• Responsible for developing and maintaining the operations of security products and offering within Spinnaker Support. • Define and deliver Spinnaker Support’s approach to security within the 3rd party support and managed service markets. • Provide guidance to clients on attack surface reduction strategies in relation to the SAP system landscape. • Identify, document, and guide clients in security best practices related to the applications, network and infrastructure of SAP systems. • Conduct assessments, analyzing results, compiling reports with actionable remediation recommendations. • Triage and respond to customer security inquiries.

Attention: Kapitus is aware that individuals posing as recruiters may be communicating with job seekers about supposed positions with Kapitus. Kapitus has received reports that the content and method of communication can vary, but messages may contain requests for payment (e.g., fees for equipment or training) and/or for sensitive financial information. Kapitus will never ask a candidate for employment for payment or financial information during the initial application or interview process. All open positions are posted in location specific employment portals available at www.kapitus.com/careers All legitimate Kapitus job postings on employment sites will direct candidates to complete an application through these portals before completion of the hiring process. Candidates with additional questions or concerns regarding any recruiting communications or Kapitus’ recruiting process in general should email recruiting@kapitus.com The Cloud DevSecOps Engineer III is responsible for bringing the concepts of development, security, and operations together to create a more robust security system for the organization. They test and monitor an organization’s system for vulnerabilities and work in collaboration with developers to create new programs that patch holes in the current security program. They add countermeasures to prevent against new threats, or simply make the program stronger and more effective. They are responsible for keeping the organization’s data, network, and IT infrastructure safe and free from security threats through monitoring, programming, testing, and communication. What you will do: · Build & Deploy - AWS CloudFormation and OpenTofu for template creation & maintenance · Leverage GitHub Actions as well as AWS CodePipeline CI/CD automation Leverage AWS Cost Optimizations & AWS Well-Architected Best Practice recommendations · HA & DR implementations, including improvements to RTO/RPO · Help maintain AWS Operations with governance mechanisms · Help to maintain and own the Infrastructure and Operational Excellence for the company · Document and develop processes to support systems across the organization · Monitor the implementation of various critical infrastructure and middleware components · Build & Maintain and release highly available, reliable, stable products across several platforms · Create alarms and maintain transparent monitoring of all relevant systems for tracking operational excellence, cost, and performance · Should be able to understand complex architectures and be comfortable working with multiple teams · Should be highly proactive with a keen focus on improving the uptime availability of our mission-critical services What We’re Looking For: · Must have AWS Certified SysOps Administrator and/or Solutions Architect Associate and/or Developer Associate and/or 7+ years of implementing & maintaining enterprise AWS Cloud environments. · Experience creating, delivering, and operating multi-tenanted, distributed systems at scale · Cloud architecture experience in AWS environment and container-based deployments using OpenTofu, GitHub Actions, AWS CodePipeline, and CloudFormation. · Passionate for continuous learning and understanding things in and around cloud development · Experience with various AWS services like ECS, S3, Lambda, DynamoDB, RDS, Cognito, WAF, GuardDuty, CloudFront, Route 53, EventBridge, Github Actions, etc · Experience with any tools like DataDog, CloudWatch, or similar tools for observability · Solid understanding of the application and infrastructure security · Good to have knowledge on Azure and an understanding of Azure Active Directory · Strong written and verbal communication skills Kapitus Total Rewards Package Includes: · Competitive Base Salary Range of $117,800-$189,000 Kapitus is providing this as a good faith salary range to comply with applicable law. The applicant’s final salary will depend on a number of factors including the applicant’s geographic location, skills, and experience. · Annual Incentive Compensation Eligibility – Up to 10% annually · Health Insurance: We offer comprehensive medical, dental, and employer-paid vision plans through UnitedHealthcare (UHC), with various coverage levels available to meet the needs of our employees and their