Security Engineer, DevSecOps - Mexico

About JumpCloud®

JumpCloud® is the AI-powered unified IT management platform designed to secure the modern workforce. By consolidating identity, device, and access management, JumpCloud provides intelligent, secure IT that scales from human users to autonomous AI agents.

About the team

As a Security Engineer on the DevSecOps Team, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. The Security organization is composed of SecOps, GRC, and DevSecOps functions, but all functions work closely together so you will be exposed to many different security areas.

What you will be doing

• Infrastructure & Automation: Build and maintain infrastructure, including custom software and vendor integrations, to support Engineering’s Security needs (Product Security and Infrastructure Security).
• Cloud Access Engineering: Design and implement secure, automated self-service workflows for cloud infrastructure access and privilege escalation (AWS/GCP).
• Detection & Logging: Manage security infrastructure and SIEM configurations via Infrastructure as Code (Terraform) to ensure a highly auditable detection environment. Build and manage high-volume security data pipelines to ensure forensic logs are retained efficiently and cost-effectively.
• Vulnerability & Posture Management: Help design, overhaul, and improve custom vulnerability aggregation systems to streamline remediation efforts. Manage and tune Cloud Security Posture Management (CSPM) and container security platforms to ensure optimal coverage and reduce alert fatigue.
• Software Supply Chain & AppSec: Integrate and manage Software Supply Chain Security tooling to protect our developer ecosystem. Partner with Engineering to scale our threat modeling program, including developing automated and AI-assisted threat modeling pipelines built directly into the developer workflow.

Necessary skills

• 4 years of software engineering experience with a strong interest or background in security engineering
• Proficient in writing Golang or Python (more than simple scripts)
• Experience with either AWS or GCP
• Experience with Terraform
• Experience with GitHub Actions
• Excellent written and oral communication

Personal characteristics we are looking for

• Views security as an enabler, not an inhibitor to innovation
• Results oriented and self driven
• High level of integrity
• Ownership and accountability
• Clear communication
• Creative problem solver
• Passionate about security

Role requirements

• You must be available for on-call (after hours) duties for any internal tools/services this team owns
• Serve as a responder in the on-call rotation for security incidents and alert triage.