- Professional
- Escritório em Redwood City
Company Description:
Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations. At the center of it is an omnipresent, intelligent, and multilingual Anomali Copilot that automates important tasks and empowers your team to deliver the requisite risk insights to management and the board in seconds. The Anomali Copilot navigates a proprietary cloud-native security data lake that consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention.
Do more with less. Be Different. Be the Anomali.
Job Description:
DevSecOps Engineer
We’re looking for a DevSecOps Engineer to take a lead role in securing and scaling our AWS-based SaaS platform. You’ll own the end-to-end cloud security posture, embed security into our CI/CD pipelines, and collaborate closely with Pen Testing and Red Teams to ensure a
robust, proactive security defense.
What You'll Do:
• Build and maintain defense-in-depth strategies across AWS and Kubernetes (WAF, NACLs, IAM, encryption, segmentation).
• Integrate security automation into CI/CD (SAST, DAST, dependency and container scanning).
• Partner with Pen Testers and Red Teams on offensive testing, threat modeling, and vulnerability remediation.
• Drive continuous compliance with SOC 2, GDPR, and FedRAMP standards.
• Implement and monitor cloud security controls with AWS Security Hub, GuardDuty, CloudTrail, and CloudWatch.
• Secure secrets and credentials with AWS Secrets Manager, Vault, or SSM Parameter Store.
• Define and enforce security guardrails through Infrastructure as Code (Terraform / CloudFormation).
• Lead incident response, security reviews, and risk assessments.
Qualifications:
Required Skills/Experience:
• 3+ years in DevSecOps / Cloud Security / Infrastructure Security.
• Deep hands-on experience with AWS (EKS, IAM, VPC, RDS, Lambda, etc.) and Kubernetes security (RBAC, Network Policies, Admission Controllers).
• Solid grasp of network security and Zero Trust principles.
• Proven collaboration with Pen Testing / Red Team operations.
• Proficiency in Terraform, CloudFormation, or Pulumi.
• Familiarity with CIS Benchmarks, NIST 800-53, OWASP Top 10.
• Scripting skills in Python, Bash, or Go.
• AWS Certified Security – Specialty, CKS, or CKAD.
• Experience with Aqua, Prisma Cloud, Trivy, Falco, or Snyk.
• Background in multi-tenant SaaS or multi-account AWS environments.
• This position is an onsite/hybrid role. Currently, the team is working Mon/Tue/Wed onsite in Redwood City, CA.
• This position does have an on-call rotation. ~One week on-call every month, as this responsibility is shared across the team. This position is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future, require visa sponsorship to work in the United States.
Company Description:
Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations. At the center of it is an omnipresent, intelligent, and multilingual Anomali Copilot that automates important tasks and empowers your team to deliver the requisite risk insights to management and the board in seconds. The Anomali Copilot navigates a proprietary cloud-native security data lake that consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention.
Do more with less. Be Different. Be the Anomali.
Job Description:
DevSecOps Engineer
We’re looking for a DevSecOps Engineer to take a lead role in securing and scaling our AWS-based SaaS platform. You’ll own the end-to-end cloud security posture, embed security into our CI/CD pipelines, and collaborate closely with Pen Testing and Red Teams to ensure a
robust, proactive security defense.
What You'll Do:
• Build and maintain defense-in-depth strategies across AWS and Kubernetes (WAF, NACLs, IAM, encryption, segmentation).
• Integrate security automation into CI/CD (SAST, DAST, dependency and container scanning).
• Partner with Pen Testers and Red Teams on offensive testing, threat modeling, and vulnerability remediation.
• Drive continuous compliance with SOC 2, GDPR, and FedRAMP standards.
• Implement and monitor cloud security controls with AWS Security Hub, GuardDuty, CloudTrail, and CloudWatch.
• Secure secrets and credentials with AWS Secrets Manager, Vault, or SSM Parameter Store.
• Define and enforce security guardrails through Infrastructure as Code (Terraform / CloudFormation).
• Lead incident response, security reviews, and risk assessments.
Qualifications:
Required Skills/Experience:
• 3+ years in DevSecOps / Cloud Security / Infrastructure Security.
