DevSecOps Engineer

Radical AI, Inc. is an artificial intelligence company that is accelerating scientific research & development. We are at the forefront of innovation in the field of materials R&D, a critical driver for advancing our most cutting-edge industries and shaping the future. Breaking away from the traditionally slow and costly R&D process, Radical AI leverages artificial intelligence and machine learning to pioneer generative materials science. This innovative field blends AI, engineering, and materials science, revolutionizing how materials are created and discovered. Radical AI's approach speeds up R&D and addresses global challenges, setting new benchmarks in technology and sustainability.

The opportunity

As a DevSecOps Engineer at Radical AI, you will be instrumental in building and maintaining a secure and efficient development and deployment pipeline for our cutting-edge AI and materials discovery platform. You will be responsible for integrating security practices throughout the software development lifecycle, automating security controls, and ensuring the resilience and integrity of our infrastructure and applications. Your work will be critical in enabling the rapid and secure delivery of our innovative solutions.

• Integrate security tools and practices into every stage of the development lifecycle, from code creation to deployment and monitoring.
• Design, build, and maintain robust, secure and scalable CI/CD pipelines to automate software delivery processes.
• Automate security testing (SAST, DAST, vulnerability scanning) and integrate the results into the development workflow.
• Design and implement secure and optimized cloud (e.g., AWS, Azure, GCP) and on-prem infrastructure following security best practices and compliance standards.
• Develop and maintain infrastructure-as-code (IaC) using tools like Terraform or CloudFormation, incorporating security configurations.
• Implement and manage security monitoring and alerting systems to proactively identify and respond to potential threats.
• Implement and manage monitoring and alerting systems to proactively identify and resolve infrastructure and application issues.
• Troubleshoot and resolve infrastructure and deployment-related issues across development, staging, and production environments.
• Implement and manage containerization and orchestration technologies (e.g., Docker, Kubernetes) to improve application portability and scalability.
• Collaborate closely with software engineers, ML engineers, and research scientists to understand their needs and provide secure and efficient solutions.
• Develop and maintain security policies, procedures, and documentation.
• Stay up-to-date with the latest security threats, vulnerabilities, and best practices.
• Promote a security-conscious culture within the engineering teams through training and knowledge sharing.
• Troubleshoot and resolve security-related issues in development, staging, and production environments.
• Mentor and guide junior team members and interns on DevSecOps principles and practices.
• Conduct security assessments of our systems and applications.

• B.S. or M.S. in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience.
• Proven experience in a DevSecOps, Security Engineering, or DevOps role with a strong security focus.
• Solid understanding of security principles, practices, and common security tools (e.g., vulnerability scanners, intrusion detection systems).
• Experience with CI/CD tools (e.g., GitHub Actions, Jenkins, CircleCI) and integrating security checks within them.
• Hands-on experience with cloud platforms (e.g., AWS, Azure, GCP) and their security services, as well as on-prem.
• Proficiency in at least one scripting language (e.g., Python, Bash) for automation tasks.
• Experience with Infrastructure-as-Code (IaC) tools such as Terraform or CloudFormation.
• Familiarity with containerization technologies (e.g., Docker, Kubernetes) and their security considerations.
• Understanding of network security concepts (e.g., firewalls, VPNs, network segmentation).
• Solid understanding of Linux/Unix systems administration.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication and collaboration skills, capable of explaining technical security concepts to both technical and non-technical audiences.
• Passion for building secure and reliable systems.

• Relevant security certifications (e.g., CISSP, CISM, Security+, AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS)) and/or DevOps certifications (e.g.,  AWS Certified Solutions Architect,
• Experience with security information and event management (SIEM) systems.
• Familiarity with compliance frameworks (e.g., SOC 2, GDPR, HIPAA).
• Experience with security and compliance software (e.g., Drata, Apptega).
• Experience with security testing methodologies and tools (e.g., OWASP ZAP, Burp Suite).
• Contributions to open-source security projects.
• Experience with penetration testing.
• Knowledge of machine learning concepts and security considerations in ML workflows.

• A competitive compensation package also includes the best in benefits:
• Medical, dental, and vision insurance for you and your family
• Mental health and wellness support
• Unlimited PTO and 14+ company holidays per year
• 401K 
• Work closely with a team on the cutting edge of AI research.
• A mission: an opportunity to fundamentally change the way humanity makes progress through materials science discovery.

Radical AI is committed to equal employment opportunity regardless of race, color, ancestry, national origin, religion, sex, age, sexual orientation, gender identity and expression, marital status, disability, or veteran status.