Senior DevOps Engineer, Security & Compliance

Description:

Zafran is looking for a Senior DevOps Engineer with a strong security and compliance background to lead our compliance posture and prepare us for FedRAMP. You will work on hardening our infrastructure, implementing the controls required for regulated customers, and building the evidence and automation needed to achieve and maintain compliance certifications. This role partners closely with our Security team and Tel Aviv DevOps team.

About Zafran:



Our Mission: To stop the exploitation of vulnerabilities, everywhere.

What makes us different: In a world where AI-enabled attackers weaponize vulnerabilities within minutes, the old scan-and-patch-everything model no longer holds. Zafran's Exposure Graph continuously maps every vulnerability across your hybrid environment, chains exploitability through real attack paths and proves 90% of "critical" vulnerabilities can't actually reach you. It then neutralizes the real 10% using your compensating controls and safely remediates only where it matters.

​​Who’s behind us: Zafran is backed by Menlo Ventures, Sequoia Capital, Cyberstarts, and a deep belief that cybersecurity should move as fast as attackers do. We’re one of the fastest-growing companies in the industry, scaling to meet demand from the world’s most advanced, security-obsessed organizations.

We’re serious about our mission- so expect work that matters, teammates who challenge and inspire you, and plenty of fun along the way!

What you will do:

• Lead the technical work to achieve and maintain compliance certifications (SOC 2, ISO 27001, and the upcoming FedRAMP process)

• Design and implement security controls across AWS infrastructure, CI/CD pipelines, Kubernetes, and application deployments

• Build the automation, logging, and evidence collection required for continuous compliance

• Implement and maintain secrets management, IAM hardening, network segmentation, and encryption standards

• Develop infrastructure solutions for customers in highly regulated industries, including isolated or dedicated environments

• Collaborate with security, legal, and engineering on threat modeling, vulnerability management, and incident response

• Stay ahead of FedRAMP, FISMA, and related federal requirements and translate them into concrete engineering work

Requirements:

• Must be located in the US, with a strong preference for the New York area; US remote considered

• U.S. citizenship or lawful permanent resident status (Green Card) required due to FedRAMP-related eligibility requirements and access to a U.S.-only environment.

• 5+ years of DevOps / platform engineering experience with a strong security focus

• Direct experience implementing controls for SOC 2, ISO 27001, HIPAA, PCI, or FedRAMP

• Deep AWS security knowledge: IAM, KMS, GuardDuty, Security Hub, VPC design, Config

• Strong Kubernetes security experience: network policies, admission control, runtime security

• Infrastructure as Code with Terraform, with a focus on policy-as-code

• CI/CD security: SAST, DAST, SCA, image scanning, supply chain hardening

• Solid scripting in Python or Bash

Nice to have

• Prior experience leading or mentoring a small team

• Direct hands-on experience with a FedRAMP Moderate or High authorization

• Experience with GovCloud (AWS US-East/West GovCloud regions)

• Relevant certifications (AWS Security Specialty, CISSP, CCSP)

At Zafran, people matter! We provide a robust benefits program that includes flexible PTO, health insurance plans (medical, dental, vision), a monthly stipend for phone and internet, 401k, flexible spending account, and a home office stipend when joining!

We also provide access to frontier AI models, including Claude, so every employee can work smarter, move faster, and build an AI-first career from day one.

At Zafran, we’re proud to be an equal opportunity employer. We believe the best teams are built by people who think differently, come from all kinds of backgrounds, and aren’t afraid to challenge the status quo. We welcome everyone across race, religion, gender, gender identity or expression, sexual orientation, age, disability, national origin, and veteran status, because what matters most is what you bring to the table.

If you’re curious, fun, and someone who gets things done, we’d love to meet you