This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Your way to impact. We’re not solving a small problem, and we’re not addressing a small market. We’re tackling returns—the part of the online shopping experience shoppers say they hate most. Our customers, i.e., top online retailers, use Happy Returns’ returns software and reverse logistics to offer shoppers a genuinely delightful return experience while at the same time reducing costs, retaining sales, and making their supply chains more sustainable. We’re making returns legitimately better for everyone, and we’re having fun doing it. Your day to day: - Collaborate on and deploy cloud infrastructure on AWS using infrastructure-as-code (Terraform, Pulumi) that is secure, scalable, and highly available - Actively collaborate with software engineering to define infrastructure, build, release and deployment tooling - Collaborate with information security for requirements and integration with security and compliance tooling - Troubleshoot problems across a wide array of services and function areas - Build and maintain operational tools for deployment, monitoring, and analysis of AWS infrastructure and systems to ensure availability, performance, security, and scalability - Provide recommendations for architecture and process improvements - Help us build and maintain a world class technology system so we can achieve our mission of making returns beautiful for Shoppers, Retailers, and the Planet Qualifications - At least 1 year of experience in designing, provisioning and maintaining infrastructure using Infrastructure as Code - Experience in code development in at least one high-level programming language - Knowledge of Kubernetes and containerized applications - Proficiency working with a cloud provider (preferably AWS) - Proficiency with Docker, Git and software development processes for deploying applications - Understanding of/familiarity with using Github Actions (or similar) to build, test and release software - Familiarity with database technology such as PostgreSQL or MySQL - Previous experience using cloud observability platforms such as DataDog or NewRelic - A strong interest in joining a highly collaborative environment and working daily with Product Managers and Engineers - Interest in e-commerce, logistics and/or sustainability - Comfort with leveraging the latest available AI-powered tools (IDEs, agents, automated reviewers) to accelerate and assist with daily development, debugging, and technical tasks Requirements - This is a fully remote position and is not limited to candidates located in Georgia EEO Statement Integrated into our shared values is Happy Returns’ commitment to diversity. Happy Return is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at Happy Return has an ongoing responsibility to respect and support a globally diverse environment. Visa Sponsorship We do not offer visa sponsorship or transfer for this role. Statement to Third Party Agencies To all recruitment agencies: Happy Return only accepts resumes from agencies on the UPS preferred supplier list. Happy Return is not responsible for any fees or charges associated with unsolicited resumes.

Your Dream. Our Team. About Rise8 Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. We think big, start small, and scale fast with elite teams across product, design, and engineering to drive continuous delivery for critical missions. We believe customer experience starts with employee experience, so we take care of our employees. Rise8 is where you’ll do the best work of your career—supported by a culture you won’t find anywhere else. We offer competitive pay and benefits, but what sets us apart is our commitment to autonomy, growth, and a culture rooted in kindness, candor, and continuous learning. Certified as a Great Place to Work®, with 100% of employees saying they love working here, Rise8 is where bold ideas become real capabilities. Where mission meets meaning. And where fewer bad things happen because of bad software. About You - Are you a Senior DevSecOps Engineer with expertise across multiple domains, including cloud security, containerization, and compliance? Do you thrive in dynamic environments where collaboration, innovation, and secure delivery are top priorities? At Rise8, we’re looking for someone like you to lead the charge in securing complex systems, while ensuring client satisfaction across projects. As a Senior DevSecOps Engineer at Rise8, you will: - Secure cloud-based environments by designing and implementing native security solutions using services. - Drive Continuous RMF practices, automating control implementation and reporting through modern methodologies like Continuous Authorization to Operate. - Automate provisioning and configuration of IT environments using tools such as Terraform, Ansible, Puppet, and Chef. - Implement and manage security measures like firewalls, IDS/IPS, vulnerability scanning, encryption, and ICAM solutions. - Secure containerized and large-scale cloud production systems while responding effectively to security incidents. - Apply advanced security concepts to protect systems, including threats, vulnerabilities, encryption, boundary defense, and risk management. - Establish and manage identity and access management policies, ensuring least-privilege access and cross-account role adherence. - Create and maintain engineering artifacts, such as network diagrams, data flow diagrams, installation procedures, and operational manuals. - Enforce cloud-native security best practices, leveraging frameworks like AWS’s Well-Architected Security Pillar - Collaborate with cross-functional teams to integrate Zero Trust principles into the broader security posture, aligning with DoD policies such as the Risk Management Framework (RMF) - Apply and operationalize RMF, FedRAMP, and DISA CC SRG controls, ensuring compliance with DoD Impact Levels. - Collaborate with cross-functional teams to integrate lean and agile practices into secure development lifecycles. - Train and mentor security engineers, fostering growth and upskilling of the cybersecurity practice team members. - Contribute to the continuous improvement of DevSecOps practices, ensuring systems are secure, scalable, and compliant. - Lead incident response efforts, conducting thorough root cause analyses and implementing post-mortem findings. - Work in a dynamic, collaborative environment that supports your professional development. Qualifications - A background of 6-10 years of experience in cloud/platform operations or related roles, with a focus on implementing and maintaining secure and compliant systems in diverse environments. - Strong proficiency in securing AWS GovCloud and Azure GCC High environments, including applying security controls, conducting vulnerability scans, and ensuring compliance with DoD standards. - Expertise in container orchestration, specifically Kubernetes, with a focus on implementing security best practices, ensuring container runtime protection, and automating vulnerability scanning. - Advanced knowledge of and experience in network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, and Identity, Credential, and Access Management (ICAM) - Expertise with monitoring and observability platforms, including integrating security monitoring tools and automating anomaly detection workflows. - Proven experience in incident management and troubleshooting large-scale distributed systems, with a focus on mitigating security incidents and performing root cause analysis for vulnerabilities. - Strong proficiency in Infrastructure as Code (IaC) tools, such as Terraform, including automating the implementation of security policies and controls within IaC pipelines. - Subject Matter Expertise in Linux Operating Systems administration, with a focus on hardening techniques, patch automation, compliance enforcement and bash scripting languages (Python, Bash, PowerShell) - Strong understanding of networking concepts and practical experience with securing technologies like Load Balancers, DNS, SSL, Firewalls, NAT, and NTP, including applying network-level security policies. - Excellent communication skills to articulate security risks, advocate for secure practices, and collaborate in team environments to address challenges effectively. - A proactive mindset for skill growth, tackling complex security tasks, and driving the implementation of cutting-edge cybersecurity practices. - A degree (BA/BS) in Computer Science, Cybersecurity, or a related field, or equivalent practical experience, with a focus on secure systems and automation. Preferred Qualifications: - Possession of recognized Professional Certifications such as CKS, RHCE, Linux+, MCSA, AWS Solutions Architect, AWS Developer, Security+, CISSP, and CCNA - Proven experience engaging directly with clients to understand their needs, provide solutions, and ensure satisfaction. - Familiarity with Department of Defense (DoD) operations, particularly within a DoD "Software Factory" context, as well as navigating Impact Level (IL) security requirements. Salary - The annual salary range for this role as it is posted is $163,121 - $203,901 regardless of final candidate location within the United States. The final job level and annual salary will be determined based on the education, qualification, knowledge, skills, ability, and experience of the final candidate(s), and calibrated against relevant market data and internal team equity. Benefits - Flexible schedule in a 100% distributed workforce - Premium Insurance: We cover up to 100% of the employee premium and up to 80% of the combined dependent premium on our base health plan, depending on pay band. We also cover 100% of the premium for employee and dependent Dental and Vision as well as employee premiums for Life and Disability coverage. - Retirement: 401k match at 10% gross pay. - Paid time off (PTO): 4 weeks combined accrued vacation and sick leave, 11 Federal holidays, your birthday, jury duty, and bereavement. - Education & Training: Accrued budget of up to $3,500 per year for classes, travel, events, and materials. - Home Office and Merch: We offer $750 per year for home office technology and equipment as well as $100 per year for Rise8 merch from our Swag Store. - Wellness Budget: To encourage and support a well-rounded healthy lifestyle, we cover 100% reimbursement on a variety of wellness activities and products, up to $500 per calendar year. - Rise8 is part of the Life Time Corporate Partner program. In lieu of your $500 annual wellness benefit, you can instead get a $75 monthly credit towards a Life Time membership ($900 annual benefit). - Equipment: We offer a MacBook Pro All of Rise8’s work in this area is with Federal Government customers that require our employees involved with their projects be U.S. citizens. As such, this role requires U.S. citizenship. If hired, you would also be required to go through a background investigation. Rise8 is an Equal Employment Opportunity employer that will consider you for this role regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.

