DevSecOps Engineer

Siena is building enterprise empathic AI Agents powered by reasoning-adept LLMs. Siena is the first AI Agent of its kind, designed to integrate with existing systems and interact with customers across multiple channels from a single, unified platform.

If you're excited about the intersection of human-to-machine communication and want to be part of a team driving innovation and making a real impact in automating agentic workflows, join us on our mission to revolutionize customer experience through empathetic AI.

We're not big on corporate-speak, but here's what matters to us:

• We put customers first: We work hard to understand our customers. We try to put ourselves in their position and do more than they expect.

• We're direct and honest: We believe in straightforward, truthful communication. We say what we think, clearly and respectfully.

• We try new things: We're not afraid to do things differently if it means finding better solutions.

• We step up: When we see a chance to make a difference, we take it. We trust ourselves to decide and take responsibility for what happens.

• We're quick on our feet: We adapt to changes and challenges. We see them as chances to learn and grow.

• We stay curious: We ask questions and explore new ideas. What we learn helps us keep growing.

• We own it: We're all owners here. We take charge, make the call, and own the outcome.

As a DevSecOps Engineer, you will be a key driver in integrating security practices across our development and deployment pipelines, ensuring that every product we deliver is secure, scalable, and resilient. This role requires both a strategic mindset and hands-on engineering skills to design and implement world-class DevSecOps processes. You will work closely with cross-functional teams to build and maintain highly automated CI/CD pipelines, secure infrastructure, and provide rapid response to security incidents.

• Design & Implement CI/CD Pipelines: Develop, optimize, and maintain CI/CD pipelines that integrate automated testing, security scans, and code deployment, ensuring rapid and reliable software releases.

• Infrastructure as Code (IaC): Lead the implementation of infrastructure as code (IaC) using tools like Terraform, CloudFormation, or AWS CDK, ensuring consistent and scalable environments across all stages of development.

• Security Automation: Automate security checks within CI/CD pipelines, embedding vulnerability management, code analysis, and dependency checks directly into the software development process.

• Cloud Infrastructure Management: Manage secure and scalable cloud environments (AWS, Azure, GCP) to support both production and development needs, optimizing for performance, availability, and cost.

• Monitoring and Logging: Implement advanced monitoring and logging systems to track application and infrastructure performance, security threats, and anomalous behavior, ensuring rapid detection and response to incidents.

• Incident Response and Threat Management: Develop, maintain, and execute incident response plans, including forensics and post-incident reviews, ensuring the ability to detect, respond to, and recover from breaches effectively.

• Disaster Recovery and Resilience: Architect disaster recovery strategies, ensuring that systems have robust backup and restoration processes in place to guarantee high availability and rapid recovery.

• Compliance and Risk Management: Ensure that all systems meet regulatory and compliance standards (e.g., SOC 2, GDPR), working with relevant stakeholders to manage audits and ensure proper documentation.

• Have 5+ years experience with DevOps tools such as Jenkins, GitLab CI, and infrastructure automation with Terraform, CloudFormation, or AWS CDK.

• Have 5+ years experience in managing and securing infrastructure on cloud platforms (AWS, GCP, or Azure), with a focus on automation, scalability, and high availability.

• Have expertise in vulnerability management, threat modeling, and security monitoring, with hands-on experience integrating security into CI/CD pipelines.

• Are proficient in automation scripting with languages like Python, Bash, or PowerShell.

• Have experience implementing monitoring solutions and leading incident response teams during security events.

• Have experience with compliance frameworks such as SOC 2, GDPR, ISO 27001, and handling related audits.

We're a startup. We can't offer you fancy offices or extra perks. But here's what we can offer:

• Real impact. Your work will directly shape our product and company.

• A seat at the table. In a small team, every voice matters. Yours will be heard.

• Freedom to work your way. Home, coffee shop, moon base - if you're productive, we're happy.

• Top pay. Competitive salary and an opportunity for equity or stock grants.

• Time off when you need it. Take at least 15 days. More if you need it.

• Budget to keep learning. Because if you're not growing, we're not growing.

• The chance to build something from the ground up. This is the time when what you do has the biggest impact.

• Problems worth solving. We're reshaping how work gets done.

At Siena, we’re not just looking for people who can do a job. We’re looking for people who want to break boundaries, create the future, and reshape industries. If that’s you, we look forward to your application.

Siena provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity, or gender expression. We are committed to a diverse and inclusive workforce and welcome people from all backgrounds, experiences, perspectives, and abilities.