DevSecOps Engineer

DevSecOps Engineer Straitpoint.com · Agentic AI Startup About the Role We're looking for a DevSecOps Engineer who doesn't just maintain pipelines — they build intelligent ones. At Straitpoint, our infrastructure must be as adaptive as the AI products we ship. You'll be responsible for securing, automating, and scaling our agentic AI systems while leveraging AI tooling to do it faster and smarter than traditional ops ever could.

What You'll Do

Infrastructure & Automation Design and maintain CI/CD pipelines for multi-model AI services (LLM APIs, on-device models, fine-tuned endpoints) Automate infrastructure provisioning using IaC tools (Terraform, Pulumi) with AI-assisted code generation workflows Manage containerized deployments (Docker, Kubernetes) for agentic backend services Maintain cloud infrastructure across AWS, GCP, or Azure with cost-optimization mindset for AI inference workloads Security Engineering Embed security gates into CI/CD pipelines (SAST, DAST, SCA, secret scanning) Conduct threat modeling for agentic AI systems, including prompt injection risks, model supply chain attacks, and data poisoning vectors Implement zero-trust architecture and least-privilege IAM policies across cloud environments Monitor and respond to security incidents using AI-augmented SIEM/SOAR tooling AI-Augmented Operations Use AI coding assistants (Claude, Copilot, Cursor) as a force multiplier in day-to-day engineering work Build or integrate AI agents for automated vulnerability triage, anomaly detection, and incident response Evaluate and adopt AI-powered security tools (e.g., AI-driven SAST, LLM-based log analysis) Contribute to internal agentic tooling — you should be comfortable prompting, chaining, and evaluating LLM-based workflows

Requirements

Must Have 3+ years in DevSecOps, DevOps, or Platform Engineering roles Hands-on experience with CI/CD platforms (GitHub Actions, GitLab CI, CircleCI) Strong proficiency in at least one scripting/infrastructure language (Python, TypeScript, Bash, Go) Experience securing cloud-native environments (AWS preferred) Solid understanding of container security (image scanning, runtime protection, RBAC in Kubernetes) Familiarity with secrets management tools (Vault, AWS Secrets Manager, Doppler) Active user of AI-assisted development tools — this is non-negotiable Nice to Have Experience with ML/AI infrastructure: model registries, inference servers (vLLM, Triton), vector databases Knowledge of Apple platform deployment (TestFlight, App Store Connect, MDM) Background in mobile app security, especially iOS sandboxing and data protection APIs Experience with on-device AI or edge deployment security considerations Familiarity with LLMOps concepts: model versioning, evaluation pipelines, prompt management Relevant certifications: AWS Security Specialty, CKS, CISSP, or equivalent

Mindset We're Looking For

You think in systems, not tickets You're comfortable with ambiguity and moving fast in an early-stage environment You proactively use AI tools to 10x your output rather than waiting to be told to You care deeply about protecting end users — especially when those users are children You treat security as a product feature, not a checklist