Senior DevSecOps Engineer

About ThriveCart:

ThriveCart is the leading no-code sales platform for digital course creators, coaches, entrepreneurs, and online businesses looking to boost revenue, drive conversions, and scale audiences. ThriveCart powers over 65,000 businesses and 12 million enrolled students, generating over $2 billion in annual sales. The platform provides all the tools businesses need to create high-converting checkout experiences, manage powerful affiliate campaigns, and deliver seamless student experiences with its built-in learning management system, Learn/Learn+.

Location:

Remote (South America)

Must have full authorization to work in country of residence being in South America.

Position Overview

Hands-on DevSecOps engineer responsible for securing and maintaining ThriveCart's e-commerce platform infrastructure, deployment automation, and production observability. You will implement security automation, maintain monitoring systems, and enable engineering teams with security tooling while ensuring high availability.

Core Responsibilities

Infrastructure & Systems Security

• Implement and maintain security scanning in CI/CD (SAST, dependency, container)
• Harden AWS infrastructure (WAF, Security Groups) and manage network segmentation
• Monitor security advisories, coordinate patching, and track vulnerability remediation
• Manage encryption (rest/transit), secure compute resources, and audit IAM policies
• Provide security tooling/dashboards and assist developers with findings

Threat Detection & Observability

• Maintain CloudWatch dashboards (Payment metrics, Database health, API performance)
• Configure GuardDuty/Security Hub and build alerts for DDoS, intrusion, and anomalies
• Monitor production health, investigate anomalies, and perform root cause analysis
• Build investigation queries for security incidents and maintain response runbooks
• Monitor for penetration attempts, API abuse, and suspicious access patterns

Infrastructure as Code & Operations

• Manage AWS resources via Terraform (EC2, RDS, IAM, VPC) with security-first configurations
• Maintain zero-downtime CI/CD pipelines with integrated security gates and rollback mechanisms
• Administer MariaDB databases (performance tuning, backups, access controls)
• Maintain Docker-based dev environments and secure container configurations
• Support compliance requirements (PCI-DSS) and manage evidence collection

Technical Environment

• Primary: AWS (GuardDuty, WAF, CloudWatch, EC2, RDS), Terraform, Docker, MariaDB, Git, Linux
• Security Tools: Snyk/SonarQube (SAST), Trivy (Container), Checkov (IaC), AWS Secrets Manager
• Secondary: Nginx, Memcached, PHP 7.4 envs, GitHub Actions, Let's Encrypt

Required Qualifications

Experience (3-5 years)

• Production operations for high-traffic web apps with a focus on security
• Implementing security controls (WAF, IAM, scanning) in AWS environments
• Infrastructure as Code (Terraform) and CI/CD security integration
• Database administration (MariaDB/MySQL) and container security (Docker)
• DDoS mitigation, incident response, and compliance framework experience

Skills

• Security: Vulnerability assessment, threat detection, IAM design, secrets management
• DevOps: CloudWatch alerting, Terraform module dev, Bash scripting, Log analysis
• Soft Skills: Security-first mindset, calm under pressure, collaborative educator

Success Metrics

First 30-90 Days

• Audit security posture and identify high-priority gaps
• Implement automated security scanning in CI/CD pipeline
• Deploy DDoS and intrusion detection monitoring (GuardDuty/WAF)
• Reduce critical vulnerabilities by 40% through remediation

Ongoing Success Indicators

• Zero successful penetration attempts due to unmonitored vectors
• 100% of infrastructure changes pass automated security review
• Security vulnerabilities remediated within SLA (Critical: 24h)
• Infrastructure deployed without incidents; high deployment confidence

On-Call & Benefits

• Shared rotation (focus on revenue-critical & security alerts)
• Competitive salary + Equity + Security certification sponsorship (CISSP, AWS Security)
• Impact: Secure a revenue-critical platform serving real businesses

Learn More About ThriveCart:

Our team thrives on collaboration, innovation, and continuous growth. We foster an open environment with regular knowledge-sharing sessions and encourage active participation in shaping the platform. Our values include:

• Commit to Excellence – We believe in delivering high-quality work and continuous improvement.
• User-Focused Problem Solving – Every design should contribute to solving a real problem for our users.
• Team Collaboration – We work better together, valuing input from every team member.
• Growth Mindset – We embrace challenges as opportunities to learn and grow.