{"schemaVersion":"jobsearcher.job.v1","id":"79d2c75ba488cf95d983da06","url":"https://jobsearcher.com/jobs/79d2c75ba488cf95d983da06","canonicalUrl":"https://jobsearcher.com/jobs/79d2c75ba488cf95d983da06","title":"DevSecOps Engineer","description":"DevSecOps Engineer\n\nMomnt is an expanding financial technology company specialising in embedded lending and point-of-need consumer financing based in Sandy Springs, GA. We are transforming how merchants provide financing to their customers with our embedded lending platform. Our platform delivers a seamless digital experience that makes financing simple, fast, and affordable, connecting high-quality lenders with merchants, primarily in the home improvement sector, to empower consumers to pay for the things they need.\n\nWe’re looking for a hands‑on DevSecOps Engineer with deep AWS experience, strong AWS CDK skills, and practical experience securing CI/CD pipelines using GitHub Actions. This person should be comfortable working across AWS infrastructure, Kubernetes, IAM, networking, CI/CD security, Trivy, SAST, DAST, Datadog, automation, monitoring, incident response, and compliance.\n\nOur infrastructure is currently managed through AWS CDK, so strong hands‑on experience with CDK is required. Terraform experience is also strongly preferred, as Momnt may use Terraform for future infrastructure projects.\n\nIn a company our size, you won’t just advise from the sidelines. You will be directly involved in building, securing, automating, and improving the systems that support our platform. You’ll own key parts of our infrastructure security posture, cloud environments, CI/CD security, and compliance readiness while working closely with engineering leadership and developers.\n\nIf you want a role where you can see the direct impact of your work, have genuine autonomy, and help shape the security culture of a regulated fintech from the ground up, this is it.\n\nLocation & Work Authorization:\n\nHybrid | Sandy Springs, GA – This role requires in‑office collaboration two days per week minimum. Relocation is not available at this time.\nMust be authorized to work in the U.S. | Sponsorship and Corp‑to‑Corp arrangements are not available.\nKey Responsibilities as our DEVSECOPS, you will:\n\nOwn and improve infrastructure as code standards, reusable CDK constructs, deployment patterns, and environment consistency.\n\nSupport future infrastructure as code initiatives using Terraform, if adopted.\n\nManage AWS environments across core services such as IAM, VPC, EKS, ECS, Lambda, API Gateway, CloudFront, WAF, Route 53, S3, RDS, KMS, Secrets Manager, CloudWatch, Security Hub, GuardDuty, and AWS Config.\n\nManage and harden Kubernetes environments, including EKS clusters, container runtimes, workload identities, ingress controls, network policies, and image security.\n\nOwn cloud networking architecture, including VPCs, subnets, routing, security groups, private endpoints, WAF, and zero trust access controls.\n\nImplement and enforce least‑privilege IAM policies across AWS accounts, services, applications, and CI/CD workflows.\n\nBuild, maintain, and secure CI/CD pipelines using GitHub Actions.\n\nIntegrate security controls into CI/CD workflows, including Trivy, SAST, DAST, dependency scanning, container image scanning, infrastructure scanning, and secrets detection.\n\nUse Datadog for logging, monitoring, alerting, dashboards, threat detection, and incident investigation.\n\nWrite and maintain automation scripts in Bash and Python to support AWS operations, CI/CD workflows, vulnerability management, security monitoring, and recurring operational tasks.\n\nSupport shift‑left security by making secure development and deployment practices easy for developers to adopt.\n\nManage vulnerability management, patching cadence, and remediation tracking across infrastructure, containers, and application environments.\n\nConduct internal security assessments and coordinate external penetration tests and security reviews.\n\nRespond to security incidents, lead post‑mortems, document lessons learned, and drive remediation.\n\nSupport and maintain compliance programs, including SOC 2 Type II, PCI‑DSS, and relevant financial technology requirements.\n\nOwn evidence collection, control mapping, auditor communication, and compliance documentation.\n\nMaintain encryption‑at‑rest, encryption‑in‑transit, data residency, and key management standards.\n\nPartner with legal, product, and engineering teams to assess third‑party vendor security risk.\n\nProduce practical runbooks, threat models, architecture diagrams, and security documentation that engineering teams can actually use.\n\nRun periodic security awareness and secure engineering training sessions.\n\nWhat Makes You a Great Fit\n\n5+ years of combined DevOps, cloud infrastructure, security engineering, DevSecOps, or platform engineering experience.\n\nDeep hands‑on AWS experience, including production experience managing AWS infrastructure at scale.\n\nStrong hands‑on experience with AWS CDK is required.