DevSecOps Engineer

About Sphinx Defense: Sphinx builds cutting-edge software platforms to solve complex national security and defense problems in Space. Founded by elite engineers and technologists with deep experience across commercial tech and tactical defense systems, we were frustrated by the outdated, insecure, and siloed software America service members are forced to rely on. We are here to do better. We focus on building modern, highly scalable, and cloud-native products with an emphasis on using open-source architectures. Expect a transparent, collaborative, and highly mission-driven ecosystem where individual responsibility and engineering excellence are deeply valued.

Position Overview

We are seeking a highly analytical, automation-driven, and security-focused DevSecOps Engineer to join our core engineering cell under a permanent, full-time remote layout open across the United States. In this high-leverage infrastructure role, you will act as an early team member claiming absolute cloud-native architecture governance, CI/CD pipeline security integration, and platform resilience accountability across our space-focused software environments. Shifting completely away from standard user interface styling, clerical data entry logs, or basic back-office helpdesk support, you will run an active infrastructure-as-code, container admission control, and log aggregation monitoring laboratory—partnering closely with distributed software engineers. This position requires an engineering authority with 5+ years of experience who structures software delivery layers fluidly natively using DevOps and cybersecurity mechanics, evaluates container risks cleanly across live Kubernetes nodes, manages identity provider configurations systematically, and deploys automated policy-as-code rules confidently to safeguard national security infrastructure.

Key Responsibilities

• Cloud Infrastructure Hardening: Configure, deploy, and govern end-to-end cloud-native security controls across multi-region AWS environments and scalable production-grade Kubernetes clusters natively utilizing DevOps architectures.
• CI/CD Pipeline Security Automation: Integrate advanced security scanning, static/dynamic code analysis, and vulnerability detection tools cleanly into existing GitLab CI/CD software development pipelines.
• Infrastructure as Code (IaC): Implement, manage, and optimize scalable, secure infrastructure deployments using automated configuration frameworks like Terraform to eliminate configuration drift.
• Admission Control & Policy as Code: Formulate and maintain container security rules and guardrails using native Kubernetes security solutions including NeuVector and Kyverno.
• Identity & Log Telemetry Governance: Supervise centralized access structures across identity management systems like Okta, while configuring comprehensive log aggregation, real-time alerting, and event monitoring via Sumo Logic.
• Compliance & Incident Triage: Support ongoing security compliance initiatives, coordinate routine vulnerability assessment programs, and actively contribute to technical incident response and threat detection efforts.

Required Skills & Qualifications

• A minimum of 5+ years of proven professional history operating inside a DevSecOps, Cloud Security, Site Reliability Engineering (SRE), or DevOps capacity.
• Mandatory Container Mastery: Direct, practical production experience administering, scaling, and securing containerized applications within active Kubernetes environments.
• Hands-on capability writing and maintaining clean infrastructure configuration scripts leveraging Terraform or identical IaC platforms.
• Proven background building and securing automated continuous integration and continuous deployment pipelines (specifically using GitLab CI/CD models).
• Outstanding verbal and written communication strengths, demonstrating a high capacity to break down abstract threat vectors logically and collaborate cross-functionally across engineering cohorts.
• Location Context: Position operates under remote guidelines open to technical practitioners residing permanently within the USA.

Preferred Strategic Indicators (Nice to Have)

• Prior experience supporting software deployments within the Department of Defense (DoD), national security complexes, or highly regulated defense-tech ecosystems.
• Possess an Active Secret or TS/SCI security clearance, or demonstrate the absolute eligibility to immediately obtain one.
• Familiarity with Zero-Trust network architecture principles, software supply chain security monitoring, and secure artifact repositories such as Nexus.

What We Offer

• Attractive Defense-Tech Compensation Scale: A competitive annual base salary range of $140,000 - $160,000 USD, supplemented by a structured quarterly performance bonus and equity ownership options.
• 100% remote workspace flexibility across the United States, allowing you to secure national space infrastructure from your home office.
• 100% Premium Corporate Health Coverage: Fully subsidized medical, dental, and vision insurance premiums extending across you and your dependents.
• Retirement savings security through a company-backed 401(k) employer contribution plan alongside Health Savings Accounts (HSA).
• Flexible Paid Time Off (PTO) policy combined with adaptable remote work schedules to ensure sustainable engineering velocity.