Vestwell

About the Company

Vestwell is a leading fintech platform powering the new savings economy for millions of businesses and people. Headquartered in New York City, the company transforms access to essential financial wellness and savings programs to close the savings gap. As an extension of its partners, Vestwell enables a suite of programs focused on the most critical aspects of one's financial future, including retirement, healthcare, disability, and education needs - such as 401(k), 403(b), IRA, 529 College, ABLE disability, and Emergency Savings programs.

Today, Vestwell enables over 350,000 businesses and well over a million active savers, with over $30 billion in assets saved in all 50 states. To learn more, visit vestwell.com.

Vestwell Advisors LLC is a subsidiary of Vestwell Holdings, Inc. Vestwell Advisors LLC is an investment advisor registered with the Securities and Exchange Commission and can provide investment management services for qualified savings and investing programs using the Vestwell platform. For more information about Vestwell, Vestwell Advisors, and our other services, learn more at www.vestwell.com.

Listed Jobs

Company Name

Vestwell

Job Title

DevSecOps Engineer

Job Description

Job title: DevSecOps Engineer Role Summary: Lead the design, implementation, and operation of security controls across the organization’s multi‑platform infrastructure. Drive security governance, compliance, and risk management, embed secure‑by‑design practices into the software development life cycle, and automate threat detection, monitoring, and incident response for public‑facing services. Expectations: - Minimum 4 years of hands‑on experience in DevSecOps, Security Engineering, Platform Engineering, or Site Reliability Engineering. - Proven ability to build and deploy security systems from inception, with a strong focus on AWS cloud security, infrastructure as code (Terraform preferred), and containerized environments (ECS, Kubernetes). - Demonstrated expertise in automating security controls (SAST, SCA, DAST) and integrating them into CI/CD pipelines with minimal developer friction. - Strong knowledge of threat modeling, incident response, observability, runtime and infrastructure security. - Proactive, collaborative mindset that balances detailed security tasks with long‑term strategy and scalability initiatives. Key Responsibilities: 1. Operate core security infrastructure: observability, detection, and protection platforms. 2. Design resilient, scalable, secure-by‑default systems. 3. Enable real‑time monitoring, threat hunting, and incident response. 4. Build and maintain an automated public asset inventory to expose the real‑time web attack surface and eliminate shadow IT. 5. Own CI/CD pipeline security tooling (SAST, SCA, DAST) and develop workflow automation for triage and remediation. 6. Deploy and maintain runtime protection: threat detection, file‑integrity monitoring, micro‑segmentation for containers. 7. Act as a senior security partner to engineering teams: provide secure architecture guidance, lead threat modeling exercises, support incident response, and foster a pragmatic security culture. Required Skills: - Proficiency in at least one scripting language (Python, Go, or similar). - Deep experience with Infrastructure as Code (Terraform, CloudFormation). - Strong AWS security experience (IAM, VPC, Secrets Manager, GuardDuty, etc.). - Container security expertise (ECS, Kubernetes, container runtime). - Solid foundations in threat modeling, incident response, observability, detection, and runtime/infrastructure security. - Ability to design, implement, and operate scalable security observability and defense systems. Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Security, or related technical field (preferred). - Relevant certifications such as AWS Certified Security – Specialty, CISSP, or equivalent (advantageous but not mandatory).

Phoenix, United states

Hybrid

Junior

03-03-2026