Security Engineer - DevSecOps

At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether it’s medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable. Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity.

We are seeking an experienced Security Engineer with a strong background in DevOps, DevSecOps, and cloud infrastructure management. The ideal candidate will have hands-on expertise in AWS, GCP, Azure, and microservices architecture, combined with a deep understanding of security principles and best practices. You will be responsible for implementing and securing cloud-based environments, deploying infrastructure with automation tools, and ensuring that security is embedded throughout the development lifecycle.

What you’ll be doing: 

• Architect and secure highly available, scalable, and fault-tolerant systems across AWS, GCP, and Azure environments.
• Design and implement cloud security solutions, focusing on compute, network, storage, content delivery, administration, and security.
• Implement security controls for Kubernetes clusters, containerized applications, and cloud-native services.

• Leverage automation technologies (Ansible, Chef, Puppet, Jenkins, Docker) to manage infrastructure and deployment pipelines.
• Develop, deploy, and maintain infrastructure-as-code solutions with tools such as CloudFormation, Terraform, and AWS/GCP/Azure CLI.
• Enable CI/CD pipelines for secure application delivery while ensuring security is integrated into the build and deployment processes.

• Implement and secure microservices architecture using tools such as AWS Lambda, Docker, Kubernetes, and serverless technologies.
• Develop and maintain secure, scalable applications using programming languages such as C++, C#, Java, and Python.

• Continuously monitor cloud environments to identify and mitigate security threats and vulnerabilities.
• Conduct risk assessments and threat modeling for cloud applications and infrastructure.
• Use monitoring tools (e.g., AWS CloudWatch, GCP Stackdriver, Azure Monitor) to detect and respond to potential security incidents.

• Collaborate with cross-functional teams including business leaders, engineers, and other security professionals to design and implement security solutions.
• Communicate security risks, mitigations, and incident reports to both technical and non-technical stakeholders.
• Produce detailed documentation of security policies, procedures, and technical implementations.

Who you are:

• 3+  years of IT experience with a strong focus on DevOps, DevSecOps, and cloud security engineering.
• Strong hands-on experience with cloud platforms such as AWS, GCP, and Azure, and familiarity with their foundational services (e.g., EC2, DynamoDB, API Gateway, RDS, Lambda, CloudFront, etc.).
• Strong experience in Kubernetes security controls is a must. CKA/ CKAD/ CKS preferred.
• In-depth knowledge of Kubernetes, microservices, container orchestration, and security controls.
• Experience designing, deploying, and securing cloud-native applications with a focus on scalability, high availability, and load balancing.
• CISSP (Certified Information Systems Security Professional) or equivalent industry-recognized security certifications. Or
• AWS Associate or higher certifications (e.g., AWS Certified Solutions Architect – Associate). Or equivalent certifications would work

• Expertise in implementing security best practices in cloud environments and DevOps pipelines.
• Familiarity with container security tools and methodologies.
• Strong analytical, troubleshooting, and problem-solving skills with the ability to quickly identify and address security threats.
• Excellent verbal and written communication skills to effectively engage with stakeholders at all levels.
• Strong teamwork orientation, collaborating with multidisciplinary teams to achieve organizational goals.

• Ability to work in a fast-paced environment and manage multiple tasks concurrently.
• A proactive approach to learning new technologies and staying up-to-date with industry trends in cloud security.

FourKites® is the #1 supply chain visibility platform in the world, extending visibility beyond transportation into yards, warehouses, stores and beyond. Tracking more than 2.5 million shipments daily across road, rail, ocean, air, parcel and courier, and reaching over 185 countries, FourKites combines real-time data and powerful machine learning to help companies digitize their end-to-end supply chains. More than 1,000 of the world’s most recognized brands — including 9 of the top-10 CPG and 18 of the top-20 food and beverage companies — trust FourKites to transform their business and create more agile, efficient and sustainable supply chains.  

FourKites provides competitive compensation with stock options, outstanding benefits and a collaborative culture for all employees around the globe. To help you be your best, we have 5 global recharge days, in addition to standard holidays, and a hybrid, flexible approach to work. Parental leave for all parents, an annual wellness stipend and volunteer days also provide you with time and resources for self care and to care for others. Throughout the year, FourKites sets aside time during the workday to learn and celebrate diversity. And we're always listening for new ways to support everyone in and out of the office. 

Benefits

• Medical benefits start on the first day of employment
• 36 PTO days (Sick, Casual and Earned), five recharge days, two volunteer days 
• Home Office setups and Technology reimbursement
• Lifestyle & Family benefits 
• Ongoing learning & development opportunities (Professional development program, Toast Master club, etc.)