Senior DevSecOps Engineer

About PactFi Private asset markets (PE, Private Credit, VC, Real Estate) have 10x to 9.8T in AUM over the past decade and are projected to grow to $17T in the next five years. However, digital infrastructure has not kept pace, with most of the market operating predominantly in error-prone, internal-only software solutions. PactFi provides secure, end-to-end, operational infrastructure for managing complex private credit transactions. Our web-based application brings together all parties involved in such a transaction to more efficiently allocate capital, complete KYC, share documents, manage funds flow, and more. The platform is secured to a bank-grade standard, and we have received our SOC 2 Type 2 attestation. PactFi was developed in close partnership with two of the industry's largest players, both of whom represent the top 3 players in the private credit space by both size (AUM) and deal activity. Overview We're looking for a Senior DevSecOps Engineer to work closely with our Lead DevSecOps Engineer to improve the security, reliability, infrastructure, deployment, and operational maturity of our platform. This is a hands-on individual contributor role for someone who enjoys building, automating, securing, and improving production systems — not managing a team. You'll strengthen our CI/CD workflows, AWS infrastructure, observability, SOC 2 readiness, business continuity, disaster recovery, and 24/7 on-call operations. The ideal candidate is experienced, practical, and collaborative — comfortable owning technical workstreams and helping engineering teams ship safely and efficiently. What You'll Do Infrastructure & Cloud Engineering Design, build, and improve secure, scalable AWS infrastructure using infrastructure-as-code (Terraform, Pulumi-Python). Improve cloud networking, IAM, secrets management, environment isolation, and secure configuration. Standardize provisioning, access control, auditability, and change management. Troubleshoot infrastructure issues and drive long-term fixes that reduce operational toil. CI/CD & Developer Experience Build, maintain, and improve secure CI/CD pipelines for application, infrastructure, and platform deployments. Support container-based build and deployment workflows, including rolling updates and rollback strategies. Support Environment as a Service for the engineering and QA teams Reduce deployment friction while maintaining strong security and compliance controls. Security, Compliance & SOC 2 Type 2 Embed security controls into infrastructure, CI/CD pipelines, and cloud operations. Support SOC 2 Type 2 readiness through control implementation, evidence collection, access reviews, and audit support. Manage secrets, IAM, least-privilege access, and vulnerability management across containers, dependencies, and cloud services. Ensure sensitive data is protected across logs, pipelines, monitoring systems, backups, and AI-assisted workflows. Contribute to secure usage patterns for AI/ML tools and services, including data handling, vendor risk, access controls, and model boundary considerations. Observability, Reliability & On-Call Build and improve observability across logs, metrics, dashboards, and alerts; maintain centralized logging pipelines. Define and maintain SLOs, SLIs, alerting standards, and escalation paths. Participate in a 24/7 production on-call rotation; support incident response, root-cause analysis, and postmortems. Create and maintain runbooks, playbooks, and operational documentation. Business Continuity & Disaster Recovery Design, document, and improve BC/DR plans; support RTO/RPO planning for critical systems. Implement and test backup, restore, replication, failover, and recovery procedures. Identify single points of failure and drive remediation across infrastructure, data stores, and operational processes. What We're Looking For Experience & Technical Skills 6+ years in DevOps, DevSecOps, SRE, platform engineering, infrastructure, or security engineering. Strong hands-on AWS experience, including IAM, networking, logging, monitoring, and secure access patterns. Solid CI/CD pipeline development and release automation experience; container build and deployment workflows. Infrastructure-as-code with Terraform and/or Pulumi (Python); strong scripting in Python, Bash, or similar. Strong Ubuntu/Linux command-line experience. Strong networking fundamentals, including VPCs, DNS, TLS, routing, firewalls/security groups, load balancing, and private connectivity. Observability tooling: logs, metrics, dashboards, alerts, and operational visibility. Experience with secrets management, IAM, audit logging, vulnerability scanning, and secure configuration. Strong hands-on experience with AI tools (e.g. Claude, ChatGPT) and AI-assisted development workflows, including an understanding of related security and data-handling risks. Experience participating in 24/7 on-call operations and supporting high-reliability production systems. Security & Compliance Hands-on experience supporting SOC 2 Type 2 and/or ISO 27001 frameworks. Experience implementing controls for access management, change management, incident response, logging, and data protection. Ability to translate compliance requirements into practical, repeatable technical controls. Experience in regulated or security-sensitive environments (fintech, healthcare, enterprise SaaS) is a strong plus. Reliability & Collaboration Strong understanding of distributed systems, failure modes, and resilience; experience with SLOs/SLIs and incident management. Experience with backup, restore, failover, and disaster recovery procedures; familiarity with RTO/RPO planning. Strong communication skills; comfortable working closely with a technical lead while independently owning deliverables. Able to provide senior-level technical judgment and practical recommendations across DevSecOps, infrastructure, and security decisions. Ownership mindset, strong documentation habits, and comfort operating in high-accountability production environments. Nice to Have Jenkins, Docker, Kubernetes (including security, admission controls, and network policies). AWS ECS Fargate, CloudWatch, ELK stack, Bedrock, Redis, redshift, and AWS Systems Manager (SSM). Experience with SOC 2 Type 2 audit support and automated compliance evidence collection. Disaster recovery testing, tabletop exercises, and production failover planning. Fintech or other regulated industry background. Bachelor's degree in Computer Science What We Offer Competitive salary + equity. Healthcare coverage. 401k

{
  "content_hash": "b2c81e0482b37c7573047594b546b374818d328a7b10b3df44b1552905695796",
  "source_hash": "6058a0c0b1da5a321476132f8ec57d098b7959b1f2eb7dfd62c7e36ba0c485c1",
  "last_changed_at": "2026-06-04T13:50:47.009Z",
  "active_status": "deleted"
}

{
  "language": "en",
  "location": {
    "raw": "New York, NY",
    "city": "New York",
    "region": "NY",
    "country": "United States",
    "is_remote": true,
    "confidence": 0.9
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-02T13:53:04.929Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "New York, NY",
      "city": "New York",
      "region": "NY",
      "country": "United States",
      "is_remote": true,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "remote",
  "salary_period": null,
  "workplace_type": "remote",
  "salary_currency": null
}

{}

{
  "id": "cb7e3ee8-8db7-40d7-a226-fa373d2adb02",
  "team": "Engineering",
  "title": "Senior DevSecOps Engineer ",
  "jobUrl": "https://jobs.ashbyhq.com/pactfi/cb7e3ee8-8db7-40d7-a226-fa373d2adb02",
  "address": null,
  "applyUrl": "https://jobs.ashbyhq.com/pactfi/cb7e3ee8-8db7-40d7-a226-fa373d2adb02/application",
  "isListed": true,
  "isRemote": true,
  "location": "New York, NY",
  "updatedAt": null,
  "apiVersion": "ashby-non-user-graphql-v1",
  "department": "Engineering",
  "publishedAt": null,
  "workplaceType": "Remote",
  "employmentType": "FullTime",
  "secondaryLocations": []
}