With five decades of trust and market leadership, Bankrate is transforming into an AI-powered fintech platform that puts consumers in control—connecting them to the best financial products to save more, earn more, and get ahead faster.
Senior DevSecOps Engineer
Location
United States
Posted
2 days ago
Salary
$130K - $225K / year
Seniority
Senior
Job Description
Senior DevSecOps Engineer
Bankrate
*This role is open to remote or hybrid candidates (East Coast preference), with hybrid being central to our New York, NY or Charlotte area offices. Must be able to work Eastern Standard Time hours. Platform Engineering builds the foundations our product teams ship on — deployment, infrastructure, and security. We're hiring a DevSecOps Engineer to be the technical owner of our security posture and a force multiplier for every engineer at the company. This is a build-the-function role, not a ticket-taking role. You'll treat security as code, bake it into the development lifecycle, and automate the toil away so teams can ship fast and safely. You'll have unusually broad ownership and unusually high impact. What You’ll Do: - Own the engineering side of our compliance program (SOC 2 Type 2): implementing controls, collecting evidence, and keeping us audit-ready. - Operate our compliance automation platform — integrations, evidence pipelines, and mapping controls to real implementation. - Productize compliance: policy-as-code, automated evidence generation, and guardrails so passing audits doesn't slow product delivery. - Own cloud security posture management and runtime security tooling: posture monitoring, container and IaC scanning, and runtime coverage across our environment. - Triage and remediate findings against demanding SLAs, and design the automation and alerting that keeps pace with volume manual effort can't. - Build auto-remediation workflows — including AI-assisted pipelines — that detect, file, and (where safe) fix findings with minimal human intervention. - Build and maintain CI/CD security gates: SAST/SCA, secret scanning, SBOM generation, dependency management, and container/IaC scanning — implemented as reusable pipeline components and enforced through automated policy. - Encode security and compliance controls into infrastructure-as-code and policy-as-code so the easy path is the secure path. - Help close the prototype-to-production gap: turn fast-moving prototypes into production-grade, secure-by-default systems with automated guardrails. - Make secure-by-default the norm through our internal tooling, so the right controls are applied automatically rather than relying on engineers to remember. - Build the automation the team runs on — reusable modules, pipeline components, and AI/agentic tooling that turn manual security work into self-service capability. - Partner with corporate security and GRC functions while building and maturing our in-house security capability, so the team can make sound security decisions quickly and independently What We’re Looking For: - 5+ years in security engineering, DevSecOps, or platform/infrastructure engineering with a strong security focus (Staff level: 8+ years and a track record of building security functions or programs). - Deep hands-on cloud security experience (compute, networking, IAM, key management, logging) on a major cloud provider. - Strong infrastructure-as-code skills, especially Terraform, including policy-as-code. - Proven CI/CD security experience: building pipeline security controls (SAST/SCA, secret scanning, dependency and container scanning) into developer workflows. - Hands-on vulnerability management at scale: triage, prioritization, SLA-driven remediation, and the automation to make it sustainable. - Working knowledge of SOC 2 (or comparable frameworks) and what it takes to implement and evidence controls in a real engineering environment. - Fluency with the categories of modern cloud security tooling — CSPM, ASPM/SAST and secret scanning, compliance automation, and SIEM (e.g., tools such as Wiz, Prisma Cloud, Snyk, Drata, Vanta, or equivalents). - Strong coding/scripting ability to build automation, not just configure tools — you write the pipelines, modules, and tooling that scale security across many services. - Experience standing up or maturing an in-house security function. - Multi-cloud exposure and experience securing an internal developer platform. - Security monitoring and detection/alerting design. - Experience applying AI/LLM tooling to security operations — auto-remediation, evidence generation, agentic workflows. Compensation: This range reflects total cash compensation, which may include base salary only or base salary plus target bonus, depending on the role. Where eligible, equity may also be offered separately and not included below. Actual compensation varies based on location, experience, and qualifications. - Total Cash Compensation Range: $130,000 – $225,000 per year Additionally, the following benefits are provided by Red Ventures, subject to eligibility requirements. - Health Insurance Coverage (medical, dental, and vision) - Life Insurance - Short and Long-Term Disability Insurance - Flexible Spending Accounts - Holiday Pay - 401(k) with match - Employee Assistance Program - Paid Parental Bonding Benefit Program - Flexible Paid Time Off (PTO): We believe time to rest and recharge is essential. That’s why we offer a generous and flexible PTO policy. Full-time employees accrue 20 days of PTO for a full calendar year annually, with an increase to 25 days after five years of service. Who We Are: Bankrate is where Americans go to get the best price on life's most important financial decisions. By combining proprietary data, advanced technology, and deep market coverage, Bankrate helps consumers compare options and make confident financial choices across mortgages, credit cards, savings, and more. As a rate provider to the Federal Reserve and the benchmark relied upon by major publishers and policymakers nationwide, Bankrate's rate data is the national standard. This commitment to precision is reflected across all its products. In mortgages, proprietary auction technology puts lenders in real-time competition on price alone, consistently delivering rates in the lowest 10% in the country. For deposits, the platform features exclusively top-tier rates in the top 10% nationally, while its credit card coverage encompasses more than 90% of the market by volume. Founded by a journalist, Bankrate remains dedicated to its founding mission of transparency, honest information, and real competition — helping to make the American dream more affordable for everyone. Red Ventures is an equal opportunity employer that does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or any other basis protected by law. Employment at Red Ventures is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunities to qualified individuals with disabilities. This includes providing reasonable accommodation where appropriate. Should you require a reasonable accommodation to apply or participate in the job application or interview process, please contact accommodation@redventures.com. If you are based in California, we encourage you to read this important information for California residents linked here. At Red Ventures, we believe in real human connection. That’s why we do not hire someone through text, social media, or email only. As part of the hiring process, you should expect live conversations with RV teammates before any offer is made. Also, keep an eye on the sender: we only use official @redventures.com email addresses at the portfolio level or business specific email addresses (e.g., @thepointsguy.com), not ones like “redventurescareer.com.” We will never ask candidates to send money, buy equipment, or share financial account info during your journey with us. You can always find our open roles on redventures.com— if you receive a message that seems suspicious, please use redventures.com to verify the opportunity. For more, the U.S. Federal Trade Commission has published helpful articles to help individuals learn more about protecting themselves from recruiter scams. If you think you’ve been targeted, feel free to report it to your local authorities. Stay safe out there!
