Senior DevSecOps Engineer

Who We Are:

Dedicated to making a difference in law enforcement agencies across the U.S. our mission is to transform policing by elevating officer performance with a preventative-based early intervention system. Driven by data science and powered by machine learning our offering analyzes officer performance data in order to identify potentially problematic partnership with the University of Chicago weve developed the worlds largest multi-jurisdictional officer performance database and the only research-driven evidence-based early intervention system available in policing today.

Were also the only provider of a fully integrated cloud-based Software-as-a-Service (SaaS) platform that simplifies essential policing workflows. This platform is designed to be a single-source solution for all operational needs driving extensive efficiency gains and providing best-in-class advanced analytics and insights.

Benchmark Analytics provides a comprehensive all-in-one solution that is advancing police force management through state-of-the-art technology and market-leading data and analytics.

The Role:

Were looking for a Senior DevSecOps Engineer to join our Infrastructure & Security this role youll own the intersection of platform reliability cloud infrastructure and security. You will do this by embedding security practices directly into our engineering lifecycle rather than treating it as an afterthought.

Youll work closely with the Director of Infrastructure & Security and across engineering teams to harden our AWS environment mature our CI/CD pipelines maintain our Kubernetes platform and ensure we remain audit-ready against CJIS and SOC 2 requirements. Youll also have the opportunity to drive automation and AI-assisted operations initiatives as we continue scaling.

This is a high-ownership role. Youll be trusted to operate independently make sound engineering and security tradeoffs contribute significantly to security decisions and lead incident response when things go wrong.

Responsibilities:

Cloud Infrastructure

• Design build and maintain secure AWS infrastructure across standard and GovCloud environments
• Own infrastructure-as-code (Terraform / OpenTofu) with a security-first mindset
• Manage IAM strategy least-privilege access controls and cloud security posture

Kubernetes / EKS

• Operate and evolve our EKS-based platform including node lifecycle workload isolation and cluster security
• Implement and maintain admission control network policies and runtime security tooling
• Partner with engineering teams on deployment patterns and container security

CI/CD Pipeline Ownership

• Build and maintain secure automated deployment pipelines (GitHub Actions)
• Integrate SAST dependency scanning secrets detection and container image scanning into the SDLC
• Drive shift-left security practices across the engineering organization

Security & Compliance

• Maintain and improve security controls aligned to CJIS Security Policy and SOC 2 Trust Services Criteria
• Effectively and efficiently triage or resolve security alerts by working with engineering teams and/or committing code yourself
• Manage vulnerability management workflows prioritization and remediation tracking
• Support audit preparation evidence collection and control documentation
• Monitor for threats and respond to security findings across cloud application and endpoint layers
• Enforce and maintain software supply chain security across the organization

Incident Response

• Serve as an on-call responder for infrastructure and security incidents
• Drive post-incident reviews and own follow-up remediation items
• Develop and refine runbooks alerting and on-call procedures

AI & Automation

• Identify and implement automation opportunities that reduce manual operational toil
• Contribute to AI-assisted operations initiatives including agentic workflows and observability improvements
• Apply security controls to AI tooling and LLM-integrated systems as they are introduced

Job Qualifications:

Required

• 58 years of experience in DevOps DevSecOps SRE Cloud Engineering or Platform Engineering roles
• Strong hands-on AWS experience: EC2 EKS IAM VPC S3 and related services
• Production Kubernetes experience including cluster operations and workload security
• Experience building and maintaining CI/CD pipelines with integrated security tooling
• Working knowledge of SOC 2 or similar compliance frameworks and their operational implications
• Infrastructure-as-code fluency with Terraform or OpenTofu
• Strong incident response skills: youve been in the hot seat and know how to stay calm and methodical
• Excellent written communication: you can document a runbook write a post-mortem and explain a technical risk to a non-technical stakeholder

Nice to Have

• Experience with CJIS Security Policy or other criminal justice / government data frameworks
• AWS GovCloud experience
• Familiarity with agentic AI workflows or LLM security considerations
• Experience with observability platforms (Datadog OpenTelemetry or similar)

What We Offer:

• A competitive salary and benefits package.
• Unlimited Paid Time Off.
• Ability to work in a fully remote environment (must be based in the U.S. and willing to work in Central Time Zone).
• Summer Half-Day Fridays.
• Freed Up Fridays during Spring Fall and Winter months to promote productivity and dedicated heads-down work time.
• Medical dental and vision plan offerings along with 401(k).
• Employer-paid Short-Term Disability Long-Term Disability and Life Insurance.
• Other Voluntary Benefits include additional Life Insurance Spouse Life Insurance and Accident Insurance.
• The satisfaction that comes with being part of a solution that has real impact in the world.
• A diverse workforce and inclusive environment that embraces unique contributions and experiences.
• An empowered culture that encourages creativity and professional growth.

Estimated Annual Salary Range:

• $150k-$180k; based on role experience and location

Additional Information:

• Benchmark Analytics is an Equal Opportunity Employer. We value diversity of all kinds in our effort to create a stellar workforce of committed and passionate team members.
• Unfortunately we are not able to sponsor employment visas at this time so we can only accept applications from candidates who are authorized to work in the U.S.
• If interested please submit an application or email your resume to