Senior DevSecOps Engineer

About Airalo

Alo! Airalo is the world’s first eSIM store that helps people connect in over 200+ countries and regions across the globe. We are building the next digital service that revolutionizes the telecom industry. We are a travel-tech company and an equal-opportunity environment that values and executes diversity, inclusion, and equity. Our team is spread across 50+ countries and six continents. What glues us together is our commitment to changing the way you connect.

Check out more information about Airalo in our Public Handbook: (Use the "Apply for this Job" box below).-handbook

We hope that you care deeply about the quality of your work, the intrinsic worth of tasks, and the success of your team. You are self-disciplined and do not require micromanagement in terms of your skillset and work ethic. You do your best to flourish as an individual every day while working hard to foster collaborative team environment. You believe in the importance of being — and staying — authentic, honest, positive, and kind.

You are a good interlocutor with clear and concise communication. You are able to manage multiple projects, have an analytical mind, pay keen attention to detail, and love to get your hands dirty. You are cognizant, tolerant, and welcoming of vulnerabilities and cultural differences.

Position: Full-time / Employee

Location: Remote-first

Benefits: Health Insurance, work-from-anywhere stipend, annual wellness & learning credits, annual all-expenses-paid company retreat in a gorgeous destination & other benefits

Participating in our on-call rotation is a core expectation of this role. It's essential for maintaining 24/7 service reliability across our global operations, ensuring our systems remain resilient and our customers experience uninterrupted service, regardless of time zone or geography.

• Paid Rotation:
  We offer standby fees + overtime pay.
• Delayed Start:
  No on-call duties for your first 6 months.
• Rest & Recovery:
  Guaranteed rest periods and flexible hours following night incidents.
• Shared Load:
  Rotations are split (Weekdays vs. Weekends) to minimize fatigue.

Please refer to the On-Call Policy in the Airalo Handbook for full details: -policy

• Design, implement, and manage security solutions across the entire software development lifecycle (SDLC), with a focus on automation and continuous integration/continuous delivery (CI/CD) pipelines, including robust API security measures and authentication protocols.
• Champion security best practices within engineering, Dev Ops, SRE, and IT teams, fostering a culture of shared responsibility for security.
• Proactively identify and remediate security vulnerabilities in applications, mitigating OWASP Top 10 vulnerabilities, infrastructure, and cloud services through threat modeling, vulnerability assessments, and penetration testing.
• Develop and maintain security monitoring and alerting solutions to detect and respond to potential security incidents in real-time and prevent common cyber attacks such as DDoS, injection attacks, and credential stuffing.
• Define and enforce secure coding standards and provide training and mentorship to development teams on Dev Sec Ops  principles.
• Lead compliance initiatives by contributing to security policies, controls, and audit readiness for SOC 2, ISO 27001, GDPR, and other relevant regulations.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• 5+ years of experience in Dev Sec Ops , Security Engineering, or a similar role with a strong focus on cloud security.
• 3+ years of hands‑on experience with AWS services, including expertise in container orchestration, IAM, and security best practices.
• 2+ years of experience with Kubernetes, including securing Kubernetes clusters and deployments.
• Deep understanding of SAST, DAST, and container security solutions, API security testing tools, with experience implementing and managing these tools.
• Proven experience in vulnerability assessment, threat modeling, and remediation techniques.
• Experience with security…