Sr. DevSecOps Engineer (SaaS, EdTech)

Interplay Learning sits at the intersection of EdTech, Virtual Reality, and Enterprise Software as it modernizes Learning Management & Content Systems throughout the skilled trade industries.Since 2016, Austin-based Interplay Learning has been building better training, better careers and better lives for its customers and their employees.Our award-winning online and VR training for the essential skilled trades, including HVAC, Plumbing, Electrical, Solar, Multi-Family Maintenance and Facilities Maintenance workforces, is scalable and more effective than traditional training methods. By leveraging immersive learning technology, Interplay’s customers are able to train and practice hands-on learning from a desktop, phone, tablet, or in virtual reality. The result is a highly trained employee who is job-ready in weeks, not years.Our digital experiential learning platform, SkillMill, conveniently turns any space into a training lab with its short video courses, 3D simulations, knowledge checks, coaching, community, and connectivity.Built-In, Best Midsize Places to Work In Austin 2023 & 2024Fast Company’s World Changing Ideas Awards in the Education, General Excellence, and On the Rise categoriesWe are seeking an experienced Senior DevSecOps Engineer with a strong background in Google Cloud Platform (GCP) and multi-cloud environments to lead our security and infrastructure efforts.As a pivotal member of our engineering team, you will be responsible for architecting, implementing, and securing our CI/CD processes and system architecture for our cutting-edge VR training platform.This role offers the opportunity to build and lead security initiatives from the ground up, making a direct impact on our innovative EdTech products.Why this position:Work on meaningful, mission-driven projects in VR, EdTech, and AI.Collaborative and passionate team environment.Be a key player in shaping the security landscape of a fast-growing company.Flexible, fully remote work with a culture that values independence and self-direction.What you’ll do:Security Architecture: Develop, implement, and maintain security standards and protocols for our infrastructure, with a focus on automation and scalability.CI/CD Security: Build and maintain a secure CI/CD pipeline, ensuring automated security testing (SAST/DAST) is integrated throughout the deployment process.Multi-cloud Expertise: Lead security efforts in a GCP-centric environment with multi-cloud (AWS, limited Azure) experience. Migrate away from Azure services where applicable.Security Stack Selection: Evaluate, recommend, and implement security tools and technologies (e.g., vulnerability scanners, container security, monitoring solutions).Compliance & Governance: Ensure compliance with SOC 2, and provide expertise in GDPR, CCPA, and potentially ISO 27001 in the future.Monitoring & Incident Response: Build automated monitoring, alerting, and incident response processes using tools like Datadog, Sentry, and other automated vulnerability management systems.Infrastructure as Code (IaC): Use Terraform to manage infrastructure securely and efficiently.Container & Serverless Security: Secure Docker containers, Kubernetes environments, and serverless systems such as S3 and AppEngine.Continuous Learning: Stay up to date with the latest security threats, tools, and best practices to drive continuous improvement in security practices.Who you are:Self-Starter: You are comfortable working autonomously in a team of one for now but have the potential to mentor junior hires in the future.Hands-On Leader: You enjoy the balance of getting hands dirty with technical tasks while driving strategy and decision-making for security.Collaborative Team Player: You thrive in a fully remote environment and value communication, teamwork, and the exchange of ideas.Builder Mentality: You're excited about the opportunity to build security infrastructure from the ground up, shaping the future of our company's security posture.Requirements:8+ years of DevOps and Security expertise spanning startup and enterprise environments.Extensive experience in Google Cloud Platform (GCP), with multi-cloud experience in AWS and familiarity with Azure (with the intent to deprecate).Proficient in Terraform and Infrastructure as Code (IaC) principles.Experience with containerization (Docker) and Kubernetes for internal systems, with a focus on securing these environments.Familiarity with serverless architectures (AppEngine, S3).Experience securing CI/CD pipelines with tools such as GitLab CI/CD, including automated testing (SAST/DAST).Experience with Datadog, Sentry, and other monitoring or vulnerability management tools.Solid knowledge of SOC 2 compliance and understanding of CCPA, GDPR, and ISO 27001.Excellent decision-making and problem-solving skills, especially in high-pressure situations.Bonus: Security certifications such as CISSP, CISM, or CompTIA Security+.Pay:

up to $185kCompany Benefits:Remote-first culture and flexible hoursLearning resources and annual learning reimbursementFamily-friendly policiesGenerous vacation policy includes 3 weeks of PTO, 1 week Winter Break, holidays and sick daysMedical, vision and dental insurance coverage401kPrivate company stock optionsMental health and wellness resources

#J-18808-Ljbffr