Lead DevOps
Overview
We are seeking a Senior DevSecOps Engineer to own and continuously improve the security, reliability, observability, and cost efficiency of our cloud and edge infrastructure. This role will lead the configuration and management of Cloudflare (WAF, CDN, rules, logging) and drive AWS security, governance, and cost optimization, while advancing our monitoring, alerting, and incident response practices across multiple observability platforms. This is a hands-on, senior individual contributor role with strong influence over architecture, standards, and operational excellence.
Key Responsibilities
Cloudflare & Edge Security Configure, manage, and optimize Cloudflare services including: Web Application Firewall (WAF) CDN and caching strategies Firewall rules, rate limiting, bot management, and custom rules Analyze Cloudflare logs to identify: Security threats and attack patterns Performance bottlenecks False positives and rule tuning opportunities Partner with engineering teams to safely expose APIs and customer-facing endpoints AWS Security, Governance & Cost Optimization Own AWS security posture, including: IAM best practices and least-privilege access Network security (VPCs, security groups, NACLs) Encryption, key management, and compliance controls Drive AWS cost optimization initiatives: Analyze usage patterns and spend Recommend and implement savings strategies (e.g., right-sizing, reservations, architectural improvements) Establish and maintain security and operational standards across AWS accounts and environments Observability, Logging & Monitoring Design, optimize, and maintain centralized logging and observability across: Amazon CloudWatch New Relic Sumo Logic Cloudflare Improve signal-to-noise ratio by: Reducing redundant or low-value logs Standardizing log formats and metadata Build and refine dashboards, alerts, and SLO/SLI-based monitoring to improve system visibility and reliability Incident Response & Operational Excellence Create, document, and continuously improve incident response processes, including: Detection, escalation, and communication Root cause analysis and post-incident reviews Act as a senior responder for security and availability incidents Drive preventative improvements based on incident learnings Partner with engineering and product teams to embed security and reliability earlier in the development lifecycle Required Qualifications 7+ years of experience in DevOps, SRE, or DevSecOps roles Deep, hands-on experience with AWS in production environments Strong experience managing Cloudflare, including WAF and rule-based security Proven experience with observability platforms such as: CloudWatch New Relic Sumo Logic Strong understanding of: Web security principles (OWASP Top 10, DDoS mitigation, API security) Networking fundamentals (HTTP, TLS, DNS) Experience creating and improving operational processes and runbooks Ability to analyze logs and metrics to drive actionable improvements Strong written communication skills for documentation, incident reports, andrecommendations Preferred / Nice-to-Have Qualifications Experience with infrastructure as code (Terraform, CloudFormation, etc.) Familiarity with eCommerce or high-traffic, customer-facing systems Experience working with CI/CD pipelines and secure deployment practices Knowledge of compliance or regulatory frameworks (PCI, SOC 2, etc.) Experience mentoring engineers or acting as a technical leader What Success Looks Like Cloudflare rules are well-tuned, effective, and low-noise AWS environments are secure, cost-efficient, and consistently governed Logs, dashboards, and alerts provide clear, actionable insights Incidents are detected earlier, resolved faster, and recur less often Security and reliability are embedded into everyday engineering workflows