Senior Lead DevOps Cloud Engineer

Senior Lead DevOps Cloud Engineer

• About OFFENSAI

OFFENSAI is a cybersecurity company building an autonomous, continuous cloud red-teaming platform designed to execute real-world attacker behavior across cloud environments. The platform enables organizations to discover, validate, and prioritize exploitable attack paths in production environments, moving beyond traditional point-in-time penetration testing and checklist-based security assessments.

• Role Overview

We are seeking a highly skilled Senior Lead DevOps Cloud Engineer to drive the evolution of our cloud-native platforms and lead a high-performing engineering team. This role combines deep technical expertise in AWS, DevOps automation, and full-stack development with strong leadership capabilities to shape architecture, mentor engineers, and deliver scalable, secure, and resilient systems. You will act as a bridge between development, operations, and platform engineering - driving DevOps best practices, optimizing CI/CD pipelines, and ensuring seamless integration across front-end, back-end, and infrastructure layers.

• Key Responsibilities

1. Technical Leadership & Team Mentorship

Lead and mentor a team of DevOps and platform engineers, fostering a culture of collaboration, innovation, and continuous improvement. Drive technical decisions, code reviews, and architectural governance across projects.

2. Cloud Infrastructure & Automation

Design, implement, and manage scalable, secure, and cost-optimized cloud architectures on AWS, leveraging Infrastructure as Code (IaC) tools such as Terraform. Automate provisioning, monitoring, and compliance across environments.

3. CI/CD Pipeline Development & Optimization

Architect and maintain robust CI/CD pipelines using tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. Implement automated testing, security scanning, and deployment strategies (blue/green, canary) to ensure rapid, reliable software delivery.

4. Full-Stack Development Integration

Collaborate closely with development teams building on ASP.NET (5+ years' experience required) and modern front-end frameworks such as Next.js or equivalent. Ensure seamless integration between application layers and infrastructure, supporting both legacy and greenfield systems.

5. Platform Reliability & Observability

Implement comprehensive monitoring, logging, and alerting solutions using tools like Prometheus, Grafana, ELK Stack, or CloudWatch. Proactively identify and resolve performance bottlenecks, system failures, and security vulnerabilities.

6. Security & Compliance

Enforce security best practices across the SDLC, including identity management (IAM), network security (VPC, WAF), encryption, and compliance with industry standards (e.g., ISO 27001, SOC 2, etc.).

7. Cross-Functional Collaboration

Work closely with Product, C-Level, Security, and QA teams in a constructive environment to align platform capabilities with business goals. Translate technical requirements into actionable roadmaps and deliverables.

Required Qualifications:

1. Bachelor's or Master's degree in Computer Science, Engineering, or a related field
2. 2+ years of hands-on experience with AWS, including core services (EC2, S3, RDS, Lambda, ECS/EKS, VPC, IAM, CloudWatch)
3. 2+ years of experience in DevOps practices, including CI/CD, configuration management (Ansible, Chef, Puppet), containerization (Docker), and orchestration (Kubernetes)
4. 5+ years of professional software development experience with ASP.NET (C#, .NET Core)
5. Experience with front-end frameworks such as Next.js, React, or similar
6. Proven technical team lead experience - must have led engineering teams, conducted code reviews, and driven architectural decisions
7. Strong scripting skills in Python, Bash, or PowerShell
8. Strong skill set with Git and modern branching strategies (GitOps)
9. Solid understanding of DevSecOps principles and practices

Interested in remote work opportunities in Devops? Discover Devops Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

Preferred Qualifications

1. Certifications: AWS Certified DevOps Engineer – Professional, AWS Certified Solutions Architect, Certified Kubernetes Administrator (CKA), or AWS Certified Security – Specialty
2. Experience with Terraform or other IaC tools in production environments
3. Knowledge of serverless architectures, microservices, and API gateways
4. Familiarity with container registries, service meshes (Istio, Linkerd), and service discovery
5. Experience in regulated environments (e.g., automotive, finance, healthcare) is a plus

What We're Looking For

Beyond technical skills, we value individuals who demonstrate excellent communication and interpersonal abilities, with a proven capacity to lead, motivate, and have a growing mindset. You should be a proactive problem-solver with a customer-centric mindset, adaptable and committed to continuous learning in an ever-evolving technology landscape. Fluency in English (written and spoken) is a must; additional languages are a plus.

