DevSecOps Engineer

At Orange Logic, we’ve been solving complex content challenges for over two decades—driven by innovation, curiosity, and a passion for impact, our intelligent Digital Asset Management (DAM) system, Orange Logic Platform, empowers organizations across industries to manage, access, and leverage their digital assets more effectively.  We’re not just building powerful software—we’re building a team of bold thinkers, collaborators, and problem-solvers who care deeply about delivering real value. The DevSecOps Engineer is responsible for embedding security at every stage of the software development lifecycle (SDLC)—from initial design and development to deployment and operations. This role introduces processes, tools, and methodologies that prioritize secure coding practices, infrastructure hardening, automated compliance, and proactive threat detection, while supporting scalability and continuous delivery in cloud-native environments

You Role at Orange Logic: 

• Infrastructure Design & Automation: Design, implement, and maintain secure infrastructure using Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation) with a focus on compliance, cost efficiency, and security.
• Security Integration: Develop and enforce security controls within CI/CD pipelines, integrating automated scanning tools (e.g., SAST, DAST, SCA) to detect vulnerabilities and ensure secure deployments.
• Cloud Management: Architect and manage secure cloud environments (AWS, Azure, GCP), including containerized workloads with hardened images and Kubernetes security policies.
• Monitoring & Incident Response: Implement and manage logging, monitoring, and alerting solutions (e.g., SIEM tools, Prometheus, Grafana) for threat detection and incident response.
• Collaboration & Culture: Promote secure development practices, train teams on emerging security methodologies, and collaborate with stakeholders to ensure security by design.
• Cost Management: Monitor and optimize cloud costs while maintaining security compliance.
  

Ideal Qualifications:

• Technical Proficiency: Expertise in IaC tools (Terraform, CloudFormation), container security (Docker, Kubernetes), and cloud platforms (AWS, Azure, GCP).
• Security Best Practices: Strong knowledge of security frameworks (OWASP, NIST, CIS) and secure development principles.
• Automation & Scripting: Skilled in scripting languages (Bash, Python, PowerShell) for automation and system integration.
• System Administration: Solid experience with Linux/Windows hardening and configuration management tools (Ansible, Chef, Puppet).
• Communication & Collaboration: Excellent communication skills to promote security best practices and collaborate across teams.
• Plus: Familiarity with the .NET platform and secure coding practices is a bonus.
• Strong interpersonal skills and empathy when handling challenging client interactions.

Perks of joining the team: 

• Competitive compensation
• Medical, Dental & Vision Insurance
• Life & Disability Insurance
• 401(k) & Roth with 4% employer match (fully vested)
• 20 Days PTO
• 8 Weeks Parental Leave
• 8 Company Holidays
• Remote Work Environment

Compensation: 

The target compensation for this position is $100,000 - 150,000 in most remote locations. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

How to get started: 

If you're excited by meaningful challenges and want to build something that matters, we encourage you to apply!

‍

Orange Logic is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all our employees.