Roadie Logo

Roadie

DevSecOps Engineer

Reposted 5 Days Ago
Remote
Hiring Remotely in USA
Mid level
Remote
Hiring Remotely in USA
Mid level
The DevSecOps Engineer will integrate security practices into the CI/CD pipeline, conduct security audits, and automate security tasks to ensure compliance with industry standards.
The summary above was generated by AI

Roadie, a UPS company, is a leading logistics and delivery platform that helps businesses tackle the complexities of modern retail with unmatched delivery coverage, flexibility and visibility. Reaching 97% of U.S. households across more than 30,000 zip codes — from urban hubs to rural communities — Roadie provides seamless, scalable solutions that meet a variety of delivery needs.

With a network of more than 310,000 independent drivers nationwide, Roadie offers flexible delivery solutions that make complex logistics challenges easy, including solutions for local same-day delivery, delivery of big and bulky items, ship-from-store and DC-to-door. For more information, visit www.roadie.com.

We are looking for a DevSecOps Engineer that will be responsible for supporting and implementing all aspects of secure SDLC, including patching vulnerabilities in libraries, code, and conducting security audits. You will work closely with our development, operations, and security teams to ensure that our cloud infrastructure and Kubernetes deployments are secure, scalable, and efficient. Your primary responsibility will be to integrate security practices into the CI/CD pipeline, automate security tasks, and ensure compliance with industry standards.

What You’ll Do

  • Work cross-functionally with the InfoSec, SRE, and Engineering teams
  • Keep up to date with current vulnerabilities in the DevOps space, patch, mitigate, or procure acceptance of the vulnerability by InfoSec standards
  • Check code and repositories for insecure coding practices and work with Engineering teams to remediate
  • Work closely with InfoSec to create and maintain Secure SDLC training
  • Conduct security based quality assurance on pre-deployment packages, and seek approval or denial of those deployments based upon security findings
  • Conduct security based quality assurance such as dynamic and static code testing
  • Work closely with Compliance and Engineering teams to conduct pre-project risk assessments
  • Implement security checks and practices within CI/CD pipelines to ensure secure code deployment and infrastructure
  • Develop automation scripts and tools to streamline security processes, including vulnerability scanning, patch management, and incident response
  • Conduct security training and awareness programs for engineering teams to promote a security-first culture

What You Bring

  • Bachelor's Degree in Computer Science/Engineering, or related work experience
  • 3+ years development experience in an enterprise environment
  • 2+ years security, risk, or compliance experience
  • Strong knowledge of security tools and best practices, including vulnerability scanning (e.g., Nessus, Qualys), SAST/DAST, and container security tools
  • Proficiency with scripting and automation languages, especially IaC such as Terraform, Crossplane, etc
  • Experience with various development methodologies, tools, and CI/CD tools such as Bitbucket, Gitlab, Github, Circle CI, Travis CI, Argo CD, Azure DevOps
  • Security and DevOps certifications strongly preferred

Why Roadie? 

  • Competitive compensation packages 
  • 100% covered health insurance premiums for yourself
  • 401k with company match
  • Tuition and student loan repayment assistance (that’s right - Roadie will contribute directly to your existing student loans!) 
  • Flexible work schedule with unlimited PTO 
  • Monthly 3-day weekends
  • Monthly WFH stipend 
  • Paid sabbatical leave - tenured team members are given time to rest, relax, and explore
  • The technology you need to get the job done

Similar Jobs

Yesterday
In-Office or Remote
125K-155K Annually
Senior level
125K-155K Annually
Senior level
Blockchain • Security • Software
Implement and maintain scalable security controls across cloud and infrastructure. Manage access provisioning, MDM, IaC (Terraform/Ansible), triage vulnerabilities, automate security processes, support secure SDLC, and participate in on-call incident response and security training.
Top Skills: AnsibleAWSLinuxMdmTerraform
Yesterday
In-Office or Remote
Senior level
Senior level
Security • Software
Lead security and reliability for a GCP-based SaaS platform by owning IaC, CI/CD, monitoring, incident response, vulnerability management, compliance (SOC2/ISO27001), and partnering with engineering to shift security left.
Top Skills: AnsibleArgocdBashContainersDockerGCPGitGithub ActionsGkeGoIstioKubernetesPythonTerraformVms
2 Days Ago
Remote
DC, USA
Mid level
Mid level
Information Technology • Consulting • Cybersecurity
Mid-level DevSecOps Engineer to extend and maintain a federal customer's secure infrastructure automation and CI/CD pipelines. Responsibilities include IaC with Terraform/OpenTofu, Ansible automation, GitHub Actions pipelines with embedded security gates, container hardening and scanning, Kubernetes/Helm support, and alignment with CIS and NIST security controls.
Top Skills: AnsibleAWSBashCheckovCis BenchmarksDockerGithub ActionsGitleaksGrypeHashicorp VaultHelmKubernetesNist Sp 800-171Nist Sp 800-207Nist Sp 800-53Opa/RegoOpentofuPythonSemgrepTerraformTfsecTrivy

What you need to know about the Charlotte Tech Scene

Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.

Key Facts About Charlotte Tech

  • Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
  • Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
  • Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
  • Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account