\n\nWorking experience with Terraform is strongly preferred, as Momnt may use Terraform for future infrastructure projects.\n\nStrong understanding of AWS DevOps practices, including CI/CD, IAM, networking, observability, deployment automation, and infrastructure lifecycle management.\n\nStrong experience with GitHub Actions and secure CI/CD pipeline design.\n\nHands‑on experience with Trivy for vulnerability scanning, container image scanning, dependency scanning, or infrastructure scanning.\n\nPractical experience with SAST and DAST tools and how to integrate them into developer workflows.\n\nFamiliarity with Datadog for observability, alerting, logging, dashboards, and security investigations.\n\nStrong hands‑on scripting experience with Bash and Python for automation, infrastructure operations, security tooling, and CI/CD workflows.\n\nExperience securing containerised workloads using Docker and Kubernetes, preferably EKS.\n\nExperience implementing security gates in CI/CD pipelines without creating unnecessary friction for developers.\n\nPractical knowledge of compliance frameworks such as SOC 2, PCI‑DSS, or equivalent.\n\nExperience with vulnerability management, patch management, security monitoring, and incident response.\n\nAbility to independently own security tooling selection, implementation, and day‑to‑day operations.\n\nComfort operating independently in an ambiguous, fast‑moving startup environment.\n\nStrong communication skills and the ability to work directly with developers, auditors, and leadership.\n\nBenefits & Perks\n\nHybrid Flexibility: Enjoy the best of both worlds with remote work options and a collaborative home base in Sandy Springs.\n\nHealth & Wellness: Competitive medical, dental, and vision insurance plans.\n\nFuture Planning: 401(k) retirement plan with company contribution.\n\nTime to Recharge: Generous Paid Time Off (PTO) and paid company holidays.\n\nGrowth Opportunities: A fast‑paced startup environment where you can make a tangible impact and grow your career quickly.\n\nSalary & Compensation\nTarget Salary Range: $130,000–$170,000 per year.\n\nFinal compensation is determined by various factors, including the candidate’s relevant experience, specialized skills, certifications, and geographic location.\n\n#J-18808-Ljbffr","company":"Momnt Technologies","rawCompany":"momnt technologies","city":"Sandy Springs","state":"GA","isRemote":false,"isActive":false,"createdAt":"2026-06-17T04:22:27.465Z","occupations":[{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1252.00","title":"Software Developers","slug":"software-developers"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"DevSecOps Engineer","description":"DevSecOps Engineer\n\nMomnt is an expanding financial technology company specialising in embedded lending and point-of-need consumer financing based in Sandy Springs, GA. We are transforming how merchants provide financing to their customers with our embedded lending platform. Our platform delivers a seamless digital experience that makes financing simple, fast, and affordable, connecting high-quality lenders with merchants, primarily in the home improvement sector, to empower consumers to pay for the things they need.\n\nWe’re looking for a hands‑on DevSecOps Engineer with deep AWS experience, strong AWS CDK skills, and practical experience securing CI/CD pipelines using GitHub Actions. This person should be comfortable working across AWS infrastructure, Kubernetes, IAM, networking, CI/CD security, Trivy, SAST, DAST, Datadog, automation, monitoring, incident response, and compliance.\n\nOur infrastructure is currently managed through AWS CDK, so strong hands‑on experience with CDK is required. Terraform experience is also strongly preferred, as Momnt may use Terraform for future infrastructure projects.\n\nIn a company our size, you won’t just advise from the sidelines. You will be directly involved in building, securing, automating, and improving the systems that support our platform. You’ll own key parts of our infrastructure security posture, cloud environments, CI/CD security, and compliance readiness while working closely with engineering leadership and developers.\n\nIf you want a role where you can see the direct impact of your work, have genuine autonomy, and help shape the security culture of a regulated fintech from the ground up, this is it.\n\nLocation & Work Authorization:\n\nHybrid | Sandy Springs, GA – This role requires in‑office collaboration two days per week minimum. Relocation is not available at this time.\nMust be authorized to work in the U.S. | Sponsorship and Corp‑to‑Corp arrangements are not available.\nKey Responsibilities as our DEVSECOPS, you will:\n\nOwn and improve infrastructure as code standards, reusable CDK constructs, deployment patterns, and environment consistency.\n\nSupport future infrastructure as code initiatives using Terraform, if adopted.\n\nManage AWS environments across core services such as IAM, VPC, EKS, ECS, Lambda, API Gateway, CloudFront, WAF, Route 53, S3, RDS, KMS, Secrets Manager, CloudWatch, Security Hub, GuardDuty, and AWS Config.