * Real impact on large\-scale, modern cloud\-native architecture * Growth opportunities as our platform expands internationally Job Type: Full\-time Work Location: Remote