Job Summary:
Hyperproof is on a mission to transform the Governance, Risk, and Compliance (GRC) world with a powerful new software platform. They are seeking a Senior DevSecOps Engineer to lead the management and optimization of their Azure-based infrastructure across commercial and FedRAMP regions.
Responsibilities:
• Develop and execute DevOps strategy tailored to all Hyperproof regions, including our FedRAMP-authorized environments.
• Own and evolve our Terraform/Terragrunt IaC pipeline for multi-subscription promotion, including continuous monitoring
• Architect secure, scalable platform infrastructure including GitHub Actions, GitLab, and ADO CI/CD pipelines with security gates, Kubernetes environments, observability systems, and compliance automation that enables developer velocity while maintaining continuous compliance posture.
• Support FedRAMP authorization activities: contribute to SSP documentation, NIST 800-53 control implementations, 3PAO coordination, and readiness assessments while establishing repeatable processes.
• Lead the design and security implementation of our Seattle-based on-premise build/test platform. You will ensure that physical hardware configurations (firmware, networking, and storage layout) maintain parity with our Azure Kubernetes Service (AKS) patterns while meeting strict SOC 2 compliance standards for local developer workflows.
• Establish security and compliance architecture patterns across encryption, network segmentation, secrets management, supply chain security, and incident response.
• Drive technical decisions and technology selection for cloud platforms, compliance tooling, and security controls.
• Mentor and raise the technical bar across engineering teams through architecture reviews, design discussions, and establishing FedRAMP best practices.
• Partner with security, product, and business leadership to translate federal customer requirements into technical architecture and deliver measurable improvements in security posture and operational efficiency.
• Monitor, triage, and remediate CVEs and security vulnerabilities across infrastructure, container images, and dependencies — maintaining compliance with FedRAMP continuous monitoring requirements.
Qualifications:
Required:
• U.S. citizenship, residing and working from within the United States.
• BS in Computer Science, Engineering, or a related field (or equivalent experience).
• 5+ years of extensive experience in SRE, DevSecOps or Platform engineering roles, with a focus on managing Azure-based infrastructure.
• Demonstrated knowledge and interest in applying AI technologies towards fully or partially automating compliance & security workflows.
• Strong programming skills (Python, Bash, Go, or Node.js) and demonstrated ability to drive complex technical initiatives from architecture through production.
• Expertise in modern platform technologies: Kubernetes security, infrastructure-as-code (Terraform/Terragrunt), GitOps (Helm/ArgoCD/Flux), Ansible, CI/CD security, observability systems, and secrets management.
• Familiarity with compliance standards and regulations, particularly NIST 800-53 and FedRAMP.
• Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
• A positive attitude and a willingness to learn, adapt, collaborate, and grow in a dynamic environment.
Preferred:
• Experience contributing to FedRAMP authorization efforts (Moderate or High), including SSP documentation, control implementation, or 3PAO coordination.
• Experience with Azure networking, and security boundaries.
• Experience with compliance automation, supply chain security (SBOM, image signing), or secrets management at scale.
• Professional certifications: CISSP, Azure Security Specialty, CKS, or equivalent.
• Familiarity with CMMC, OSCAL, or compliance-as-code practices.
• Experience with vulnerability scanning and remediation tooling (e.g., Trivy, Snyk, Qualys, or Defender for Cloud).
• Advanced degree in Computer Science or related field, or equivalent experience architecting secure, compliant platforms at scale.
Company:
Hyperproof is a cloud-based compliance operations software that collects evidence automatically and manages a compliance program. Founded in 2018, the company is headquartered in Bellevue, USA, with a team of 51-200 employees. The company is currently Growth Stage.