Senior DevSecOps Engineer

Senior DevSecOps Engineer About Klarity Klarity (YC S18) is the Enterprise Instinct platform. TL;DR: Series B, $91M raised, 7x growth last year. Enterprises still rely on consultants to figure out how they operate – months of work, millions spent, and outdated before the ink dries. We built a better way. Our AI discovers how work actually happens across every team and application, Structures it into a living Context Graph, and Improves it continuously. ServiceNow mapped 900+ processes in 9 days. DoorDash captured 3,800+ finance operations in 14 weeks, replacing a 2-year engagement. That's not a project. That's compounding intelligence. OpenAI, Google, DoorDash, and Stripe use Klarity to transform how they transform. We shipped GPT-4 document chat within 12 hours of OpenAI's API launch. Speed and quality aren't a tradeoff here – they're the standard. THE ROLE We’re hiring a Senior DevSecOps Engineer to own and evolve Klarity’s cloud infrastructure, security posture, and deployment operations. This is a foundational, hands-on role: you’ll architect multi-tenant and single-tenant deployment models, harden our security and compliance surface, automate everything that can be automated using state-of-the-art AI, and ensure our platform can scale reliably as we cater to hundreds of enterprise customers. You’ll work at the intersection of infrastructure engineering, application security, and platform reliability—partnering closely with backend engineers, product, and leadership to make sure that every line of code we ship lands on infrastructure that is secure, observable, and ready for the most demanding customers in the world. Note: We do not require a CS or Engineering degree. We care about your ability to ship, your systems thinking, and evidence of strong execution—whether through production work, open-source contributions, certifications, or battle-tested operational experience. WHO YOU ARE - Infrastructure engineer with a security-first mindset – You design, build, and operate cloud infrastructure that is secure by default, not secured as an afterthought. You think in terms of blast radius, least privilege, and defense in depth. You’ve built and maintained production infrastructure on AWS (and ideally GCP or Azure) serving enterprise-grade workloads. You know how to make infrastructure reproducible, auditable, and self-healing. You’ve built CI/CD pipelines that teams actually trust, written infrastructure as code that other engineers can read and extend, and designed deployment workflows that make shipping safe and fast. - You’ve worked across tenancy patterns – You’ve designed or operated platforms that serve multiple tenants with strong data isolation and can articulate the tradeoffs between shared infrastructure, siloed namespaces, and fully dedicated environments. You understand tenant isolation at every layer: network, compute, storage, and application. You’ve navigated the complexity of deploying the same application across multi-tenant SaaS, single-tenant dedicated, and hybrid (split control-plane / data-plane) topologies. - Security engineer who thinks like an attacker – You proactively identify and close security gaps before they become incidents. You’ve implemented secrets management, vulnerability scanning, SAST/DAST pipelines, runtime threat detection, and incident response playbooks. You understand supply chain security, container hardening, and network segmentation at a deep level. You’ve been the person the team turns to when a security incident needs triaging at 2 AM. - Well versed with compliance and governance – You’ve worked in environments that require SOC 2, ISO 27001, HIPAA, FedRAMP, or similar frameworks and you understand how to translate compliance requirements into engineering controls. You can build audit trails, access logs, and policy-as-code systems that satisfy auditors without slowing down developers. You’ve helped a company achieve or maintain at least one major compliance certif ... (truncated, view full listing at source)