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
Forward Deployment Engineer
SambaNova SystemsSupercharge AI apps with SambaNova Cloud! Accelerate your AI journey. Unlock lightning-fast inference on Llama 3.1.
• Embed directly with strategic enterprise customers to design, build, and deploy production GenAI applications on SambaNova's SN40L platform and SambaStack based product portfolio. • Architect and implement LLM-powered workflows — including RAG pipelines, multi-agent systems, fine-tuning workflows, and coding solutions — tailored to each customer's data, infrastructure, and business goals. • Optimize AI inference performance on SambaNova hardware; benchmark model throughput, latency, and accuracy against customer requirements and competitor baselines. • Troubleshoot and resolve production issues end-to-end across model, software, and hardware layers — acting as the first and last line of technical escalation in the field. • Translate customer needs into clear product requirements and engineering feedback; serve as the primary voice of field reality to SambaNova's Product and Engineering teams. • Partner with Account Executives and Solutions Engineers to shape technical sales strategy, scope engagements, and demonstrate platform differentiation during evaluations and proof-of-concepts. • Develop reusable accelerators, reference architectures, and internal playbooks that scale learnings from one deployment to many. • Present technical findings, architecture decisions, and roadmap input at customer executive briefings and internal forums; represent SambaNova at industry conferences and events.
Forward Deployment Engineer
DBSyncHarness the Power of Simplified Application Integration and Data Replication.
• Work on latest edge Cloud computing to solve difficult, manual and repeatable tasks for users adopting Cloud technologies like AWS, Salesforce, Microsoft and more • Use the latest trends on building SaaS applications using multitenancy, scalability large data volumes / Big Data and more • Develop and expand our portfolio to support most popular Cloud apps (200+) • Develop understanding of not just software development, but also how to design, develop and launch a product from concept to high customer use. • Customer Discovery: Conduct structured workshops with client stakeholders to capture workflows, pain points, and desired outcomes. • Solution Design: Translate business requirements into technical workflows, automations, and integrations. • Deployment Execution: Configure, test, and deploy solutions, ensuring seamless go-live and adoption. • Workflow Automation: Build and customize automations using APIs, scripts, or low-code platforms. • Technical Troubleshooting: Diagnose integration issues, resolve blockers, and iterate based on client feedback. • Customer Advocacy: Serve as the technical expert during onboarding and beyond, ensuring long-term customer success. • Feedback Loop: Provide insights from deployments to product and engineering teams to shape roadmap priorities.
Cloud Operations Engineer
SoftdocsIntelligent Document Management and WorkflowAutomation for Education and Government
• Provision, configure, and maintain cloud infrastructure — virtual servers, databases, storage, and other resources — to support client environments. • Act as the first responder for issues reported through Salesforce and Azure DevOps. Diagnose and resolve issues within client cloud environments, escalating as needed. • Track and manage cloud assets and resources across client environments, keeping inventory, configuration, and cost accurate and up to date. • Build, test, and execute automations, pipelines, and scripts to support cloud operations. • Maintain monitoring and alerting tools (SIEM, Datadog, etc.) to ensure the health and high availability of client systems. Participate in the weekday and weekend on-call rotation. • Maintain security tools (including but not limited to WAF, antivirus, SIEM, and CSPM) and access controls, and support ongoing compliance efforts. • Work with cross-functional and engineering teams to resolve issues and support the delivery of end-to-end products and features. • Stay current with cloud technologies and operational best practices, with emphasis on our current technology stack and cloud cost management (FinOps).
Database Reliability Engineer – Remote
FinomFinancial solutions for entrepreneurs and freelancers - combining business account benefits with multiple services
• Own Database Reliability: Drive high availability and disaster recovery strategies • Architect for Scale: Define and execute the scalability roadmap • Optimize Performance: Perform deep-dive query optimization • Design Infrastructure: Build and manage scalable inference and connection pooling strategies • Establish Observability: Design the monitoring architecture and define SLIs/SLOs • Champion Security: Implement banking-grade security practices • Partner Across Engineering: Work with product teams for database schema changes • Lead by Example: Set the technical bar for the DBA function through mentoring



