DevSecOps Engineer - AI

We are looking for a DevSecOps Engineer - AI who brings a rare combination of cybersecurity expertise, quality engineering rigor, and modern DevOps practices to our founding team. You will be responsible for building and maintaining the secure, reliable infrastructure that powers our WealthOS platform while ensuring that every release meets the highest standards of quality and security.

This role sits at the intersection of security, quality, and operations. You will design our CI/CD pipelines, implement security controls, build automated testing frameworks for AI systems, and ensure our platform meets the compliance requirements of the financial services industry. You will work closely with the CTO and engineering team to make security and quality a competitive advantage, not a bottleneck.

What You Will Do

Security & Cyber Engineering

• Design and implement a comprehensive security architecture for AI-powered applications, covering data encryption, authentication, authorization, and secrets management.
• Conduct threat modeling, vulnerability assessments, and penetration testing across the platform, with special attention to AI-specific attack vectors (prompt injection, data poisoning, model exfiltration).
• Implement security scanning and monitoring throughout the SDLC: SAST, DAST, SCA, container scanning, and runtime threat detection.
• Build and maintain SOC 2 compliance controls, audit trails, and security documentation required for enterprise financial services clients.
• Establish incident response procedures, security runbooks, and a security-first culture across the engineering team.
• Monitor and protect AI model endpoints against adversarial attacks, unauthorized access, and data leakage.

Quality Engineering

• Design and build automated testing frameworks covering unit, integration, end-to-end, and performance testing for both traditional services and AI/ML components.
• Develop AI-specific quality assurance practices: LLM output evaluation pipelines, regression testing for model behavior, hallucination detection, and response quality benchmarking.
• Implement contract testing for APIs and integration points between microservices, LLM providers, and third-party financial data sources.
• Establish quality gates in CI/CD pipelines that enforce code coverage thresholds, security scan pass rates, and AI model performance baselines before deployment.
• Build observability and monitoring dashboards to track system reliability, AI model drift, latency SLAs, and error rates in production.
• Champion a quality-first engineering culture: define testing standards, conduct test architecture reviews, and mentor engineers on best practices.

DevOps & Infrastructure

• Design, build, and maintain CI/CD pipelines (GitHub Actions, GitLab CI, or similar) with integrated security scanning and automated quality checks.
• Manage cloud infrastructure (AWS or GCP) using Infrastructure as Code (Terraform, Pulumi, or CloudFormation), ensuring reproducibility and auditability.
• Implement containerized deployment strategies (Docker, Kubernetes) with secure configurations, network policies, and resource isolation for AI workloads.
• Set up environment management (dev, staging, production) with proper access controls, data segregation, and configuration management.
• Ensure high availability, disaster recovery, and backup strategies for production systems and AI model artifacts.

• 5+ years of experience in DevOps, DevSecOps, or infrastructure engineering, with at least 2 years focused on security engineering or cybersecurity.
• Strong background in quality engineering: hands-on experience designing test strategies, building automated test frameworks, and implementing quality gates in CI/CD.
• Deep knowledge of application security: OWASP Top 10, secure coding practices, encryption standards, identity and access management (IAM), and network security.
• Proficiency with cloud platforms (AWS or GCP), Infrastructure as Code (Terraform preferred), and container orchestration (Docker, Kubernetes).
• Experience with security tooling: Snyk, Trivy, SonarQube, Burp Suite, OWASP ZAP, AWS Security Hub, or equivalent.
• Familiarity with AI/ML systems and the unique security and quality challenges they present: prompt injection, model versioning, output validation, and data pipeline integrity.
• Strong scripting and automation skills in Python, Bash, or Go.
• Excellent communication skills: you can translate security and quality requirements into clear, actionable guidance for engineering teams.

Nice to Have

• Industry certifications such as CISSP, CEH, AWS Security Specialty, OSCP, or ISTQB.
• Experience with SOC 2 Type II audits, FedRAMP, or financial services compliance frameworks (PCI-DSS, GLBA, SEC/FINRA regulations).
• Background in securing AI/ML pipelines, including model supply chain security and adversarial robustness testing.
• Experience building chaos engineering practices or site reliability engineering (SRE) programs.
• Familiarity with financial data systems, custodial feeds, or wealth management platforms.
• Prior experience at an early-stage startup where you built security and quality infrastructure from scratch.

Tools & Technologies

Security

Snyk, Trivy, SonarQube, OWASP ZAP, HashiCorp Vault, AWS Security Hub

CI/CD

GitHub Actions, ArgoCD, Docker, Kubernetes, Helm

Infrastructure

Terraform, AWS / GCP, CloudFormation, Pulumi

Testing

Pytest, Playwright, k6, custom LLM evaluation harnesses

Monitoring

Datadog, Grafana, PagerDuty, CloudWatch, LangSmith

Competitive Salary

Competitive base salary reflecting Bay Area market rates and your specialized skill set.

Benefits & Wellness

Full health, dental, and vision insurance. Flexible PTO and a team that respects work-life balance.

Certification & Growth

Budget for security certifications, conferences, and continuous learning. Build security and quality practices from the ground up.

NovusMinds is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all team members.