SIFT

data infrastructure

SoftwareEngineer,DevSecOps

$170–220k Marina Del Rey, California, United States; San Francisco, California, United States FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Software Engineer, DevSecOps at SIFT. Skills: Security engineering, Platform/DevSecOps, Cloud infrastructure, Security automation, Cloud-native environments, Infrastructure as Code, Containerized environments, CI/CD systems. Build and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across AWS cloud environments, Kubernetes clusters, and CI/CD pipelines. Develop lightweight internal solutions (e.g., policy-as-code, custom scan”

What You'll Achieve.

Define the security posture, architecture, and practices; Own SIFT’s security posture end-to-end; Set the standard for how we protect our systems and data; Ensuring resilience against modern threats; Make security and compliance automatic, auditable, and invisible; Secure-by-default becomes the path of least resistance; Reduce toil by automating security workflows, compliance validation, and remediation; Accelerate detection and recovery

Industry & Context.

data infrastructure

Problems you'll solve

Ability to quickly assess system state, identify meaningful gaps, and deliver pragmatic, high-impact solutions; Problem-solving skills with a builder mindset

Eligibility Requirements

U. S. Person Required: Must be a U. S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.

What They're Looking For.

Must Have

4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles, Proven track record shipping production-grade security automation in cloud-native environments (AWS strongly preferred), Deep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems, Proficiency in scripting and automation (Python, Go, Bash, or similar), Hands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems, Working knowledge across core security domains: Access control, identity management, and least-privilege enforcement; Logging, monitoring, auditing, and security observability; Encryption, key management, and secrets handling; Vulnerability scanning, policy-as-code, and continuous compliance; Incident response and change management, Ability to quickly assess system state, identify meaningful gaps, and deliver pragmatic, high-impact solutions in a fast-moving environment, Comfort operating as a founding security engineer, Problem-solving skills with a builder mindset

Nice to Have

Founding or early-stage security builder experience strongly preferred, AWS strongly preferred, Bias toward building custom tooling over relying solely on off-the-shelf products

What You'll Do.

Build and maintain tooling

and automation that assess

and monitor security and compliance controls across AWS cloud environments

Develop lightweight internal solutions (e.g.

Embed security guardrails directly into infrastructure-as-code (Terraform)

container orchestration

and deployment workflows

Harden cloud-native systems

implement access controls

and vulnerability management at scale

Improve visibility into overall security posture through automated reporting

and real-time observability

Translate compliance requirements (SOC 2

and related frameworks) into pragmatic

enforceable technical implementations

Automate security workflows

compliance validation

Support incident response and post-incident improvements by building better observability and tooling

Conduct security reviews of new features

and infrastructure changes

How You'll Work.

Team & Collaboration

Partner closely with the infrastructure and platform engineering teams; Partnering with external compliance specialists; Providing clear guidance that helps teams design and implement secure solutions

Full Job Description

ABOUT SIFT SIFT is the data infrastructure platform for hardware engineering teams. SIFT turns high-frequency telemetry into engineering insights for mission-critical systems. Teams use Sift to build and operate rockets, satellites, autonomous vehicles, energy systems, defense platforms, and more. Founded by former SpaceX engineers who built the tools behind Dragon and Starlink, Sift is building the data infrastructure to herald the AI era for physical systems. About the Role As a Software Engineer, Security Infrastructure, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments. You will be both hands-on and strategic, building controls, automating compliance, and owning SIFT’s security posture end-to-end, with technical security engineering as the primary focus. You will set the standard for how we protect our systems and data, ensuring resilience against modern threats while partnering with external compliance specialists to meet the requirements of aerospace, defense, and enterprise sectors. In This Role, You’ll: - Build and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across our AWS cloud environments, Kubernetes clusters, and CI/CD pipelines. - Develop lightweight internal solutions (e.g., policy-as-code, custom scanners, CI/CD integrations) that make security and compliance automatic, auditable, and invisible to the rest of engineering. - Embed security guardrails directly into infrastructure-as-code (Terraform), container orchestration, and deployment workflows so that secure-by-default becomes the path of least resistance. - Partner closely with the infrastructure and platform engineering teams to harden cloud-native systems, implement access controls, encryption, logging/monitoring, and vulnerability management at scale. - Improve visibility into our o

Free ATS check

Applying for this Software Engineer, DevSecOps role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 54 detected · ranked by frequency

Infrastructure as Code ×3

Containerized environments ×3

Scripting ×3

Automation ×3

Infrastructure as Code implementation ×3

Container orchestration ×3

Deployment workflow security embedding ×3

Cloud-native system hardening ×3

Access control implementation ×3

Encryption implementation ×3

Logging/monitoring implementation ×3

Vulnerability management ×3

Automated reporting ×3

Dashboards ×3

Real-time observability ×3

Incident response support ×3

Observability tooling ×3

Security tooling ×3

Security engineering ×2

Platform/DevSecOps ×2

Cloud infrastructure ×2

Security automation ×2

Cloud-native environments ×2

CI/CD systems ×2

Kubernetes ×2

Terraform ×2

Python ×2

Go ×2

Bash ×2

AWS

CI/CD pipelines

Access control

BEHAVIOURAL

Thrive in ambiguityFocus on enabling velocity

Role Details

Experience 4–7 yrs

Level Senior

Work Mode Hybrid

Type FULL TIME

Category engineering

Salary Band 150k-200k

AI-Extracted Insights

Domain Areas

soc-2fedrampaerospacedefenseenterprise-sectors

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about SIFT?

Real rants from real employees. Read before you apply.

Read Company Rants →