DevSecOps Engineer
$165k - $195kRumble
Job Description
Job Description
Rumble is the Freedom-First technology platform. We proudly offer a video platform, cloud services, advertising solutions, and a non-custodial cryptocurrency wallet.
Rumble Cloud is seeking a DevSecOps Engineer to embed security throughout the software development lifecycle for our cloud platform and customer-facing services. This is a hands-on engineering role that owns our Secure Software Development Lifecycle (SSDLC) end to end: you'll design it, operate it, partner with engineering teams to remediate vulnerabilities, and continuously harden the CI/CD pipelines that ship Rumble Cloud to production.
Our platform is built on OpenStack and Ceph, and this role sits at the intersection of application security, platform engineering, and developer enablement. You should be comfortable reviewing pipeline configurations, triaging SAST, DAST, SCA, and container scanning findings with developers, and driving practical security improvements across Python, Go, and TypeScript codebases without becoming a bottleneck to delivery.
You'll work closely with application, platform, and infrastructure teams, with architectural guidance from our Software Architect, to make security a core part of how we build and ship software. That includes defining secure coding standards, integrating automated security tooling into CI/CD, improving software supply chain integrity, supporting audit readiness, and helping engineers make sound, scalable security decisions in a fast-moving cloud environment.
Responsibilities- Own the SSDLC end to end, including secure coding standards, threat modeling, security gates, policy-as-code, and documentation suitable for audits, in partnership with the Software Architect in an advisory capacity.
- Drive vulnerability identification, triage, and remediation across Python, Go, and TypeScript/React codebases, partnering directly with engineers to prioritize and fix issues effectively.
- Design, harden, and optimize CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or similar systems, ensuring security controls are integrated cleanly into developer workflows.
- Integrate and operate security tooling across the software delivery lifecycle, including SAST, DAST, SCA, secret scanning, container scanning, and dependency analysis.
- Implement secure software supply chain practices such as signed artifacts, SBOM generation, provenance controls, and related guardrails for build and release processes.
- Manage secrets, credentials, and signing keys used by build and deployment pipelines, applying least-privilege access, rotation, and secure storage practices.
- Partner with engineering teams to review code, assess risk, and recommend practical remediation approaches that improve security without unnecessarily slowing delivery.
- Support security incident response and post-incident follow-up for application and platform issues, helping identify root causes and drive durable fixes.
- Contribute to audit readiness and evidence collection for frameworks such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, especially where CI/CD controls and engineering practices are in scope.
- Mentor engineers on secure development practices and help establish a culture where security is built into design, implementation, and release processes from the start.
- Experience in a DevSecOps, application security, or product security role, including designing and operating a Secure Software Development Lifecycle (SSDLC).
- Hands-on experience with CI/CD systems such as GitHub Actions, GitLab CI, Jenkins, or similar, including pipeline design, optimization, and hardening.
- Strong knowledge of application security tooling including SAST, DAST, SCA, and container scanning, along with a practical understanding of the OWASP Top 10.
- Ability to read and review code in at least one of Python, Go, or TypeScript and to work directly with developers on remediation.
- Experience with Docker and Kubernetes, secrets management systems such as Vault, and authentication patterns such as OAuth2 and OpenID Connect.
- Strong communication and collaboration skills, with the ability to influence engineering teams and drive secure practices without direct authority.
- Security certifications such as CSSLP, OSCP, GWAPT, CISSP, or equivalent.
- Experience with software supply chain security practices and tooling, including SLSA, Sigstore/cosign, and SBOM generation or validation.
- Familiarity with OpenStack, Ceph, or other large-scale open-source infrastructure platforms.
- Experience supporting audits or compliance initiatives such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, including evidence collection tied to CI/CD and engineering controls.
- Experience with threat modeling methodologies such as STRIDE or PASTA, and with IaC security scanning across Terraform, Ansible, and Kubernetes manifests.
- Familiarity with multi-tenant SaaS or public cloud environments, and experience operating Rocky Linux or Ubuntu in production.
Annual Compensation Range:
$165,000 - $195,000 USD base + benefits + equity (If based in the United States)
$122,000 - $158,000 CAD base + benefits + equity (If based in Canada)
Note: The salary range listed for this position is a good faith estimate based on experience, qualifications, and internal compensation structure. The actual salary offered varies depending on the candidate's skill level and experience. This posting refers to an active vacancy within the organization.
Why Our Team Loves Working Here:
- We are making a significant financial impact for our video creator community; we're proud of their success stories
- We enjoy challenging the status quo and going head-to-head against Big Tech
- We aren't afraid to try new things; we act fast and want to win
- We pay competitive salaries and provide great benefits
EEO Statement:
Rumble is an equal opportunity employer. We promote an equal playing field where everyone has the same opportunities regardless of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law. Rumble is an active participant in the e-verify program.
Physical demands of the position:
While performing the duties of this job, the employee is regularly required to sit for prolonged periods of time while using a computer and/or keyboard. The employee is required to communicate verbally and hear. The employee may be required to walk, reach with hands and arms, balance, and stoop or kneel. The employee may occasionally be required to lift and/or move up to 15 pounds. Specific vision abilities required by this job include clarity of vision at approximately 20 inches or less (i.e., working with small objects or reading small print), including the use of computers.
- We are seeking a DevSecOps Engineer to bridge the gap between web development, operations, and security. You will be responsible for developing secure web applications, managing CI/CD pipelines, and implementing robust cloud and network security practices across our infrastructure...Suggested
- The DevSecOps Engineer (Detection & Pipeline Security) plays a pivotal role at the crossroads of DevOps, Security Engineering, and Threat Detection. This position is responsible for managing secure CI/CD pipelines across high-compliance environments and ensuring detection...SuggestedLocal areaShift work
- ...POSITION REQUIREMENTS**We are seeking a motivated, self-starting Intern to join our Digital Engineering team of the Applied Research Laboratory (ARL) at Penn State to perform DevSecOps-related functions around software development, cyber security, and/or cloud-native tool...SuggestedInternshipRemote work
$147.54k - $184.43k
Senior DevSecOps Engineer - responsible for optimizing the security of cloud infrastructure, including Kubernetes, Docker, and Terraform. Must be fluent in modern DevOps tooling, possess a keen security mindset, deep knowledge of Linux hardening and cloud deployment best...SuggestedLocal area$75.6k
...for enthusiastic technologists who want to grow their career in DevSecOps. You’ll be the right fit if you love to solve problems and... ...learn new things. We’re looking for self‑motivated, self‑driven engineers who are passionate about what they do and love cybersecurity....Suggested- About Istari Digital Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering...For contractorsRemote workHome officeFlexible hours
- ...code” culture—treating infrastructure, configurations, and processes with the same discipline as software development. The Hosting Engineer will join our Platform Engineering team to design, build, and maintain the foundation of Zywave’s cloud and on‑premise hosting...
$121k - $163k
Chartis is seeking a Senior Security Engineer to support security in cloud-native environments. The ideal candidate will have 5-8 years of hands-on experience in IAM and DevSecOps, working closely with engineering teams to ensure secure application development. Responsibilities...Remote job$90k - $105k
...days per wee onsite. Visa Sponsorship :Talan does not sponsor U.S. work permits or employment visas. We are seeking a talented DevSecOps Engineer to join our team and work on secure CI/CD, cloud, and application delivery platforms. The ideal candidate will have strong...WorldwideVisa sponsorshipWork visa- A tech-focused organization in the United States is seeking a DevSecOps Engineer to manage secure CI/CD pipelines and integrate security practices early in the development process. The ideal candidate will have a strong background in both DevOps and security, with hands...