families. · 100% Company Paid Insurances: Kapitus fully covers the cost of basic short-term and long-term disability insurance, as well as vision insurance, ensuring our employees have comprehensive protection without any personal expense. · Voluntary Insurance: Supplemental life insurance as well as enhanced short- and long-term disability coverage are available through Mutual of Omaha, providing additional security for our employees. Additionally, Colonial Accident and Hospitalization insurances are also available, offering further protection against unforeseen events. · Paid Maternity and Parental Leave: Beyond state-mandated leave policies, Kapitus provides company-paid maternity and parental leave, supporting our employees during important family milestones. · LifeBalance Program: Enhance your lifestyle with our LifeBalance membership, which offers discounts on outdoor activities, the arts, health, and fitness. Additional benefits include: o Pet and car insurance discounts. o Financial services such as LegalShield. o Relaxation and stress management tools, including a fully covered annual subscription to The Calm App. · Plum Benefits Discount Program: Access exclusive discounts on shows, travel, car rentals, and more, enriching your personal and family life. · Tuition Reimbursement: Pursue further education with up to $5,000 annually in tuition reimbursement, plus opportunities to attend relevant conferences and career development events. · Transit Reimbursement: We also offer transit reimbursement for all work-related travel, supporting your involvement in career and personal development activities. · Paid Time Off and Sick Time · Retirement Benefits: Our 401K plan is managed through Fidelity, featuring a 25% match on employee contributions, helping you plan for a secure financial future. About Kapitus: Kapitus is one of the most reliable and respected names in small business financing. As both a direct lender and a marketplace built with a trusted network of lending partners, we can provide small businesses with the financing they need when, and how it is needed. We have spent our entire existence building a culture that makes us excited to come to work in the morning. Our company is fast paced, teammates need to be self-directed and have an internal motivation to do the right thing, even when the right thing takes a lot of hard work. We show our teammates our appreciation by offering great benefits, competitive pay and solid opportunity for growth. Company Mission: At Kapitus, our mission is to help small business owners grow their organizations by providing tailored, transparent, and ethical financing solutions. We invest in every business owner’s story and we are dedicated to building lasting relationships to champion their goals. We promise to keep the best interests of our clients at the center of the financing process by operating with transparency, fairness, and integrity. Consideration will be given to qualified remote candidates residing in states where Kapitus and/or one of its subsidiaries has an established physical presence.

⚡️ Why Altium? Altium is transforming the way electronics are designed and built. From startups to world’s technology giants, our digital platforms give more power to PCB designers, supply chain, and manufacturing, letting them collaborate as never before. - Constant innovation has created a transformative technology, unique in its space - More than 30,000 companies and 100,000 electronics engineers worldwide use Altium - We are growing, debt-free, and financially strong, with the resources to become #1 in the EDA industry Why Duro? Duro is building the GitHub for Hardware teams. As now a part of the Altium product portfolio, we’re revolutionizing Product Lifecycle Management (PLM) for companies in space tech, robotics, IoT, and commercial manufacturing. Our platform empowers hardware teams to move with agility, make timely decisions, and build disruptive products. Our culture is built on: Trust, Autonomy, Experimentation, and Empathy. We deploy daily. We run 3-week cycles (2 weeks building + 1 week polish). We’re Linear stans, leveraging their AI agents to automate bug discovery and fixes. We measure everything through PostHog—feature flags, session replays, and product analytics all in one. About the role: Duro’s customers build satellites, drones, defense systems, and critical infrastructure. They operate under some of the most demanding security and compliance frameworks in the world—and they expect their PLM platform to meet them where they are. This role exists to make sure we do. As SecOps, you’ll be the single point of authority for security and compliance across Duro. This is not a back-office compliance role. You’ll be customer-facing—fielding tough questions from security teams at defense contractors, government agencies, and aerospace companies who believe they know the standards as