Site Reliability Engineer

About The Role 

We are seeking an experienced Site Reliability Engineer (SRE) with a strong focus on DevSecOps to join our growing engineering team. In this role, you will oversee and maintain the reliability, security posture, and operational hygiene of our cloud infrastructure, APIs, and software supply chain. You will drive patch management programs, harden our Cloud infrastructure, and maintain our code repositories to ensure all systems remain compliant, secure, and scalable. 

This role is ideal for an engineer who thrives at the intersection of operations and security, is passionate about automation, and takes pride in keeping complex environments clean, auditable, and resilient. 

Key Responsibilities 

• Own and execute end-to-end patch management across AWS compute resources (EC2, ECS, Lambda runtimes, EKS nodes), third-party dependencies, and OS-level packages. 

• Monitor, triage, and remediate vulnerabilities identified by security scanning tools (e.g., AWS Inspector, Dependabot, Security Hub, or equivalent), prioritizing by CVSS severity and business impact. 

• Maintain and enforce branch protection rules, secret scanning policies, and dependency update workflows across all code repositories. 

• Design and implement automated pipelines for continuous compliance checking, security testing (SAST/DAST/SCA), and infrastructure drift detection. 

• Collaborate with IT & Info-Sec SMEs on AWS IAM roles and policies, VPC configurations, Security Groups, CloudTrail, Config, and GuardDuty to ensure least-privilege access and auditability. 

• Collaborate with development teams to embed security controls into CI/CD pipelines (GitHub Actions, CodePipeline, or equivalent) without impeding developer velocity. 

• Support the reliability and availability of production APIs — including uptime monitoring, incident response, runbook creation, and post-incident reviews. 

• Partner with Legal and Data Governance SMEs on API access procedures and monitoring. 

• Define and track SLOs/SLAs for internal and external APIs; implement alerting and dashboards using observability tooling (e.g., CloudWatch, Datadog, Grafana). 

• Lead periodic infrastructure and dependency audits; produce clear reports on patch compliance status and open risk items for engineering and security leadership. 

• Maintain thorough documentation of patching schedules, runbooks, access policies, and environment configurations. 

• Participate in on-call rotation and contribute to a culture of continuous improvement. 

Required Qualifications 

• Bachelor's Degree in Computer Science, Information Systems, or a related field (or equivalent practical experience). 

• 5+ years of professional experience in a Site Reliability Engineering, Software Engineering, DevOps, or DevSecOps role. 

• Demonstrated expertise managing AWS environments — including EC2, Lambda, ECS/EKS, S3, RDS, IAM, VPC, CloudTrail, Config, and GuardDuty. 

• Experience with various cloud environments: AWS, Azure, GPC 

• Strong experience with GitHub administration: branch protection, Actions workflows, secret scanning, Dependabot, and code owners. 

• Hands-on experience with patch management and vulnerability remediation at scale, including OS-level patching (Amazon Linux, Ubuntu) and dependency lifecycle management. 

• Proficiency with infrastructure-as-code tools (Terraform, CloudFormation, or AWS CDK). 

• Experience integrating security tooling (SAST, DAST, SCA, container scanning) into CI/CD pipelines. 

• Solid understanding of API reliability patterns: health checks, rate limiting, circuit breakers, and observability. 

• Familiarity with compliance frameworks relevant to cloud environments (SOC 2, CIS Benchmarks, NIST CSF). 

• Strong scripting skills in Python, Bash, or similar for automation and tooling. 

• Excellent communication skills and ability to translate technical risk for non-technical stakeholders. 

• Build observation (logging, metrics, alerting) systems to make sure system works well, and develop response plans. 

Preferred Qualifications 

• AWS certifications (e.g., AWS Certified Security – Specialty, AWS Certified DevOps Engineer – Professional). 

• Experience with container security and Kubernetes (EKS) hardening. 

• Familiarity with CSPM tools (e.g., Wiz, Prisma Cloud, AWS Security Hub) for continuous cloud posture management. 

• Experience managing API gateways (AWS API Gateway, Kong, or similar) including security policy enforcement. 

• Exposure to secrets management solutions (AWS Secrets Manager, HashiCorp Vault). 

• Knowledge of SBOM (Software Bill of Materials) generation and management. 

• Experience with incident response playbooks and tabletop exercises. 
• Familiarity with Agile/Scrum methodologies and cross-functional engineering teams. 

Compensation

The anticipated base salary range for this position is $150,000 annually, plus eligibility for a 15% annual performance bonus. Actual compensation will be determined based on several factors, including skills, experience, education, certifications, and geographic location.

In addition to base salary and bonus eligibility, we offer a competitive benefits package, including medical, dental, vision, 401(k), paid time off, and other employee benefits.