Senior DevSecOps Engineer

About MrBeast

Beast Industries, founded by Jimmy Donaldson (MrBeast), is a multifaceted media and entertainment company known for revolutionizing digital content creation. With ventures spanning digital media, philanthropy, consumer products, and innovative business initiatives, MrBeast is committed to entertaining, inspiring, and creating significant social impact. We leverage the transformative power of digital media to educate and effect positive change, driven by innovation, creativity, and philanthropy.

Role Overview: Senior DevSecOps Engineer

At MrBeast, operating at a massive scale across content, commerce, fintech, philanthropy, and global digital platforms, security is paramount. We are seeking a Senior DevSecOps Engineer to architect and scale a security-first engineering culture across our multi-cloud infrastructure (AWS, GCP) and CI/CD pipelines. This role focuses on embedding security directly into development workflows, automating detection and response, and hardening environments against evolving threats. You will partner with Engineering, IT, and Compliance to maintain system resilience.

The Impact You'll Make

This is a builder role, not reactive. You will own the integration of security into our cloud environments and software delivery lifecycle. Responsibilities include designing security guardrails, embedding enforcement into infrastructure and pipelines, building scalable detection systems, and automating incident response. You will operate at the intersection of DevOps, Security, and Automation, influencing engineering standards company-wide.

Key Responsibilities

• Design and implement cloud security guardrails across AWS and GCP.
• Embed policy enforcement and compliance checks directly into Terraform modules.
• Conduct architecture reviews and continuously harden multi-cloud environments.
• Lead threat modeling efforts for new infrastructure and product initiatives.
• Lead secrets management strategy using Vault, AWS Secrets Manager, and GCP Secret Manager.
• Integrate SAST, DAST, and dependency scanning into GitHub Actions workflows.
• Lead secure code review initiatives and drive secure-by-design engineering practices.
• Partner with engineering teams to eliminate vulnerabilities before production.
• Design, build, and tune high-fidelity detection logic within SIEM platforms.
• Map detections to MITRE ATT&CK and relevant threat models.
• Improve signal-to-noise ratio through advanced alert tuning and correlation logic.
• Develop log aggregation and monitoring strategies across application and infrastructure layers.
• Conduct detection coverage gap analysis.
• Build and maintain SOAR playbooks to automate repeatable response workflows.
• Reduce mean time to detect (MTTD) and mean time to respond (MTTR).
• Continuously improve response playbooks through post-incident analysis.
• Automate evidence collection for audits and regulatory requirements.
• Translate security controls into technical enforcement mechanisms.
• Help scale compliance programs without adding operational overhead.

What We're Looking For

• 5+ years of experience in DevSecOps, Cloud Security, or Security Engineering roles.
• Deep experience securing AWS and GCP environments.
• Advanced Terraform expertise including infrastructure as code, reusable modules, and policy-as-code.
• Strong Python proficiency for automation, API integrations, and custom tooling.
• Hands-on experience with SIEM and SOAR platforms including detection engineering and integration.
• Deep familiarity with CI/CD security best practices and GitHub Actions.
• Experience designing and managing identity architectures including Okta, Azure AD, or similar platforms, covering SSO, SCIM, lifecycle automation, and conditional access.
• Familiarity with Elastic SIEM or modern log aggregation platforms.
• Experience with EDR/XDR platforms such as SentinelOne, CrowdStrike, or Defender, including policy tuning and telemetry integration.
• Experience managing endpoint security controls and MDM solutions such as Jamf or Intune.
• Experience securing Google Workspace environments.

Why Join MrBeast?

You will own security architecture across multiple cloud environments and significantly influence company-wide engineering standards. This is not a ticket-reviewing role; you will build scalable systems that embed security into our operations at massive scale. This position is ideal for someone who thrives on ownership, automates everything, and designs modern security infrastructure from the ground up.

Benefits & Perks

• Competitive Salary.
• Generous Medical (Blue Cross Blue Shield), Dental, Vision, and company-paid Life Insurance.
• Company contributions to employee Health Savings Accounts (HSA).
• 401k Plan with Safe Harbor company-matching.
• Flexible vacation policy and paid company holidays.
• Company-provided technology package.
• Relocation assistance where applicable, including travel and company-provided housing for the first 90 days.

Key skills/competency

• Cloud Security
• DevSecOps
• AWS
• GCP
• Terraform
• Python
• SIEM
• SOAR
• CI/CD Security
• Identity Management