Why This Role Matters

The Problem We're Solving --> Security teams are drowning in vulnerability reports that don't reflect actual risk. Traditional scanners flag thousands of issues, but which ones can an attacker actually exploit? Security and DevOps teams waste months chasing theoretical vulnerabilities while real attack paths remain invisible until it's too late.

Our Approach

We're building an AI-powered adversarial engine that thinks like an attacker. Instead of static scans, we continuously simulate real attack behaviors in cloud environments - lateral movement, privilege escalation, data exfiltration - to map authentic attack paths. We don't just report what's misconfigured; we prove what's exploitable and provide fixes that close the problem loop.

The Technical Challenge

This isn't your typical security tooling. You'll be building infrastructure that:

1. Runs adversarial simulations at scale without disrupting production workloads (think chaos engineering meets penetration testing)
2. Orchestrates AI agents that behave like APT groups, exploring cloud environments to find chained vulnerabilities traditional tools miss
3. Generates validated remediation code automatically - NOT recommendations, but actual kill chains that close attack paths
4. Operates in multi-cloud, multi-account environments with zero trust assumptions and strict isolation boundaries

What You'll Build

As a Senior Lead, you'll architect the platform that security and DevOps teams rely on to shift from reactive patching to proactive defense:

1. Agent orchestration systems defining, implementing, and managing distributed AI-powered attack simulations across customer cloud environments
2. Real-time graph databases tracking cloud assets, permissions, and attack path relationships
3. Kubernetes-based execution environments with strict sandboxing for safe adversarial testing
4. CI/CD integration points that block deployments introducing new exploitable attack paths

IaC remediation pipelines and beyond that translate attack path analysis into deployable security fixes

Why This Matters to You

If you've ever been frustrated by:

1. Security tools of yesterday that generate noise instead of actionable intelligence
2. The gap between "we found a vulnerability" and "here's how to fix it in your infrastructure"
3. Watching security, engineering, and development teams talk past each other
4. Building security solutions that become shelfware because they don't fit real workflows
5. Tired of Corporate jargon and endless meetings
6. No professional advancement future in sight

...then you'll find this work deeply satisfying. You're not just maintaining infrastructure - you're building the platform that fundamentally changes how organizations validate and fix cloud security posture.

The Impact

Our customers go from 90-day remediation cycles to same-day fixes. Security teams stop being the "department of no" and start providing infrastructure code that DevOps can merge confidently. You'll see your work directly reduce actual breach risk, not just compliance checkbox counts.

What Makes This Different

1. Greenfield architecture decisions: Build it right from the start, with modern cloud-native patterns
2. Hard technical problems: Distributed systems, AI orchestration, graph algorithms, adversarial simulation - this isn't CRUD apps
3. Security domain depth: Work at the intersection of offensive security research and production infrastructure
4. Immediate feedback loops: Watch your platform find real attack paths customers didn't know existed
5. No legacy baggage: We're not bolting AI onto 15-year-old scanner architecture

You'll work with a team that understands both sides - the offensive security mindset and the operational reality of running production infrastructure. We speak fluent Cloud, MITRE ATT&CK, and Cybersecurity.

Compensation & Benefits

Salary Range

$48,000 – $65,000 USD, commensurate with experience and expertise. For exceptional candidates with extensive leadership experience and specialized security domain knowledge, compensation may exceed this range.

Equity & Ownership

• Stock options or phantom shares based on seniority, impact, and contribution to company growth.

Work Environment

1. Fully Remote: Work from anywhere in Romania (or EU, if applicable)
2. Flexible Hours: Core overlap hours for team collaboration with asynchronous work supported
3. Home Office Setup: High-end laptop and home office equipment budget

Time Off & Work-Life Balance

1. 20 days paid vacation (in addition to Romanian public holidays)
2. Up to 10 days of sick leave with pay
3. Up to 10 additional personal days for life events

Professional Growth

1. Annual Learning Budget: Dedicated funds for courses, certifications (AWS, Kubernetes, etc.), books, and conference attendance
2. Career Development Plans: Clear progression paths and regular performance reviews

Wellness & Lifestyle

1. Gym Allowance: Monthly contribution toward fitness
2. Private Health Insurance: Comprehensive medical coverage

Team & Culture

1. Annual Team Retreats: In-person offsites to foster connection and collaboration
2. Collaborative Culture: Work with a talented, diverse team passionate about cloud security innovation