well as you do. Your job is to know them better. To understand not just what the controls require, but why they exist, how they’ve evolved, and how Duro’s architecture satisfies them. You’ll own our compliance posture across SOC 2, NIST 800-171, NIST 800-53, CMMC, FedRAMP, ITAR, and GDPR. You’ll manage our evidence locker in SecureFrame, work with DevOps on infrastructure security in AWS GovCloud, coordinate with vendors, and represent Duro and Altium as a trusted security authority in every customer conversation. A day in the life of our SecOps Engineer: - Review and respond to customer security questionnaires, vendor assessments, and RFP security sections—often from defense, aerospace, and government customers with deep domain knowledge and high expectations - Join customer calls as Duro’s security authority—fielding technical questions on data handling, encryption, access controls, and compliance posture, and confidently addressing pushback with precise knowledge of the standards - Maintain and evolve our compliance programs across SOC 2 Type II, NIST 800-171, NIST 800-53, CMMC, FedRAMP, ITAR, and GDPR—not as a checkbox exercise, but as a living practice that adapts as frameworks evolve - Manage our evidence locker in SecureFrame—ensuring continuous readiness for audits, mapping controls to evidence, and keeping documentation current as our product and infrastructure change - Collaborate with DevOps on infrastructure security decisions: encryption at rest and in transit, network segmentation, access management, logging, and monitoring across AWS and GovCloud environments - Own the classification and handling of sensitive data—PII, CUI, ITAR-controlled technical data—ensuring our policies, systems, and team practices align with regulatory requirements - Evaluate and manage security vendors and third-party tools, reviewing SOC 2 reports, conducting risk assessments, and ensuring our supply chain meets the same standards we hold ourselves to - Drive security awareness across the organization—training engineering teams on secure development practices, data handling policies, and incident response procedures - Lead incident response planning and execution, including tabletop exercises, post-incident reviews, and continuous improvement of our response playbooks - Delegate and coordinate across teams—you’re not doing everything yourself, but you’re accountable for ensuring it gets done right, whether that’s a DevOps engineer implementing a control or a product manager understanding an ITAR restriction Who We’re Looking For: - 10+ years of experience in information security, security operations, or compliance—with direct experience in defense, aerospace, or government-adjacent industries - Deep, expert-level knowledge of SOC 2, NIST 800-171/800-53, CMMC, FedRAMP, ITAR, and GDPR—not just the controls, but the intent behind them and how they’ve evolved - Hands-on experience with compliance platforms like SecureFrame, Vanta, or Drata—including evidence management, continuous monitoring, and audit preparation - Strong understanding of cloud infrastructure security—particularly AWS and GovCloud environments, encryption at rest and in transit, IAM, VPC design, and logging/monitoring - Experience with data classification and handling—PII, CUI, ITAR-controlled data—and the ability to translate regulatory requirements into practical engineering guidance - Exceptional communication skills—you can explain a NIST control to a C-suite executive, defend your compliance posture to a DoD security auditor, and help an engineer understand why a particular data flow needs to change - A customer-facing presence—you’re comfortable in high-stakes conversations where customers challenge your security posture, and you respond with authority, precision, and patience - Ability to delegate and coordinate across engineering, DevOps, product, and external vendors—you own the outcomes, but you build through others How We Think About Security Security at Duro isn’t a department—it’s a commitment that runs through everything we build. Our customers trust us with their most sensitive product data: designs for defense systems, satellite components, and critical infrastructure. That trust is earned through competence, transparency, and rigor. We use AI extensively in how we build software—every engineer runs Claude Code as their primary development environment. As our security leader, you’ll help define the guardrails for how AI is used responsibly within our development workflows, ensuring that our velocity never comes at the expense of our security posture. We don’t want someone who recites frameworks. We want someone who understands the threat landscape our customers operate in, can anticipate where the standards are headed, and builds a security practice that stays ahead of both. Nice to Have - Relevant certifications: CISSP, CISM, CISA, CompTIA Security+, or CMMC Registered