DevOpsHunt
Jobs / Google

Senior DevSecOps Engineer, National Security, Public Sector

Google · Washington, DC, United States
Washington, DC, United StatesExp: 5+ yrs174,000-253,000 USD/yearlyRemote
Remuneration
15% bonus target + bonus + equity + benefits
Location
Washington, DC, United States
Visa sponsorship
Not specified

Job summary

As a Senior DevSecOps Engineer, you will bridge offensive AI security research and defensive platform engineering, serving as the core architect of an automated purple-teaming pipeline. You will design automation to continuously emulate threats, validate guardrails, and deploy real-time containerized and network defenses. This role focuses on securing large language models, runtime isolation configurations, and automated detection workflows.

Benefits

Health insuranceDental insuranceVision insuranceLife insuranceDisability insurance401(k) with company match20 days of vacation per year40 hours/year sick time (69 hours/year for Seattle)5 discretionary sick days per instanceMaternity Leave (Short-Term Disability + Baby Bonding): 28-30 weeksBaby Bonding Leave: 18 weeks13 paid holidays per year

Qualifications

  • Bachelor's degree or equivalent practical experience.
  • 5 years of experience with Python, Go, or Bash for system automation, middleware creation, and tool integration.
  • 5 years of experience in a DevOps or DevSecOps role, including automation and pipeline security.
  • 5 years of experience managing containerized environments, orchestration tools (Kubernetes), and infrastructure-as-code (IaC) tools like Terraform or Ansible.
  • Ability to travel up to 25% of the time to engage with customers.
  • Possess an active Top Secret/SCI security clearance with current polygraph.
  • Experience with securing AI/ML deployment frameworks (e.g., vLLM, Triton) and auditing underlying short/long-term storage systems like vector databases.
  • Experience implementing automated open source intelligence (OSINT) collection systems to transform threat disclosures into actionable signatures or incident response (IR) playbooks.
  • Experience deploying advanced container runtime isolation technologies (e.g., gVisor, Kata Containers) and designing strict pod egress network policies.
  • Knowledge of supply chain security tools, automated secret governance, and configuring continuous security gates at the pull-request level.
  • Familiarity with AI-specific risk frameworks, notably MITRE ATLAS and the open worldwide application security project (OWASP) for LLMs.

Responsibilities

  • Establish security baselines for agent construction, engineering strict privilege boundaries and data flow mapping between agents, vector databases, and external systems to prevent data leakage and indirect prompt injections.
  • Integrate automated red-team testing workflows (prompt injection, jailbreaking, privilege escalation) directly into deployment pipelines for continuous compliance with MITRE ATLAS, OWASP, and STRIDE.
  • Deploy robust container isolation and strict network egress filtering to restrict runtime access, minimizing the exploit blast radius within high-compute GPU/TPU environments.
  • Integrate automated security tools, image scanning, and software bill of materials (SBOM) generation into pipelines, leveraging enterprise software for secure secrets management across model artifacts.
  • Build and maintain automated code scanners for deep data flow analysis and fuzzing to catch vulnerabilities while minimizing false positives.

Skills

AnsibleBashGoKubernetesPythonTerraform

Degrees

Bachelor's degree

Travel

Travel up to 25% of the time to engage with customers

Security clearance

Active Top Secret/SCI security clearance with current polygraph

Relocation

No
Apply Now