• Engenharia de Release e Deploy: Gerenciar e automatizar o fluxo de CI/CD no GitLab, garantindo que as subidas de versão para clusters Kubernetes (OKE e On-premise) sejam seguras e rápidas. • Monitoramento e Resposta (Deep Observability): Operar ferramentas de monitoramento de ponta para garantir a saúde dos microsserviços, antecipando gargalos de performance. • Gestão de Ambientes Multi-Cloud/Local: Sustentar a infraestrutura de containers, garantindo que as políticas de recursos (CPU/Memória) e escalonamento estejam otimizadas. • Automação de Infraestrutura (IaC): Evoluir e manter scripts em Terraform ou Ansible, eliminando processos manuais na criação e manutenção de ambientes. • Operação Crítica: Atuar como referência técnica durante o turno da tarde/noite, garantindo suporte à operação em horários de alta demanda jurídica e participar de escala de plantão (on-call) intercalada aos finais de semana e feriados. • Evoluir mecanismos de self-healing no Kubernetes, criando automações que reajam automaticamente a falhas recorrentes (ex.: reinício controlado de pods, ajuste dinâmico de recursos, circuit breakers e rollback automático de deploys instáveis). • Automatizar respostas a incidentes, integrando alertas de observabilidade com ações práticas (ex.: escalar HPA, bloquear rollout, acionar fallback) reduzindo o tempo de intervenção humana. • Explorar o uso de IA aplicada à operação, utilizando análise de logs, métricas e traces para identificar padrões anômalos, antecipar incidente, sugerir causas prováveis (RCA assistido). • Documentação e Melhoria Contínua: Garantir que todos os incidentes e mudanças ocorridas no turno sejam documentados, facilitando a passagem de bastão entre as equipes.

• Integrate security into all stages of the software development lifecycle (Shift Left). • Ensure a continuous delivery flow (CI/CD), managing deployments on Kubernetes clusters (OKE and on-premises) with a focus on zero downtime and safe rollbacks. • Implement security policies for Docker and Kubernetes (Network Policies, RBAC, Pod Security Standards) and manage vulnerabilities in images and packages. • Use the Prometheus, Grafana and ELK stacks to anticipate security and performance issues, creating intelligent alerts that distinguish noise from real incidents. • Administer access control (IAM/Vault), ensuring the principle of least privilege across cloud and legacy environments. • Participate in an on-call rotation alternating weekends and holidays. • Eliminate manual work using Terraform or Ansible. • Design and evolve AI/ML-based automations for log analysis, anomaly detection and correlation of security events. • Create automated playbooks for security incident response (e.g., IP blocking, access revocation).