Staff DevSecOps Engineer
At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether it’s medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable.
Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity.
We are seeking an experienced DevSecOps Engineer with a strong background in cloud security, infrastructure management, and secure software development. The ideal candidate will have extensive hands-on expertise across major cloud platforms(Azure focussed), containerization technologies, and security frameworks. You will be responsible for architecting, implementing, and maintaining secure cloud environments while ensuring that security is seamlessly integrated throughout the development lifecycle.
What you’ll be doing:
- Architect and secure highly available, scalable, and fault-tolerant systems across AWS and Azure environments.
- Design and implement Layer 3/Layer 4 firewalls, network segmentation, and secure routing policies.
- Deploy and manage Intrusion Detection (IDS), Intrusion Prevention (IPS), and Endpoint Detection and Response (EDR) solutions for servers, containers, and cloud workloads.
- Implement container and Kubernetes security for EKS (Amazon Elastic Kubernetes Service) and AKS (Azure Kubernetes Service) — ensuring zero-vulnerability base images, runtime protection, and least-privilege configurations.
- Manage cloud-native security services such as WAF, Shield , CSPM (Cloud Security Posture Management), and CNAPP (Cloud-Native Application Protection Platform).
- Ensure 99.99% uptime while maintaining a strong defense-in-depth security posture.
- Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, and Azure Resource Manager (ARM) templates.
- Build secure CI/CD pipelines integrating SAST, DAST, IaC scanning, container scanning, and EDR integrations for runtime visibility.
- Automate deployments and security validation using Ansible, Chef, Puppet, Jenkins, or GitHub Actions.
- Enforce image signing, vulnerability scanning, and policy enforcement to ensure zero-vulnerability images are promoted to production.
- Integrate open-source and commercial security tools (e.g., Trivy, Aqua, Wiz, Prisma Cloud, Checkov, SonarQube) for continuous assurance.
- Implement and maintain CSPM and CNAPP solutions to detect misconfigurations and enforce compliance baselines across AWS and Azure.
- Develop and automate security controls, configuration baselines, and hardening standards using policy-as-code.
- Perform threat modeling, risk analysis, and vulnerability remediation for cloud and containerized workloads.
- Document security architectures, DevSecOps workflows, and compliance evidence.
- Provide security training and awareness sessions for DevOps and development teams.
- Implement API security best practices, including OAuth2, JWT, rate limiting, and gateway-level authentication.
- Integrate SAST/DAST and dependency scanning tools within CI/CD pipelines.
- Troubleshoot and manage SSL/TLS, certificates, and key rotation processes.
- Enforce secure coding, linting, and code review standards across projects.
- Lead incident detection, containment, and response activities for cloud and containerized workloads.
- Configure and maintain EDR and SIEM/SOAR tools for unified visibility and automated threat response.
- Implement automated response playbooks using AWS Lambda or Azure Functions for real-time mitigation.
- Conduct root cause analysis (RCA) and develop post-incident improvement plans.
- 8+ years of experience in DevSecOps, Cloud Security, or Security Engineering.
- Strong hands-on experience with Azure as primary focus & AWS as additional, including EKS and AKS security hardening.
- Expertise in EDR implementation and maintenance across cloud and containerized environments.
- Deep understanding of Kubernetes, container security, and zero-vulnerability image pipelines.
- Skilled in integrating SAST, DAST, and IaC security tools into automated CI/CD pipelines.
- Strong experience with CSPM and CNAPP platforms for compliance and risk management.
- Proficiency in Terraform, CloudFormation, ARM, and scripting languages (Python, Bash, PowerShell).
- Solid understanding of network, cloud, and endpoint security principles.
- Strong communicator with the ability to bridge DevOps, Security, and Product teams.
- Proactive learner, passionate about automation and cloud-native security innovation.
- Certifications: AWS Certified Security – Specialty, Azure Security Engineer Associate, CKS, CISSP, or CEH.
- Hands-on experience with CSPM/CNAPP/EDR platforms (e.g., Lacework, Defender for Cloud, CrowdStrike, ).
- Familiarity with SOC 2, ISO 27001, or NIST frameworks.
- Experience implementing Zero-Trust Architecture.
- Experience mentoring DevOps/Security Engineers and improving team maturity.
Who we are:
FourKites, the leader in AI-driven supply chain transformation for global enterprises and pioneer of real-time visibility, turns supply chain data into automated action. FourKites Intelligent Control Tower® breaks down enterprise silos by creating a real-time digital twin of orders, shipments, inventory and assets. This comprehensive view, combined with AI-powered digital workers, enables companies to prevent disruptions, automate routine tasks and optimize performance across their supply chain. FourKites processes over 3.2 million supply chain events daily — from purchase orders to final delivery — helping 1,600-plus global brands prevent disruptions, make faster decisions and move from reactive tracking to proactive supply chain orchestration. For more information, visit www.fourkites.com.
FourKites provides competitive compensation with stock options, outstanding benefits and a collaborative culture for all employees around the globe. To help you be your best, we have 5 global recharge days, in addition to generous PTO and standard holidays. Parental leave for all parents, an annual wellness stipend and volunteer days also provide you with time and resources for self care and to care for others. Throughout the year, FourKites sets aside time during the workday to learn and celebrate diversity. We're always listening for new ways to support everyone in and out of the office.
Benefits:
- Medical benefits start on first day of employment
- 36 PTO days( Sick, Casual and Earned) , 5 recharge days, 2 volunteer days
- Home Office set ups and Technology reimbursement
- Lifestyle & Family benefits
- Mental Wellness support and guidance
- Ongoing learning & development opportunities ( Professional development program, Toast Master club etc.)
Create a Job Alert
Interested in building your career at FourKites? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field