Senior Security & DevSecOps Engineer
WHO WE ARE
Ema is building the next generation of AI solutions to transform enterprise productivity by automating document-intensive workflows across industries. Whether it's drafting custom documents, automating search and extraction, or enabling reasoning over complex document workflows, our AI-powered solutions are redefining how businesses approach repetitive tasks. Founded by seasoned leaders from Google, Coinbase, and Okta, Ema is a high-growth startup backed by top-tier investors and based in Silicon Valley and Bangalore.
ROLE OVERVIEW
As a Senior Security & DevSecOps Engineer, you will be the guardian of Ema’s cloud-native ecosystem. You will sit at the intersection of Security, DevOps, and Engineering, ensuring that our AI agents and data platforms are built on a foundation of "Security-by-Design." This is a high-impact role where you will architect security baselines, automate guardrails, and lead our threat modeling efforts to protect sensitive enterprise data.
KEY RESPONSIBILITIES
- Architect & Secure Infrastructure: Design and implement security baselines for Kubernetes clusters, container workloads, and cloud-native services across multi-cloud environments.
- Zero-Trust & Compliance: Align cloud security controls with CIS benchmarks and Zero-Trust principles to ensure a robust defense-in-depth posture.
- Detection & Response: Lead the implementation, tuning, and automation of SIEM/SOAR platforms for real-time threat detection and incident response.
- Threat Modeling: Own cloud threat modeling for high-risk architectures and new AI feature rollouts, identifying vulnerabilities before they reach production.
- DevSecOps Integration: Partner with DevOps and Engineering teams to embed security into CI/CD pipelines through automated scanning (SAST/DAST) and policy-as-code.
- Security Governance: Build automated guardrails using CNAPP/CSPM tools and IaC scanning to prevent configuration drift.
- Design Reviews: Conduct deep-dive secure...