As a Senior DevSecOps Engineer, you'll lead security architecture and automation on AWS, drive compliance strategies, manage incident response, and enable secure developer practices.
About Wyllo
About the Role
You will
You have
Mindset & Approach
Working at Wyllo
Wyllo is a CX-first, end-to-end risk intelligence platform that helps ecommerce merchants manage fraud, policy abuse, and customer experience across the entire commerce lifecycle. By combining identity signals with behavioral intelligence, Wyllo enables merchants to better understand shopper intent and make smarter decisions across checkout, returns, refunds, and customer support. Wyllo works with leading ecommerce brands and integrates directly into the platforms where merchants manage orders and customer interactions. Learn more at www.wyllo.ai
About the Role
As Senior DevSecOps hire, you'll architect security into every layer of our AWS infrastructure while maintaining the velocity that makes us successful. You'll own our compliance automation strategy for PCI DSS and SOC2, secure our machine learning models from adversarial attacks, and build the security foundation for our next phase of growth.
You will
Security Architecture & Automation (45%)
- Lead design and implementation of enterprise-grade security controls across AWS infrastructure (EC2, ECS, Kubernetes)
- Architect automated security scanning into CI/CD pipelines (Jenkins, GitHub Actions, Harness)
- Design and implement policy-as-code for Terraform infrastructure using Spacelift
- Lead container security strategy including scanning, hardening, and runtime protection (CrowdStrike)
- Mentor team members on security best practices and secure architecture patterns
- Define security roadmap and drive strategic security initiatives
Compliance & Risk Management (25%)
- Lead PCI DSS and SOC2 compliance automation and evidence collection strategy
- Design and maintain continuous compliance monitoring with automated controls
- Conduct comprehensive security assessments and advanced vulnerability management
- Create security documentation, runbooks, and compliance artifacts
- Serve as technical liaison for security audits and assessments
Incident Response & Monitoring (20%)
- Architect and optimize AWS security services (GuardDuty, Security Hub, Inspector)
- Design advanced security monitoring with Datadog SIEM integration
- Lead incident response procedures and conduct post-mortems
- Implement intelligent automated remediation workflows
- Establish security metrics and reporting dashboards
Developer Enablement (10%)
- Build self-service security tools and guardrails for development teams
- Conduct security training and establish security champions program
- Implement frictionless security controls that enable velocity
- Drive security culture across the engineering organization
You have
Technical Skills
- 6+ years securing production AWS environments with deep expertise in IAM, VPC architecture, and AWS security services
- 5+ years mastering Infrastructure as Code with advanced Terraform patterns and security best practices
- Expert-level Python and Bash scripting for complex security automation
- 3+ years hands-on container security (Docker hardening, multi-stage builds, ECS/EKS security)
- Proven experience integrating security into CI/CD pipelines at scale
- Deep knowledge of PCI DSS and SOC2 with hands-on compliance implementation experience
- Experience with security scanning tools (Snyk, Trivy, tfsec, Tenable) and secrets management (Doppler, AWS Secrets Manager)
- Automation-first mentality with demonstrated track record of eliminating toil and manual processes
- Strategic balance between security rigor and business velocity
- Excellent communication skills for working with developers, leadership, auditors, and external stakeholders
- Experience working in high-performance, fast-moving startup environments
Working at Wyllo
We’re a high-performing team that is passionate about fraud and a community driven by values that shape everything we do. We seek passionate and dedicated individuals who align with our core principles; Integrity, Pride, Humility and Impact.
- Integrity: We do the right thing, even when it’s tough, and even if no one sees it. We always consider the customer’s best interest in every decision we make.
- Pride: We know that the work we do is important, and we take great pride in doing it well. We show up every day with the best intentions, ready to deliver superb outcomes for our team, our customers, and ourselves.
- Humility: We leave our egos at the door, approaching problems as a team, with openness and collaboration. We’re willing to be wrong in order to get things right.
- Impact: We are results-oriented, we take ownership, and we hold ourselves accountable to get things done and deliver results.
If you are excited to collaborate in a fast-paced, purpose-driven environment where your contributions truly matter, we’d love to have you join us!
Equal Employment Opportunity
Wyllo LLC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics, sexual orientation, political affiliation, military veteran status, domestic violence victim status, or any other protected characteristic under applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Top Skills
AWS
Aws Secrets Manager
Bash
Crowdstrike
Datadog
Doppler
Ec2
Ecs
Github Actions
Harness
Jenkins
Kubernetes
Python
Snyk
Spacelift
Tenable
Terraform
Tfsec
Trivy
Similar Jobs
Machine Learning • Security • Software • Analytics • Defense
The Senior DevOps Engineer will establish CI/CD infrastructure for embedded systems, manage deployment environments, and support software development teams with automation and testing frameworks.
Top Skills:
BashCi/CdCmakeConanDockerGitJenkinsKubernetesPython
Machine Learning • Security • Software • Analytics • Defense
As a Senior DevOps Engineer, you will design and maintain CI/CD pipelines, automate deployment processes, and support software development teams for embedded systems.
Top Skills:
C/C++Ci/CdCmakeConanDockerGitGitlab CiJenkinsKubernetesMakePython
Machine Learning • Security • Software • Analytics • Defense
As a Senior DevOps Engineer, you will build and maintain CI/CD infrastructure, implement automation for software deployment, and support software development teams in multi-language projects.
Top Skills:
BashCi/CdCmakeConanDockerGitlab CiKubernetesPython
What you need to know about the Chicago Tech Scene
With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.
Key Facts About Chicago Tech
- Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
- Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
- Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
- Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory
