DevSecOps Engineer III

Job Description: DevSecOps Engineer III (Remote Candidates will be considered) Our Story and Our Purpose National Digital Trust Company (In Organization) has received conditional approval from the Office of the Comptroller of the Currency to open as a federally chartered trust bank to provide a broad range of digital asset services. We are building a specialized financial institution addressing the growing demand for digital asset services. Our primary business will focus on digital asset custody, providing secure, efficient custodial and fiduciary services for a variety of digital assets. You will work with foundational systems and processes to help shape our operating model and influence how a new category of financial infrastructure comes to market. We are looking for builders who handle complexity with confidence and tackle ambitious opportunities while keeping pace with this rapidly evolving industry. Our Principles Greatness is a mindset, not an accomplishment. Mediocrity is unacceptable. Excellence is contagious. We hire people because we believe in their greatness. Now is the time to prove us right. Responsibility comes with the territory. Everyone is an owner, which means we share a common vision and mutual accountability. We act in line with our strategic objectives and the trust our customers place in us. We believe there is no such thing as "not my problem." Taking this level of ownership not only drives our collective success but also offers the potential for significant reward. Innovation and adaptation are in our DNA. We are in a period of the most dramatic and rapid period of technological change in the history of humankind. Those that stay ahead will thrive, those that don't, won't. We innovate intelligently and thrive on overcoming challenges, to get (at least) a little better every day and ensure our continued growth and success. Team first. We are reliable teammates working together toward extraordinary success through honesty and accountability. We believe collaboration knows no hierarchy, and we focus on what matters. We work toward consensus, but when necessary, we disagree and commit. We know that winners win. Job Overview As a DevSecOps Engineer III, you will be a key force in strengthening and scaling our secure digital asset infrastructure. You’ll design and implement automation, security controls, and cloud-native systems within our cloud environment — supporting both proprietary applications and critical third-party integrations. This role offers deep ownership across CI/CD, identity, secrets management, and security observability — with the mandate to push innovation while never compromising safety. You’ll collaborate closely with engineering, security, and compliance leaders to build infrastructure engineered for institutional confidence — and directly influence the future of digital asset security at an industry-defining company. Objectives Lead the hardening and modernization of our GitHub ecosystem — consolidating organizations, implementing guardrails and RBAC best practices, and establishing policy-as-code governance at scale. Assess and evolve the current CI/CD posture — modernizing pipelines, evaluating tooling, and driving toward fully automated secure delivery workflows. Implement Secure Software Development Framework (SSDF) practices to embed “secure-by-design” principles throughout the SDLC — ensuring supply chain integrity from commit to production. Act as an SRE for new application infrastructure — building out observability, proactive reliability patterns, performance scaling strategy, and operational readiness. Design, manage, and automate cloud infrastructure (including container and container orchestration where applicable) through infrastructure-as-code — aligned to NIST CSF 2.0, least-privilege, and zero-trust security models. Develop and integrate ITSM operational workflows — introducing automation and process maturity where needed to align engineering velocity with auditable controls and resilience. Promote a culture of security across the organization. Be able to wear many hats, performing critically required duties as necessary, especially as the team is being developed Occasional travel to other offices, customers, and vendor offices What you bring to our company 5–8+ years of experience in DevSecOps, SRE, or Cloud Security Engineering roles operating in production-critical environments Deep hands-on expertise with leading cloud providers (IAM, networking, security services, automation, zero-trust / least privilege, cost awareness) Practical experience operating and securing Kubernetes — including IaC-driven provisioning, policy enforcement, and observability Strong command of SCM administration — including RBAC, repo automation, organization policy enforcement, and secure SDLC controls Proficiency with Infrastructure as Code (Terraform, CDK, or equivalent) and configuration automation (e.g., Helm, ArgoCD, Crossplane, etc. a plus) Familiarity with ITSM-aligned engineering operations — enabling traceability, incident management, and operational readiness at scale Excellent communicator and proactive collaborator — able to influence cross-functional teams and advocate for secure-by-design principles Preferred Experience, Skills and Knowledge Advanced understanding of cloud security, identity, secrets management, and automated governance — ideally aligned to frameworks like CSF 2.0, ISO, or SOC2 Previous experience in fintech, blockchain, digital assets, or other highly regulated / high-trust environments Demonstrated experience owning and maturing CI/CD pipelines, with strong emphasis on supply-chain integrity, infrastructure automation, and SSDF-aligned delivery Strong self-starter with strong analytical and problem-solving skills We promote diversity of thought, culture, background, and experience. We are an equal opportunity employer, and employment at our company is based solely on one's merit and qualifications directly related to professional competence. We do not discriminate based on race, creed, color, ancestry, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, military or veteran status, or any other characteristics protected by law. Featured benefits Employer-provided: Medical, Dental, and Vision insurance, 401(k), and disability insurance We are a remote-friendly team and welcome applicants from across the U.S. Apply To This Job