DevOps Engineer

AutoCrib is the leader in industrial vending technology. We design and create all the software and hardware in-house to help manage inventory for our customers. Our industry is vast; customers range from manufacturing to government to retail to data centers. We are a growing company that is looking for candidates who are looking for a challenge and like to wear a lot of hats. AutoCrib is big enough to provide the resources you need but small enough to still feel like a family. We believe in giving employees autonomy to make their own decisions and actively help them with their career path. Our benefits include healthcare 401k life insurance and PTO.

We are seeking an on-site DevOps Engineer to own infrastructure architecture and the end-to-end Secure Software Development Lifecycle (SSDLC) for a mission-critical 24/7 SaaS platform.

In this role you will build automated pipelines that unify Azure DevOps with hybrid VMware/Colocation infrastructure manage identity and networking as code to enable high-availability SaaS operations lead the transition to automated Security-as-Code translating regulatory requirements into frictionless developer guardrails and communicate architectural risk and technical trade-offs to non-technical stakeholders aligning engineering goals with business objectives.

Role and Responsibilities

CI/CD & Automation

• Design build and maintain YAML-based CI/CD pipelines in Azure DevOps.
• Integrate self-hosted build agents to securely bridge build/deployment pipelines with on-premises and colocation environments.
• Automate application and infrastructure deployments to VMware vSphere using Terraform and/or Ansible.
• Enforce policy-driven security gates and approval workflows prior to production releases.

Secure Software Development Lifecycle (SSDLC)

• Embed security controls directly into CI/CD pipelines and infrastructure-as-code workflows.
• Implement and manage SAST DAST and SCA tooling to identify vulnerabilities early.
• Partner with engineering teams to remediate findings and promote secure coding practices.

Infrastructure Networking & Availability

• Architect and maintain site-to-site IPsec VPNs between on-premises and colocation data centers.
• Design for high availability low latency and fault tolerance across SaaS workloads.
• Apply Zero Trust principles including segmentation and least-privilege access.
• Establish unified monitoring logging and alerting across Azure DevOps and VMware environments.

Identity & Secrets Management

• Secure and manage Active Directory environments supporting application authentication and service identities.
• Administer service accounts GPOs and privileged access.
• Maintain hybrid identity integration with Microsoft Entra ID (Azure AD) for centralized access governance and auditability.
• Implement centralized secrets management (e.g. HashiCorp Vault) to eliminate hard-coded credentials and enforce rotation least privilege and auditing.

Compliance & Operational Excellence

• Automate Compliance-as-Code controls aligned to cybersecurity frameworks.
• Operationalize NIST CMMC and FISMA-aligned controls across pipelines infrastructure identity and secrets management.
• Support audit readiness through automated evidence collection and continuous control enforcement.
• Participate in on-call rotations supporting 24/7 SaaS availability.
• Lead blameless post-incident reviews (RCAs) and ensure learnings feed back into platform reliability and security improvements.

Qualifications and Education Requirements

• Bachelors degree in Computer Science Information Systems Engineering Cybersecurity or equivalent practical experience.
• 35 years of experience in DevOps DevSecOps SRE or Infrastructure Engineering roles supporting SaaS platforms.
• Strong experience with Azure DevOps Pipelines and YAML-based workflows.
• Hands-on experience with Infrastructure as Code (Terraform and/or Ansible).
• Experience operating VMware vSphere environments (ESXi vCenter or equivalent).
• Experience integrating security tools such as Snyk SonarQube Checkmarx or similar into CI/CD pipelines.
• Solid understanding of vulnerability management and secure development practices.
• Strong knowledge of IPsec VPNs hybrid networking and connectivity troubleshooting.
• Experience securing Active Directory in hybrid environments.
• Familiarity with Microsoft Entra ID (Azure AD) identity synchronization and access governance.
• Proficiency in PowerShell Bash or Python for automation.

Nice to Have

• Experience implementing Zero Trust or network micro-segmentation.
• Hands-on experience with HashiCorp Vault or enterprise secrets management platforms.
• Prior involvement in regulated or compliance-driven environments.

Salary range: $130000-$140000

#IND-SOAC-TUS