Sr. DevSecOps Software Engineer

Echodyne offers the world’s first compact solid-state true beam-steering radar for a wide range of industries and applications. Our high-performance radars work in all weather and are designed for autonomous vehicles, uncrewed aircraft & drones, and security of borders, critical infrastructure, and smart cities. The company combines the patented technology of metamaterials with powerful software to create a radar sensor with unprecedented performance at commercial price points. Echodyne offers its radars to companies working in Automotive, Transportation, Critical Infrastructure Protection, Border Security, Smart Cities, Uncrewed Aircraft Systems (UAS), and Airspace Management including Urban Air Mobility (UTM).

We are seeking a Senior DevSecOps Software Engineer to lead the design and implementation of secure development and deployment practices across our software and systems stack. This is a high-impact, hands-on role where you will own the DevOps space and our stack for managing the CI/CD pipeline and help define DevSecOps strategy working with our VP of Cybersecurity, build secure pipelines, and ensure compliance with defense and commercial security standards—all while enabling rapid innovation. 

• →Architect, build, and maintain secure CI/CD pipelines supporting cloud, on-prem, and embedded systems 
• →Proactively identify and resolve bottlenecks in CI/CD pipelines to maintain fast, reliable and scalable build and test workflows 
• →Integrate automated software test into the CI/CD pipeline with metrics to ensure that builds are clearly controlled and tested 
• →Integrate automated security testing (SAST, DAST, SCA, fuzzing) into development workflows 
• →Lead “shift-left” security initiatives across the software development lifecycle (SDLC) 
• →Design and enforce secure software supply chain practices, including artifact signing, SBOM generation, and dependency management 
• →Develop and manage Infrastructure-as-Code (IaC) with security-first principles (e.g., Terraform, CloudFormation) 
• →Establish and maintain secure build environments, including support for controlled or air-gapped systems 
• →Collaborate with software, firmware, and systems engineers to remediate vulnerabilities and improve secure coding practices 
• →Implement identity and access management (IAM), secrets management, and encryption strategies 
• →Monitor, detect, and respond to security events across environments 
• →Support compliance efforts aligned with standards such as NIST 800-171, CMMC, and related frameworks 

• Bachelor’s degree or higher in Computer Science, Engineering, or a related field (or equivalent industry experience) 
• 6 or more years of experience in DevOps, DevSecOps, security engineering, or software engineering 
• Experience with programming/scripting in environments like Python, Go, Bash, or similar 
• Experience building and maintaining CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, etc.) 
• Experience with cloud platforms (AWS, Azure, or GCP) and secure cloud architecture 
• Proficiency with containerization and orchestration (Docker, Kubernetes) 
• Understanding of application and infrastructure security (OWASP Top 10, secure coding practices) 
• Experience with security tools such as SAST, DAST, SCA, container scanning 
• A working knowledge of Linux, networking, and system security fundamentals 

• Experience with managing pipeline for embedded firmware, real time software and test software infrastructure in addition to application or cloud software. 
• Background in defense, aerospace, or other regulated industries 
• Familiarity with compliance frameworks such as NIST 800-171, CMMC, RMF, or FedRAMP 
• Experience with secure embedded development or RTOS environments 
• Knowledge of Zero Trust architecture and policy-as-code (e.g., Open Policy Agent) 
• Experience working with air-gapped or high-security environments 
• Relevant certifications (e.g., CISSP, Security+, AWS Security Specialty) 

• Strong ownership mindset and ability to operate in a fast-paced startup environment. 
• Pragmatic approach to balancing security, compliance, and development velocity. 
• Excellent cross-functional communication skills. 
• Systems thinking across software, hardware, and infrastructure layers. 
• Continuous learning mindset in a rapidly evolving threat landscape

WHAT SUCCESS LOOKS LIKE

• Secure, scalable CI/CD pipelines that enable rapid and compliant software delivery 
• Reduced vulnerability exposure and faster remediation cycles 
• Strong alignment with defense and commercial security standards 
• A culture where security is embedded into engineering from day one 

Echodyne’s technology is export controlled by the U.S. Government and we must evaluate an applicant’s eligibility to handle export-controlled information or obtain required Government authorizations.  Therefore, we will ask you as part of the application process to identify whether you are a U.S. Citizen or green card holder, or have asylum/refugee status in the U.S.