Senior DevSecOps Engineer

**About PlexTrac** PlexTrac is a cybersecurity SaaS platform helping security teams streamline reporting, exposure management, and remediation workflows. Our platform is used by penetration testers, red teams, consultants, enterprises, and managed security providers to operationalize security findings and improve collaboration across technical and executive stakeholders. We are a remote\-first company headquartered in the United States with distributed team members across North America, Europe, and Asia. We are committed to ownership, transparency, practical problem\-solving, and building products that customers genuinely rely on. **Why This Role Matters** We’re looking for a **Senior DevSecOps Engineer** as we scale our platform and infrastructure to lead the charge on security and reliability at the system level. This role will work closely with engineering, product, and leadership to architect and implement systems that are resilient, secure, and scalable from day one. You'll be responsible for owning infrastructure, security, and reliability end\-to\-end, helping to shape the technical strategy. This is a high\-impact, hands\-on role for a senior engineer who thrives in a small, fast\-paced team environment. Are you up for the challenge? Apply today! **Location:** Remote — U.S only. **Key Responsibilities** * Cloud \& Infrastructure Security \- Write and maintain Infrastructure as Code (IaC) with secure defaults, ensuring least privilege access and robust cloud configurations. * Vulnerability Management \- Hunt for weaknesses, perform threat modeling, prioritize remediation, and guide engineering teams on how to fix discovered flaws. * Incident Response \& Monitoring \- Monitor live systems, investigate security anomalies, and respond to breaches. * Develop, deploy, and maintain Infrastructure\-as\-Code (IaC) in a GCP cloud\-based environment * Lead the development and enforcement of security architecture and operational best practices * Establish monitoring, alerting, and incident response strategies across environments * Define and execute on security roadmaps (e.g., threat modeling, vulnerability scanning, IAM policies) * Partner with developers to shift security and reliability left into the SDLC * Support compliance and audit initiatives (SOC2, ISO27001\) * Develop and maintain automated CI/CD pipelines for DBs, Servers, containers, and applications using DevSecOps tools to include Terraform, Ansible, GitHub, ArgoCD * Develop integration interfaces using Python, Bash and Go * Deploy and maintain complex modern cloud architectures * Create automated testing plans for infrastructure and applications * Create and update technical documentation (e.g. user guides, infrastructure diagrams) * Work across infrastructure that contains both Linux and Windows * Work and communicate effectively in a group environment with technical and non\-technical, management and customer both written and verbally * Utilize robust troubl