DevSecOps Engineer, Public Sector

At Lazarus, we build foundation models to help people solve the world's toughest problems. Enterprise and government clients use our APIs to power products and workflows that keep humans focused on what we do best. We're a venture-backed team headquartered downtown Boston, MA and we share a passion for innovation, growth, and a commitment to the responsible use of AI. 

Job Overview

We are hiring a DevSecOps Engineer to meet the needs of our software development lifecycle. This role will use technical skills for the design and implementation of various CI/CD patterns while abiding by industry standards and company policies. You will often take part in design and code reviews and offer direction to ensure project scoping activities match architectural capabilities, security requirements, and specifications. When new applications are introduced or current ones undergo changes, you will collaborate with stakeholders across the business to provide and build solutions. Integral to this role is the development, documentation and maintenance of DevSecOps practices used in day-to-day work. You will have a significant impact on the organization’s security and development culture.

Security Clearance: This role requires eligibility for U.S. security clearance based on current or future interactions with domestic and foreign governments.

Responsibilities

• Design & Build: You'll help to architect, implement, and maintain our core CI/CD pipelines, automation frameworks, and security infrastructure. This includes creating reusable patterns and shared libraries to accelerate development.
• Consult & Collaborate: You will act as a subject matter expert, consulting with development teams, non-technical business teams and clients to define DevSecOps requirements and evangelize best practices.
• Operate & Troubleshoot: In cooperation with a team, you will collectively own the operational health of our platforms, ensuring we meet uptime SLAs. This involves proactively identifying and fixing issues, managing incidents, and participating in on-call rotations.
• Improve & Strategize: You'll continuously assess our tools and processes, design action plans for improvements, and ensure our solutions align with industry standards like SDLC and ITIL.

Requirements

• Cloud & Infrastructure: Extensive hands-on experience designing, building, and securing AWS cloud environments. You have practical knowledge of Linux administration and managing infrastructure as code (Terraform or OpenTofu).
• DevSecOps Expertise: Proven ability to author complex CI/CD pipelines (e.g., YAML) in GitLab or GitHub. You're comfortable automating security scans, managing secrets, and implementing GitOps workflows.
• Containers and Orchestration: Experience with containerization using Docker and orchestration with Kubernetes (AWS EKS preferred).
• Cloud Security Tooling: Practical experience with security services like Prisma Cloud, SIEM, Nessus, or CrowdStrike. You're familiar with the principles of API Security, Container Security, and native AWS security tools and policies.
• Code & Automation: You can read and perform basic code reviews for languages like Python, Golang, or JavaScript/TypeScript to assist with application security management.
• Compliance & Frameworks: Strong understanding of information security frameworks, and specific knowledge of FedRAMP certification and audit processes.
• Professional Skills: A creative and proactive approach to problem-solving. You have excellent analytical skills and can clearly communicate complex technical information to both technical and non-technical audiences.
• Education and Experience: Bachelor’s Degree in Computer Science, Cybersecurity, or a related field. Degree requirements may be waived for equivalent professional experience. This is not an entry level position.

Nice-to-haves

• Active security clearance (preferably TS/SCI)
• Advanced industry certifications, such as:
• AWS Certified Solutions Architect (Associate or Professional)
• High-level security certifications like CISSP or CISM
• Practitioner-level SANS/GIAC certifications (e.g., GCIH, GCSA, GPCS)

Benefits

• Comprehensive benefits package, including health insurance, dental insurance, and vision insurance, and access to a 401k
• Flexible working from home arrangements
• Opportunities for growth and professional development
• Access to cutting-edge technology and resources for research and development
• Compensation (commensurate with experience): $110,000 - $125,000 (base salary) + bonus + equity

Lazarus AI is an equal opportunity employer. We are committed to equal employment opportunity and nondiscrimination for all employees and qualified applicants without regard to a person's race, color, gender, age, religion, national origin, ancestry, disability, veteran status, genetic information, sexual orientation or any characteristic protected under applicable law. We do not tolerate discrimination or harassment of any kind. This applies to every aspect of employment at Lazarus, including, but not limited to, employment, training, promotion, demotion, transfer, leaves of absence and termination.