Practitioner (RP) - Experience with PLM, PDM, or hardware/manufacturing industry software - Background in achieving or maintaining FedRAMP authorization - Experience building a security program from the ground up at a startup or mid-size company - Familiarity with secure software development lifecycle (SSDLC) practices - Experience with penetration testing coordination and remediation management - Knowledge of export control regulations beyond ITAR (EAR, OFAC) The salary range for this role is $190,000 to $230,000 annually. Actual compensation packages within this range are based on a wide array of factors unique to each candidate and role requirements, including but not limited to skill set, years and depth of experience, certifications, and specific location. Our Benefits - 🏥 Medical, Dental, Vision Plans and HSA and FSA accounts - ❤️ Basic Life and AD&D insurance; disability coverage where applicable - 🌅 Retirement 401(k) Plan Option with Altium match - 🧘 Employee Assistance Program - 🏖 Paid holidays plus a “Choice Day” off per quarter - ✈️ Paid time-off on arising schedule upon key milestones - 🤒 Sick time for Dr. appointments or family health needs - 👶 Family medical, maternity, paternity, and military leave - 🏡 Flexible working arrangements available based on role and location - 🥳 Employee referral program - 🌍 Remote working abroad program - 📚 Professional development support and resources - 🥪 Free lunch, snacks, and drinks in the office - 🚗 Free parking 🌍 Also, we would like you to know We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. 💡 Learn more about why a career at Altium is an opportunity like no other: https://www.youtube.com/watch?v=cAYCOLpPLPE ✈️ Altium Benefits: https://careers.altium.com/#s-benefits 👏 Are you already an Altium employee? Please apply directly through our internal Greenhouse job board. If you have questions, please contact HR.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We’re looking for an Endpoint Systems Engineer with a passion for AI & automation, within modern device management. In this role, you’ll design, deploy, and continuously improve endpoint solutions that are intelligent, scalable, and secure. You’ll move beyond reactive support by leveraging automation, data, and AI-driven tools to enhance user experience and operational efficiency across the enterprise. This is a hands-on engineering role for someone who enjoys building smart systems, eliminating repetitive work, and shaping the future of endpoint management. - Design, deploy, and manage modern endpoint environments across Windows & macOS. - Implement and maintain endpoint management platforms (e.g., Intune, Jamf) with a strong automation-first mindset. - Develop automation workflows using scripting, APIs, and orchestration tools to reduce manual effort and improve reliability. - Integrate AI-powered tools for endpoint analytics, remediation, security, and user experience optimization. - Build self-healing and self-service solutions for common endpoint issues. - Collaborate with security teams to enforce compliance, patching, and endpoint protection strategies. - Monitor endpoint health, performance, and telemetry to proactively identify and resolve issues. - Evaluate emerging AI and automation technologies and recommend improvements to endpoint strategy. - Create and maintain technical documentation, standards, and best practices. - Act as a technical escalation point. Qualifications - 4+ years of experience in endpoint engineering, desktop engineering, or EUC roles. - Strong experience with modern endpoint management and MDM/MAM platforms. - Proficiency in scripting and automation (PowerShell required; Python, Bash, or similar a plus). - Experience integrating systems via APIs and automating workflows. - Experience in working with Claude AI. - Solid understanding of endpoint security, identity, and device compliance. - Comfortable working in cloud-first and zero-trust environments. - Strong troubleshooting skills with the ability to think systemically. Requirements - Experience with AI-driven IT operations (AIOps), endpoint analytics, or autonomous remediation tools (Nice to Have). - Familiarity with tools such as Microsoft Copilot, Defender, Autopilot, Jamf Pro, or similar (Nice to Have). - Relevant certifications (Microsoft, Apple, Jamf, or cloud certifications) (Nice to Have). Who You Are - A builder’s mindset: you love automating yourself out of repetitive work. - Curiosity about how AI can improve IT operations and user experience. - Strong communication skills and the ability to explain complex ideas clearly. - A proactive, improvement-focused approach rather than reactive firefighting. - Comfort working in fast-changing, modern IT environments. Better Together Diversity. Inclusion. They’re more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected. We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together.