Security Engineer, DevSecOps

About JumpCloud: JumpCloud is an innovative, hyper-growth AI-powered unified IT management platform engineered to secure the modern workforce. By consolidating identity, device governance, and zero-trust access management layers into one continuous software interface, JumpCloud provides intelligent, secure IT that scales seamlessly from human enterprise users to autonomous AI agents. Helping organizations around the globe eliminate multi-platform complexity and transform artificial intelligence risk vectors into optimized corporate advantages, JumpCloud ensures the right individuals and autonomous entities hold secure access to authorized resources at all times.

Position Overview

We are seeking a highly analytical, systems-minded Security Engineer to join our dedicated DevSecOps Team in a full-time remote capacity. In this critical engineering seat, you will hold direct responsibility for designing, developing, and hard-coding software solutions to safeguard high-throughput datasets and cloud infrastructure networks. Moving far beyond basic script execution, you will collaborate alongside SecOps and GRC functions to build automated, secure self-service access paths, manage SIEM logging environments, and deploy cloud safety configurations. This role demands a seasoned developer who treats security as an enabler of corporate innovation and thrives when building automated threat modeling mechanisms directly into the continuous developer workflow.

Key Responsibilities

• Infrastucture & Automation Engineering: Build, refactor, and maintain custom software modules and third-party vendor integrations to support product and cloud infrastructure security demands.
• Cloud Access Engineering: Design and implement automated, self-service privilege escalation workflows and access boundaries across distributed cloud services (AWS and GCP).
• Detection & SIEM Governance: Manage security infrastructure rules, audit layers, and SIEM detections using Infrastructure as Code (IaC) paradigms via Terraform.
• Security Data Pipelines: Construct and operate high-volume forensic log processing pipelines to ensure cost-effective data retention, tracing, and storage compliance.
• Vulnerability & Posture Tuning: Design and optimize custom vulnerability aggregation systems; calibrate Cloud Security Posture Management (CSPM) and container security engines to minimize alert fatigue.
• Software Supply Chain Security: Integrate defensive application security (AppSec) guardrails into the continuous deployment pipeline, pioneering AI-assisted threat modeling automation tools inside GitHub Actions workflows.
• Incident Response Rotation: Serve as an active responder within the team’s on-call rotation pool, executing alert triages and resolving real-time security alerts.

Required Skills & Qualifications

• 4+ years of verified software engineering history with an explicit, demonstrated emphasis on security engineering or infrastructure defense.
• Advanced, production-grade programming proficiency writing clean, high-performance backend logic in Golang or Python (beyond basic scripting).
• Hands-on architectural experience navigating, provisioning, and securing public cloud platforms, specifically AWS or GCP.
• Demonstrated expertise managing declarative cloud infrastructure files using Terraform.
• Practical familiarity customizing continuous integration and continuous deployment automation suites via GitHub Actions.
• Outstanding verbal and written communication mechanics, with absolute fluency in English to collaborate across a global team spanning 15+ countries.
• Location Context: 100% remote-first full-time operational flexibility tailored exclusively for qualified security engineers permanently based within Mexico (including Mexico City, Guadalajara, Monterrey, or Puebla nodes).

Preferred Strategic Indicators (Nice to Have)

• Prior experience evaluating containerized cloud workloads, image signing protocols, or software bill of materials (SBOM) scanning utilities.
• Familiarity with global cybersecurity compliance standards, data privacy laws, or identity management frameworks.

What We Offer

• The exceptional technical canvas to directly secure, optimize, and engineer DevSecOps features for a premier global identity management platform.
• Highly competitive compensation metrics paired with structured paths for professional promotion, skill expansion, and career development.
• Profound work-from-home remote parameters backed by a collaborative, flat-hierarchy engineering environment that deeply values out-of-the-box thinking.
• A mission-driven corporate workplace culture built on human connection, complete autonomy, and seasoned executive board guidance.