- AgileEngine, LLC. is seeking a Middle Application Security Engineer in New York to perform hands-on DevSecOps activities, including tightening CI/CD security integrations and enhancing vulnerability management tools. The role emphasizes coding skills in Python and working...Flexible hours
- A leading AI software delivery platform is looking for an experienced DevSecOps Solutions Architect to engage with customers and implement best practices for CI/CD processes. The role involves collaborating with technical teams and providing solutions to enhance deployment...Remote job
- A leading tech company is hiring a remote DevSecOps Engineer to integrate security into the DevOps pipeline. The candidate should have a solid background in software development and IT operations. Responsibilities include automating security controls and collaborating...Remote jobFlexible hours
- DronSense is seeking a DevSecOps Engineer to join their innovative team, focusing on secure software development and deployment. This role involves working with a variety of technologies and tools to enhance the security of their drone software systems. The ideal candidate...Remote work
- Job Title: DevSecOps Engineer Job ID: 2024-12687 Job Location: Mt Laurel, NJ or New York, NY or Toronto, ON or London, ON (2 days/week onsite) # Positions: 3 Employment Type: W2 Duration: Long term # of Layers: 0 Work Eligibility: All Work Authorizations are Permitted...2 days per week
- Overview Discover exciting DevOps job opportunities and connect with 28,396 DevOps professionals. The DevSecOps Engineer position involves integrating security practices within the DevOps process, specifically in a remote capacity. Candidates are expected to have a strong...Remote workFlexible hours
- Innovatus Technology Consulting is seeking a highly skilled DevSecOps Engineer to design and maintain secure, automated cloud-native environments on AWS. This role includes building serverless APIs and managing CI/CD pipelines while ensuring security and operational excellence...Remote job
$140k - $195k
...TitleDevSecOps EngineerCompensation$140,000 - $195,000 USD / yr## Role OverviewWe are looking for a security-minded, automation-first DevSecOps Engineer to embed security into every stage of LockedIn AI’s software development and deployment lifecycle. This is a shift-left...Shift work- GetParking is seeking a DevSecOps professional to enhance the security of our engineering department. This role requires a Security Guardian to ensure our software meets rigorous security standards, especially for managing Protected Health Information (PHI). You will be...
- Cyber Security Courses in the United States is seeking a DevSecOps professional who will own the security lifecycle of our platform, with a strong focus on handling Protected Health Information (PHI) securely and in compliance with HIPAA regulations. The successful candidate...
$80k - $100k
...process through our dedicated payroll system. Remember: If your communication differs from this process, it's not from Innovate. DevSecOps Engineer Location: Remote, Position: DevSecOps Engineer Reports To: FLSA: Exempt Location: Remote, Posted: 1/14/26 Embrace the...Full timeLocal areaRemote work- A cutting-edge software company in the United States is seeking a skilled DevSecOps Engineer to join their Customer Experience team. The role focuses on deploying and supporting applications on their cloud-native platform, Game Warden, while ensuring security and compliance...Full time
$140k - $170k
...practical problem‑solving, and building products that customers genuinely rely on. Why This Role Matters We’re looking for a Senior DevSecOps Engineer as we scale our platform and infrastructure to lead the charge on security and reliability at the system level. This role...Local areaRemote workWork from homeWork visaFlexible hoursShift work- Rackner, Inc. is seeking a remote DevSecOps (Kubernetes) Engineer SME to support a US Air Force program called Platform One, which provides tooling for mission application owners. The ideal candidate will have deep experience in Kubernetes, Terraform, and CI/CD pipelines...Remote job
$140k - $195k
A tech-focused company in New York seeks a skilled DevSecOps Engineer to embed security into all development stages. This role involves designing secure CI/CD pipelines, promoting secure development practices, and implementing infrastructure security across cloud environments...- DevSecOps Engineer / AWS Cloud Engineer (Serverless, CI/CD, IaC, ECS Fargate) Location: Remote Role Summary We are seeking a highly skilled AWS Cloud / DevSecOps Engineer to design, build, and maintain secure, scalable, highly automated cloud-native environments on AWS...Remote work
- ...assistance through MyQuest for Education Career advancement opportunities and so much more! We are seeking an AzurePrincipal DevSecOps Engineering leadwith extensive experience in leading large‑scale cloud transformations for mission‑critical Tier 1 business applications...Full timePart timeFlexible hoursShift work
- Highlighttech is seeking a Microservice Developer to join an Agile DevSecOps team in the United States. The candidate will be responsible... ...candidates holding a Bachelor’s Degree in computer science or engineering, the role requires 3+ years of experience, strong...Remote jobFull time
- ...highly scalable, distributed products on hybrid clouds (AWS, GCP and first‑party clouds). Owning and executing cross‑functional DevSecOps initiatives with highly impactful organization‑wide outcomes. Architecting, designing and implementing systems to support deployment...Work at officeLocal area
- A leading technology academy in the United States is seeking a DevSecOps Engineer to bridge the gap between web development, operations, and security. You will design and deploy secure applications, manage CI/CD pipelines, and ensure robust security practices across cloud...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to DevSecOps Engineer. Be the first to apply!