\n\nManage and harden Kubernetes environments, including EKS clusters, container runtimes, workload identities, ingress controls, network policies, and image security.\n\nOwn cloud networking architecture, including VPCs, subnets, routing, security groups, private endpoints, WAF, and zero trust access controls.\n\nImplement and enforce least‑privilege IAM policies across AWS accounts, services, applications, and CI/CD workflows.\n\nBuild, maintain, and secure CI/CD pipelines using GitHub Actions.\n\nIntegrate security controls into CI/CD workflows, including Trivy, SAST, DAST, dependency scanning, container image scanning, infrastructure scanning, and secrets detection.\n\nUse Datadog for logging, monitoring, alerting, dashboards, threat detection, and incident investigation.\n\nWrite and maintain automation scripts in Bash and Python to support AWS operations, CI/CD workflows, vulnerability management, security monitoring, and recurring operational tasks.\n\nSupport shift‑left security by making secure development and deployment practices easy for developers to adopt.\n\nManage vulnerability management, patching cadence, and remediation tracking across infrastructure, containers, and application environments.\n\nConduct internal security assessments and coordinate external penetration tests and security reviews.\n\nRespond to security incidents, lead post‑mortems, document lessons learned, and drive remediation.\n\nSupport and maintain compliance programs, including SOC 2 Type II, PCI‑DSS, and relevant financial technology requirements.\n\nOwn evidence collection, control mapping, auditor communication, and compliance documentation.\n\nMaintain encryption‑at‑rest, encryption‑in‑transit, data residency, and key management standards.\n\nPartner with legal, product, and engineering teams to assess third‑party vendor security risk.\n\nProduce practical runbooks, threat models, architecture diagrams, and security documentation that engineering teams can actually use.\n\nRun periodic security awareness and secure engineering training sessions.\n\nWhat Makes You a Great Fit\n\n5+ years of combined DevOps, cloud infrastructure, security engineering, DevSecOps, or platform engineering experience.\n\nDeep hands‑on AWS experience, including production experience managing AWS infrastructure at scale.\n\nStrong hands‑on experience with AWS CDK is required.\n\nWorking experience with Terraform is strongly preferred, as Momnt may use Terraform for future infrastructure projects.\n\nStrong understanding of AWS DevOps practices, including CI/CD, IAM, networking, observability, deployment automation, and infrastructure lifecycle management.\n\nStrong experience with GitHub Actions and secure CI/CD pipeline design.\n\nHands‑on experience with Trivy for vulnerability scanning, container image scanning, dependency scanning, or infrastructure scanning.\n\nPractical experience with SAST and DAST tools and how to integrate them into developer workflows.\n\nFamiliarity with Datadog for observability, alerting, logging, dashboards, and security investigations.\n\nStrong hands‑on scripting experience with Bash and Python for automation, infrastructure operations, security tooling, and CI/CD workflows.\n\nExperience securing containerised workloads using Docker and Kubernetes, preferably EKS.\n\nExperience implementing security gates in CI/CD pipelines without creating unnecessary friction for developers.\n\nPractical knowledge of compliance frameworks such as SOC 2, PCI‑DSS, or equivalent.\n\nExperience with vulnerability management, patch management, security monitoring, and incident response.\n\nAbility to independently own security tooling selection, implementation, and day‑to‑day operations.\n\nComfort operating independently in an ambiguous, fast‑moving startup environment.\n\nStrong communication skills and the ability to work directly with developers, auditors, and leadership.\n\nBenefits & Perks\n\nHybrid Flexibility: Enjoy the best of both worlds with remote work options and a collaborative home base in Sandy Springs.\n\nHealth & Wellness: Competitive medical, dental, and vision insurance plans.\n\nFuture Planning: 401(k) retirement plan with company contribution.\n\nTime to Recharge: Generous Paid Time Off (PTO) and paid company holidays.\n\nGrowth Opportunities: A fast‑paced startup environment where you can make a tangible impact and grow your career quickly.\n\nSalary & Compensation\nTarget Salary Range: $130,000–$170,000 per year.\n\nFinal compensation is determined by various factors, including the candidate’s relevant experience, specialized skills, certifications, and geographic location.\n\n#J-18808-Ljbffr","datePosted":"2026-06-17T04:22:27.465Z","dateModified":"2026-06-17T04:22:27.465Z","hiringOrganization":{"@type":"Organization","name":"Momnt Technologies","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Sandy Springs","addressRegion":"GA","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"79d2c75ba488cf95d983da06"},"url":"https://jobsearcher.com/jobs/79d2c75ba488cf95d983da06"}}