Senior DevSecOps Engineer

Role Overview

Tunnl is seeking a highly skilled, security-minded Senior Dev Sec Ops  Engineer to help design, build, and secure our cloud infrastructure and software delivery pipelines. You will partner closely with software engineering, data science / machine learning, data engineering, cyber/security, and platform teams to create a secure, scalable, resilient foundation for solutions that support some of society’s biggest challenges.

This role blends deep Dev Ops engineering capability with security-first thinking. You will embed security controls into CI/CD, automate compliance guardrails, and raise the bar for infrastructure reliability and cloud security practices across AWS (with awareness of CLOUD best practices). You will help ensure that security, governance, and operational excellence are built into how Tunnl ships software, not bolted on afterward.

If you thrive at the intersection of cloud engineering, automation, and applied security, this role will be a strong fit.

• Establish and enforce cloud security standards across AWS, including IAM, network segmentation, encryption, secrets management, and secure workload patterns.
• Implement continuous security posture monitoring aligned to the AWS Well-Architected Framework and security best practices (e.g., CIS benchmarks, NIST guidance, ISO principles).
• Design automated guardrails for vulnerability management, patching, configuration drift detection, key rotation, and secrets lifecycle management.
• Improve detection and response readiness through centralized logging, alerting, and security event workflows.
• Own the technical engagement with security and data privacy auditors, serving as Tunnl’s primary point of contact for infrastructure, cloud security, and Dev Sec Ops  controls.

• Architect and maintain CI/CD pipelines with built-in security scanning and enforcement (SAST/DAST, dependency scanning, IaC scanning, artifact signing, policy-as-code).
• Implement repeatable, secure infrastructure deployment using Infrastructure-as-Code (Terraform and/or equivalent tooling).
• Build and maintain containerized and cloud-native deployment environments (Docker, Kubernetes and/or ECS/Fargate) with hardened images, runtime controls, and supply chain protections.
• Improve developer experience by making secure workflows easy, fast, and consistent across engineering teams.

• Help define and implement standards for availability, backup/restore, disaster recovery, and operational maturity.
• Partner with engineering leadership to evolve incident response practices including on-call readiness, runbooks, and post-incident learning loops.
• Proactively identify reliability/security risks, prioritize remediation, and drive cross-team follow-through.

• Partner across software, data, and cyber teams to ensure security requirements are integrated into system design and delivery.
• Serve as a trusted advisor to engineering leadership on cloud security strategy, risk tradeoffs, and platform evolution.
• Coach engineers on Dev Sec Ops  patterns, secure-by-default architecture, and operational excellence.
• Communicate clearly with both technical and non-technical stakeholders to build trust and adoption of platform/security initiatives.
• Contribute to Tunnl’s mission and culture through principled execution, respectful collaboration, and high ownership.

• 5+ years of experience in Cloud Engineering, Dev Ops, SRE, Platform Engineering, or Dev Sec Ops , with strong focus on security and automation.
• Demonstrated senior-level ownership of cloud infrastructure and CI/CD systems supporting production workloads.

• Deep knowledge of AWS core infrastructure and security services (e.g., IAM, VPC, EC2, RDS, Dynamo
  
  DB, Lambda, SQS/SNS, ECS/ECR, Cloud Trail, Config, Security Hub, Inspector).

• Strong knowledge of IAM design, network security controls, encryption systems (KMS, key rotation), secrets management, and secure service-to-service access patterns.
• Experi…