goTenna is advancing universal access to connectivity by building the world's most intelligent and scalable mobile mesh networks. goTenna is the world's leading mobile mesh networking company, providing off-grid connectivity solutions for smartphones and other devices, as well as augmenting traditional communications networks. This technology enables mobile, long-range connectivity without cell, wifi, or satellite connectivity. goTenna's drive to create resilient connectivity began during Hurricane Sandy in 2012, when approximately a third of cell towers and power stations in affected areas failed. goTenna's products are currently used by over 300 law enforcement, military, and public safety agencies worldwide. goTenna is backed by investors, including Union Square Ventures, Founders Fund, Lockheed Martin Ventures, Comcast Ventures, MentorTech Ventures, Walden Venture Capital, and ONE9.

About the Role:

The DevSecOps Engineer will play a pivotal role in scaling and automating test infrastructure that supports goTenna’s enterprise-wide integration, system, and field-testing initiatives. This role is responsible for embedding security practices within DevOps workflows while also owning the automation systems that drive testing at scale—spanning mobile, embedded, and cloud-based systems.

You will lead the implementation of automated pipelines and orchestration systems that coordinate execution across diverse environments such as CI/CD pipelines, 30+ node RF testbeds, and portable multi-node test kits. The ideal candidate brings deep expertise in secure automation, testbed provisioning, and cross-team collaboration, enabling rapid iteration and validation in support of product and mission success.

This role demands strategic thinking, hands-on execution, and tight alignment with software, hardware, and test teams to ensure that security, scalability, and repeatability are built into our testing lifecycle from the ground up.

Primary Responsibilities:

Strategic Cloud Services Management: Manage and optimize cloud services to enhance scalability and security, aligning with cross-functional strategies and ensuring best practices that differentiate our platform within the market.
CI/CD Pipeline Development and Management: Lead the design and sustainment of CI/CD pipelines, defining key milestones and providing updates to relevant teams to ensure rapid, secure software deployment.
Advanced Security and Compliance Oversight: Own the security posture of applications and infrastructure, conducting complex vulnerability assessments and implementing solutions based on industry standards and regulatory requirements.
Data and DevOps Security Integration: Oversee database management with a focus on data integrity and security. Integrate security testing early in the software lifecycle, solving complex security challenges with innovative solutions.
Automation of Security Processes: Develop and refine tools and systems for automating security assessments and vulnerability scans within CI/CD, utilizing in-depth knowledge of security protocols and practices.
Incident Response and Proactive Security Monitoring: Lead proactive monitoring efforts for security incidents, implement response measures, and develop strategies to prevent recurrence, providing guidance to less experienced colleagues as a resource.
Compliance and Risk Management: Develop comprehensive risk management strategies and ensure all practices meet regulatory and industry standards. Act as a primary resource in assessing and managing software development risks.
Strategic Collaboration and Training: Promote a security-first mindset, strategically providing secure coding training and resources to drive a culture of security across multiple functions.
Policy Development and Enforcement: Formulate, enforce, and continuously improve security policies and procedures throughout the software lifecycle, taking ownership of policy development and enforcement.

Required Experience:

Education & Experience: Bachelor’s degree in Computer Science, Information Systems, or a related field, with at least 4 years in DevOps, focusing on security best practices in AWS environments.
Technical Skills: Advanced proficiency in automation tools, AWS, security protocols, and Agile methodologies. Extensive knowledge of security tools and DevOps tools (e.g., Jenkins, Docker, Kubernetes, ECS, GitHub Actions).
Business Acumen: Demonstrates awareness of competitive differentiators in the market, understanding how the role’s responsibilities impact broader business objectives.
Communication: Proven ability to communicate effectively with technical and non-technical stakeholders, prioritizing tasks independently while providing input on prioritization to lower-level team members.
Tools & Technologies: Experience with security tools (firewalls, IDS/IPS, SIEM) and familiarity with compliance frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS).

Preferred Experience:

Startup Environment: Ability to thrive in a fast-paced startup setting, adapting quickly to evolving priorities.
Cloud Platforms: Experience with multiple cloud platforms (e.g., Google Cloud Platform, Firebase) beyond AWS.
Development Skills: Strong scripting and infrastructure-as-code capabilities.
Industry Certifications: CISSP, CEH, CompTIA Security+, or OSCP certifications are advantageous.
Practical Experience: Demonstrated experience in a DevSecOps role, improving software security postures.
Cloud Security: In-depth knowledge of cloud security tools and best practices across various platforms (AWS, Azure, Google Cloud).
Test Infrastructure Automation: Experience designing and managing automated test pipelines (e.g., Watchtower, Cypress) across distributed systems and multi-node environments.
Testbed Orchestration: Familiarity with orchestrating job execution across physical and virtualized testbeds (e.g., RF-based nodes, portable mesh networks like “Gadgets”).
Enterprise Testing Support: Experience supporting enterprise-scale testing initiatives, including coordination with hardware-in-the-loop environments and tools like Hydra for automated scheduling and test data collection.
CI/CD Integration for Test Automation: Strong understanding of integrating large-scale testing frameworks into CI/CD workflows for continuous validation and regression coverage.
Continuous Learning: Commitment to ongoing education in security trends, threats, technologies, and emerging DevSecOps practices.

ITAR: U.S. Citizen or Green Card Required

Placement at the appropriate job level (entry, senior, etc) will be determined by a combination of years of experience, demonstration of proficiency in this field, and other qualifications.

goTenna is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Able to lift 30 lbs.

goTenna Benefits:

Equity
401(k) plan
Unlimited PTO
Parental Leave with Pay
Holiday pay (including December recess)
Medical, Dental, Vision and life insurance
Pre-tax benefits
Short- and Long-term disability plans
Professional Education Stipend

Apply now

See more open positions at goTenna

Privacy policy Cookie policy

Getro.org is a community-driven initiative to ease the impact of COVID-19 by connecting tech professionals and hiring companies. It's free for job seekers and companies, and curated by a growing list of referral partners.