DevSecOps Engineer (Short-Term)

We are looking for a senior DevSecOps Engineer with a strong security-first mindset and experience in cryptography, identity, and hardened infrastructure.

While our lead developer owns the AI Intent Parser and frontend experience, you will own delivery of the platform’s security and governance layer during the MVP phase, working closely with our lead architect.

Scope of Responsibilities

1. Cryptographic Identity (“Digital Passport”)

Design and implement a W3C-compliant Decentralized Identifier (DID) and Verifiable Credential (VC) system to ensure that every platform command is cryptographically signed, role-bound, and auditable.

2. Dynamic Governance & Quorum Logic

Implement the backend state machine for Dynamic Separation of Duties (SoD) by translating AI-generated risk scores into real-time approval requirements (for example, scaling from 1 to N approvers based on execution risk).

3. Hardened Infrastructure

Design and deploy a siloed, containerized execution environment using Docker and Kubernetes that isolates the core execution service from external attack surfaces.

4. Secrets & Access Control

Integrate HashiCorp Vault for just-in-time (JIT) credential delivery across Windows (WinRM) and Linux (SSH) environments, eliminating static secrets.

5. System Attestation & Integrity

Implement runtime integrity controls, such as:

• environment hashing at container startup

• signed policy manifests

• enforced policy versioning during execution

Technical Stack (Current Direction)

• Languages: Python (FastAPI); Go or Rust preferred for security-critical components
• Security: HashiCorp Vault, W3C DID/VC standards, SHA-256 manifest signing
• Infrastructure: Docker, Kubernetes, PostgreSQL
• Execution: WinRM, SSH (Paramiko), REST APIs

The stack reflects our current direction. We are open to principled alternatives backed by strong security reasoning.

What We Are Looking For

• Security-first practitioner: You design for adversarial environments, not happy paths.
• Distributed systems experience: You understand trust, identity, and state in containerized systems.
• AI-adjacent curiosity: You are interested in how AI systems can be safely governed in production.
• Ownership within scope: You take responsibility for delivery within a defined engagement.

Notes

MVP-phase staff augmentation engagement

Clear scope ownership and accountability

Potential for extension or expanded role based on delivery and mutual fit

If this aligns with your background and availability, we would be glad to discuss timelines and engagement details, as we will need a quote very soon.