his is a fully REMOTE position. Only applicants who currently reside in California, Colorado, Oregon, and Washington State will be considered for this role.
3Si is a software (SaaS) company that helps governments, nonprofits, and philanthropies use data to improve the lives of children. We work with a network of state and city governments to build data systems that help identify and address early childhood service gaps. Founded in 2012, 3Si is a mission driven organization with a collaborative, entrepreneurial, innovative, and fully remote work culture.
We are growing and seeking a mission driven Senior DevSecOps Engineer to join our Engineering team. Ideal candidates will bring deep security expertise and thrive in a small, fast-paced SaaS environment and wants to directly shape the company’s secure technology foundation.
We’re launching a next-generation platform from the ground up, and this role will be one of our first senior engineering hires. You’ll have broad ownership across application development, DevOps, and infrastructure. If you’re an independent builder who cares about user experience and secure design, this is your chance to shape a platform that matters.
As our Senior DevSecOps Engineer, you’ll be at the center of protecting the integrity, reliability, and scalability of our SaaS platform. This role goes beyond managing infrastructure — you’ll embed security into every stage of the software lifecycle, ensuring that innovation moves fast without compromising compliance or trust. From building resilient cloud environments to guiding our teams through SOC 2, NIST, and HIPAA requirements, you’ll shape the systems that safeguard our customers and enable our business to grow securely.
This role also requires strong experience in SaaS development operations. The ideal candidate can balance security with building scalable, cost-effective cloud systems, and make clear trade-offs between features, performance, and expenses. Experience with analytical SaaS products is a plus, given our platform’s focus on large-scale data integration and analysis.
Requirements
What You Will Do
- ·loud Infrastructure & Security:?Design, implement, and manage secure, scalable cloud infrastructure (Azure, AWS, or GCP) in alignment with SOC 2, NIST, and HIPAA requirements.
- Infrastructure as Code:?Use Terraform (required) to provision reproducible, compliant environments with reusable modules.
- CI/CD & Automation:?Build and maintain automated pipelines using GitHub Actions for testing, deployment, and monitoring with security integrated at every stage (compliance guardrails, vulnerability scanning, etc)
- Identify & Access Management: Automate provisioning and governance with Entra/Okta/SCIM, enforce least-privilege access, MFA, and conditional access across tenants.
- Security Operations:?Manage encryption keys, vulnerability scanning, logging, monitoring, and incident response.
- Monitoring & Incident Response:?Develop observability practices (metrics, logging, alerting) and lead incident management with SIEMs, root cause analysis, and post-mortems.
- Compliance Readiness:?Partner with compliance teams to ensure infrastructure, policies, and controls align with regulatory requirements; support audits and certification renewals.
- Work cross-functionally with Engineering and Product to embed security and compliance into software development and delivery.
- Vendor & Tool Management:?Evaluate, select, and manage third-party tools and vendors that support DevSecOps practices.
- Stay current with emerging DevSecOps tools, cloud security frameworks, and compliance regulations; bring forward best practices to strengthen infrastructure security.
What You Will Bring
- Bachelor’s degree or greater in Computer Science, Information Technology, or related field
- 10+ years’ experience in DevOps, Cloud Engineering, or Security Engineering, with at least 5 years focused on DevSecOps or equivalent security-focused DevOps role.
- Proven expertise with cloud environments (Azure required; AWS or GCP also considered).
- Hands-on experience with CI/CD tools (GitHub Actions) and containerization/orchestration (Docker, Kubernetes).
- Deep understanding of Terraform (required)
- Strong security background, including identity and access management, network security, encryption, vulnerability management, and incident response.
- Experience working in regulated environments with SOC 2, HIPAA, NIST, or FedRAMP compliance frameworks.
- Experience building and maintaining SaaS platforms, including multi-tenant cloud architecture, cost optimization, and system reliability.
- Familiarity with analytical SaaS products or data-driven applications (e.g., data pipelines, observability, performance tuning) is a strong plus.
- Familiarity with compliance automation platforms (Drata, Vanta) and SIEM/logging stacks (Azure Sentinel, Datadog)
- Strong problem-solving and troubleshooting skills, with ability to balance security and delivery needs.
- Excellent collaboration and communication skills, able to partner with technical and non-technical stakeholders.
Why Join 3Si
- Build meaningful tools that directly improve early childhood systems across the U.S.
- Join a small, nimble team where your decisions have visible impact.
- Work in a fully remote culture with flexibility, autonomy, and collaboration at its core.
3Si Perks
3Si offers a professional and fun work environment. We recognize and value our employees and strive to create a supportive environment for our team. Here are some of the "perks" we provide to ensure our employees can thrive:
- Competitive compensation with base salary range of $160-200, plus annual bonus plan.
- 100% Company sponsored Medical, Dental, Vision, STD, EAP, and voluntary life/ad&d plans.
- Paid Time Off starting at 3 weeks per year and 11 paid holidays.
- 401k retirement plan + match
- Career development opportunities
3Si provides equal opportunity for all applicants without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, sexual orientation, veteran status, or any other basis protected by state or federal law.
