DevSecOpsEngineer

ABOUT US At Maxima, we're eliminating the pain of enterprise accounting through powerful integrations, intuitive design, and AI-driven automation. By consolidating processes into a single, easy-to-use platform and automating repetitive tasks, we free accounting teams to focus on strategic, high-impact work—achieving more with fewer resources. Our team is led by top engineers and finance professionals from companies like Robinhood, Bolt, EY, Facebook, Twitter, Netflix, Amazon, Google, Airbnb, Rubrik, and more. Together, we're using our extensive industry experience to transform the way businesses manage their finances. Maxima is backed by leading Silicon Valley investors. We raised the largest seed round in our category, with support from top-tier VCs such as Kleiner Perkins and Audacious Ventures. This funding has allowed us to launch a fully operational product and onboard several major customers. YOUR ROLE AT MAXIMA - Implement and manage DevSecOps practices across the entire Software Development Lifecycle (SDLC), ensuring a "shift-left" approach to security. - Comfortable with Kubernetes and other container orchestration platforms - Design and harden CI/CD pipelines (e.g., GitHub Actions) by implementing minimal permissions and leveraging OIDC with Workload Identity Federation for cloud deployments. - Integrate and enforce security checks, including SAST, dependency scanning, and secret scanning (e.g., using tools like Trufflehog or GitGuardian), to fail builds on high-severity issues. - Secure cloud infrastructure (GCP) by implementing the principle of least privilege for IAM, configuring VPC firewalls to restrict traffic, and using Google Secret Manager. - Manage encryption and key rotation using Cloud KMS, ensuring all secrets are handled securely and not stored in code or plaintext. - Oversee container and artifact hardening, including using multi-stage builds, scanning images for vulnerabilities, and signing artifacts (e.g., Cosign) for supply chain integrit