• Maintain a high security bar for new and existing infrastructure in your capacity as an infrastructure and logging expert. • Design, implement, and maintain robust AWS infrastructure to support Tactacam's services and applications. • Help us implement DevOps best practices across various software teams, as we continue to prove the value of the “shift left” and “self service”. • Collaborate with backend, frontend, hardware, BI, and ERP teams across multiple product lines to streamline workflows and tooling for developer and DevOps use. • Help refine and maintain monitoring and “monitoring-adjacent” tooling to help triage issues, estimate impact, establish root cause, and resolve issues efficiently. • Develop and manage CI/CD pipelines using GitHub Actions to automate software deployments and ensure code quality. • Help us manage our fleet of end-user devices by building robust processes around internal and vendor-provided tooling. • Contribute to identifying unmanaged infrastructure and resources, and build IAC and monitoring around those ghost resources, improving AWS governance. • Help monitor and manage AWS and other cloud costs. • Stay up-to-date with industry trends and emerging technologies, recommending innovative solutions to enhance our DevOps practices.

• Design, configure, and maintain end-to-end automated pipelines using Azure DevOps for both standard applications and Salesforce-specific workflows • Lead release management activities for Salesforce, including metadata management, environment synchronization, and sandbox refreshes • Partner with development, QA, and security teams to align DevOps strategies with business needs and resolve deployment blockers • Implement observability and security scanning within pipelines to ensure system health and compliance • Create and manage user access in ADO and Salesforce platforms • Mentor engineers on CI/CD, tooling, and best practices; contribute to internal playbooks and KT assets for onboarding/new joiners

Role Description WWT Digital is building a joint AI + Security practice and needs a Senior DevSecOps Engineer to anchor delivery of our CI/CD Security Baseline offering (DIG-APS-01). You will work alongside WWT's Global Security team and our AI-native delivery squads to embed automated security tooling into client SDLC environments — from initial assessment through hardened pipeline design and handoff. This is a client-facing, hands-on engineering role. Responsibilities - Assess and instrument client CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps) with SAST, DAST, SCA, and secrets scanning tools - Implement SBOM generation workflows and license compliance gates - Configure and tune tooling (Snyk, Semgrep, Checkov, Trivy, SonarQube, OWASP ZAP, Veracode, or equivalents) to reduce false positive rates and drive developer adoption - Define security gates, policy-as-code frameworks, and break/fix thresholds appropriate to client risk tolerance - Translate findings into remediation roadmaps that engineering teams can act on without security expertise - Work with WWT Security architects on shared delivery engagements and co-present findings to client CISOs and engineering leadership Qualifications - 4–7 years hands-on with CI/CD platforms — specifically security integration, not just DevOps - Deep familiarity with SAST/DAST/SCA tooling and the tradeoffs between them in different pipeline contexts - IaC security scanning (Terraform, Bicep, CloudFormation via Checkov, tfsec, or equivalents) - Secrets management: HashiCorp Vault, AWS Secrets Manager, GitHub Advanced Security secret scanning - Container and image scanning: Trivy, Grype, Clair, or equivalents - Can write pipeline-as-code — not just configure existing pipelines - Experience translating security findings for developer audiences, not just security teams - Bonus: AI-generated code scanning, SBOM tooling (Syft, CycloneDX), software supply chain security (SLSA) - Bonus: prior consulting or professional services background — client management and scoping matter Requirements - Want to learn more about Consulting & Security Services? Check us out on our platform: WWT Consulting Services - Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $100,000 to $130,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay. Benefits - Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program - Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement - Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement - Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

• Further expand and optimize our cloud infrastructure on Azure and our Kubernetes clusters - designed for high throughput and highest availability - to support Flip's rapid growth across the globe. • Design and implement zero-downtime deployments, rollback mechanisms and disaster-recovery strategies that keep our platform available around the clock. • Evolve our LGTM stack (Loki, Grafana, Tempo, Mimir) to give every team the visibility they need - and use it to define and optimize our SLOs. • Design, develop and optimize infrastructure as code with Pulumi in Go, eliminating toil and making our platform self-service for engineering teams. • Promote CI/CD best practices, incident management, post-mortems and developer experience across the entire engineering organization. • Collaborate with your squad and engineering leadership to define the platform's direction - from scalable, high-throughput systems and cost optimization to security posture and compliance.