• Deep hands-on experience with AWS (EKS, IAM, VPC, RDS, Lambda, etc.) and Kubernetes security (RBAC, Network Policies, Admission Controllers).
• Solid grasp of network security and Zero Trust principles.
• Proven collaboration with Pen Testing / Red Team operations.
• Proficiency in Terraform, CloudFormation, or Pulumi.
• Familiarity with CIS Benchmarks, NIST 800-53, OWASP Top 10.
• Scripting skills in Python, Bash, or Go.
• AWS Certified Security – Specialty, CKS, or CKAD.
• Experience with Aqua, Prisma Cloud, Trivy, Falco, or Snyk.
• Background in multi-tenant SaaS or multi-account AWS environments.
• This position is an onsite/hybrid role. Currently, the team is working Mon/Tue/Wed onsite in Redwood City, CA.
• This position does have an on-call rotation. ~One week on-call every month, as this responsibility is shared across the team. This position is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future, require visa sponsorship to work in the United States.
Company Description:Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations. At the center of it is an omnipresent, intelligent, and multilingual Anomali Copilot that automates important tasks and empowers your team to deliver the requisite risk insights to management and the board in seconds. The Anomali Copilot navigates a proprietary cloud-native security data lake that consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention. Do more with less. Be Different. Be the Anomali.Learn more at http://www.anomali.com.Job Description: DevSecOps EngineerWe’re looking for a DevSecOps Engineer to take a lead role in securing and scaling our AWS-based SaaS platform. You’ll own the end-to-end cloud security posture, embed security into our CI/CD pipelines, and collaborate closely with Pen Testing and Red Teams to ensure arobust, proactive security defense. What You'll Do:• Build and maintain defense-in-depth strategies across AWS and Kubernetes (WAF, NACLs, IAM, encryption, segmentation).• Integrate security automation into CI/CD (SAST, DAST, dependency and container scanning).• Partner with Pen Testers and Red Teams on offensive testing, threat modeling, and vulnerability remediation.• Drive continuous compliance with SOC 2, GDPR, and FedRAMP standards.• Implement and monitor cloud security controls with AWS Security Hub, GuardDuty, CloudTrail, and CloudWatch.• Secure secrets and credentials with AWS Secrets Manager, Vault, or SSM Parameter Store.• Define and enforce security guardrails through Infrastructure as Code (Terraform / CloudFormation).• Lead incident response, security reviews, and risk assessments.Qualifications:Required Skills/Experience:• 3+ years in DevSecOps / Cloud Security / Infrastructure Security.• Deep hands-on experience with AWS (EKS, IAM, VPC, RDS, Lambda, etc.) and Kubernetes security (RBAC, Network Policies, Admission Controllers).• Solid grasp of network security and Zero Trust principles.• Proven collaboration with Pen Testing / Red Team operations.• Proficiency in Terraform, CloudFormation, or Pulumi.• Familiarity with CIS Benchmarks, NIST 800-53, OWASP Top 10.• Scripting skills in Python, Bash, or Go.• AWS Certified Security – Specialty, CKS, or CKAD.• Experience with Aqua, Prisma Cloud, Trivy, Falco, or Snyk.• Background in multi-tenant SaaS or multi-account AWS environments.• This position is an onsite/hybrid role. Currently, the team is working Mon/Tue/Wed onsite in Redwood City, CA.• This position does have an on-call rotation. ~One week on-call every month, as this responsibility is shared across the team. This position is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future, require visa sponsorship to work in the United States.
Equal Opportunities Monitoring
It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual's disability, race, religion, sex, age or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented.
If you are interested in applying for employment with Anomali and need special assistance or accommodation to apply for a posted position, contact our Recruiting team at [email protected].
Compensation Transparency
$145,000 - $170,000 USD
Please note that the annual base salary range is a guideline and, for candidates who receive an offer, the base pay will vary based on factors such as work location, as well as, knowledge, skills and experience of the candidate. In addition to base pay, this position is eligible for benefits, and may be eligible for equity.
Candidatar-se agora
