
11 - 50 employees
Founded 2007
🏠 Real Estate
🤝 B2B
Real Estate • B2B
NBA is an award-winning architecture and interior design studio founded in 2007 by Architect Nadia Bakhurji, based in the GCC. The firm delivers human-centered architecture and interiors across residential, offices, commercial/retail, mixed-use, master planning, and public projects, emphasizing modern design methodologies, high-quality craftsmanship, and a client-first collaborative process. NBA has an established track record of regional and international awards and works with both private developers and public-sector clients.
🔥 0 minutes ago
🏖️ New Jersey – Remote
💵 $145k - $165k / year
⏰ Full Time
🟠 Senior
🔴 Lead
⛑ DevOps & Site Reliability Engineer (SRE)
🦅 H1B Visa Sponsor
Improve your chances of getting an interview by checking your resume score before you apply.

11 - 50 employees
Founded 2007
🏠 Real Estate
🤝 B2B
Real Estate • B2B
NBA is an award-winning architecture and interior design studio founded in 2007 by Architect Nadia Bakhurji, based in the GCC. The firm delivers human-centered architecture and interiors across residential, offices, commercial/retail, mixed-use, master planning, and public projects, emphasizing modern design methodologies, high-quality craftsmanship, and a client-first collaborative process. NBA has an established track record of regional and international awards and works with both private developers and public-sector clients.
• Secure CI/CD pipelines at scale across the organization's CI/CD platforms with standardized security templates and automated policy enforcement, embedding static analysis (SAST), software composition analysis (SCA), container, infrastructure as code (IaC), and secrets scanning, with break build enforcement on critical and high severity findings • Administer the enterprise SAST and SCA platform (scan engine infrastructure, query tuning, severity calibration, finding triage) and maintain the exploitability knowledge base that distinguishes true positives from false positives to keep security fast and low friction • Build automated compliance tooling that detects required scans, validates pipeline configuration, and flags coverage gaps; audit pipeline posture across platforms and drive remediation directly with engineering teams • Support secure SDLC practices and security gates (SAST, SCA, container, IaC, DAST), threat modeling, SBOM generation, and dependency verification; coordinate with the DAST and penetration testing functions and act on bug bounty findings • Design and build the enterprise security operations platform and the automation that orchestrates DevSecOps workflows (scan state changes, triage, exemptions, intake, notifications), including AI-assisted vulnerability triage with appropriate guardrails, audit trails, and human oversight • Define and report security risk metrics, lead security audits and assessments, conduct supply chain and CVE incident response across the estate, and mentor junior team members • Lead security reviews of Generative AI applications, agentic workflows, and AI developer tools submitted through the enterprise AI intake process, assessing against OWASP Top 10 for LLM Applications, OWASP Top 10 for Agentic Applications, NIST AI RMF, MITRE ATLAS, and NBA Gen AI security policy and standards • Author and maintain NBA Generative AI security policy and standards, including controls for AI data protection, model and prompt security, agentic AI, MCP (Model Context Protocol) integration, and AI developer tooling • Evaluate and onboard Gen AI security tooling such as runtime guardrails, AI red teaming, browser and DLP controls, and MCP governance, and design and operate runtime AI security controls integrated into application pipelines and runtime • Govern enterprise security over AI developer tooling and the MCP server approval workflow, and partner with the Enterprise Gen AI, Cloud Infrastructure, GRC, Legal, and Privacy functions to align AI security controls with broader AI governance • Administer and operate the enterprise cloud security platform across a large multi-cloud estate (cloud posture, container, and IaC scanning); detect, prioritize, and drive remediation of misconfigurations and vulnerabilities against defined SLAs with infrastructure and application teams • Own cloud security scanning policy configuration and service account governance (scope, least privilege, credential rotation), lead platform lifecycle work, and perform technical security configuration assessments of cloud platforms • Own the Kubernetes security posture across a large cluster footprint, including admission control, RBAC, namespace isolation, network policies, and Pod Security Standards, and execute admission controller enforcement programs that move policies from audit to block in staged, owner-communicated rollouts with exception and rollback processes • Design and operate automated credential rotation across cloud identity and key management services (cross-account role assumption, grace periods, owner notifications) and lead the initiative to eliminate static access keys in favor of OAuth 2.0, OIDC, and role-based authentication • Manage the secrets lifecycle across cloud and pipeline secret stores with detection, alerting, and automated rotation, and build reporting that surfaces aging and non-compliant secrets
• Bachelor's degree in a technical discipline (or equivalent work experience) • Minimum of seven years in IT (a minimum of five years in information security) • Hands-on experience administering and integrating modern security tooling across the DevSecOps toolset, including SAST, SCA, DAST, container, IaC, and secrets scanning • Hands-on experience designing and securing CI/CD pipelines on modern CI/CD platforms • Strong programming and scripting ability, with the ability to build integrations, automation, and tooling against platform APIs • Solid hands-on implementation of cloud security across at least one major cloud provider, including identity and access management, secrets management, network security, and posture management, guided by frameworks such as CIS Benchmarks, Cloud Security Alliance, and the NIST SP 800-53 and 800-190/800-204 series • Working knowledge of Kubernetes and container security, including RBAC, admission control, namespace isolation, network policies, and Pod Security Standards • Familiarity with AI and LLM security frameworks (OWASP Top 10 for LLM Applications, OWASP Top 10 for Agentic Applications, NIST AI RMF, MITRE ATLAS) and the controls that mitigate Generative AI risks such as prompt injection, sensitive data disclosure, and excessive agency (preferred) • Understanding of governance applied to cloud and AI computing in terms of risk, exposure, impact, and policy; experience writing architectural plans, standards, and guidelines for enterprise platforms • One or more industry security certifications, such as GIAC (GCSA), a cloud security certification (CCSP, CCSK, or a cloud provider security certification), or an application or offensive certification (CEH, OSCP, or CySA+)
• medical • dental • vision • life/AD&D insurance • short- and long-term disability • fertility and family-forming assistance • wellbeing allowance • educational assistance • mental health coaching/therapy • tax advantaged accounts such as HSA and healthcare/dependent care FSAs • a 401(k) retirement plan • time off benefits that include vacation, sick time, and personal days
Apply Now🔥 41 minutes ago
Cloud DevSecOps Engineer at Regions developing secure CI/CD pipelines for cloud strategy. Collaborating with stakeholders to ensure compliance and process improvements in DevSecOps.
🇺🇸 United States – Remote
💵 $109.1k - $142.8k / year
⏰ Full Time
🟡 Mid-level
🟠 Senior
⛑ DevOps & Site Reliability Engineer (SRE)
🦅 H1B Visa Sponsor
🔥 48 minutes ago
DevOps Engineer managing CI/CD systems and cloud security for Continuous Composites' manufacturing platform. Implementing infrastructure and troubleshooting multi-tenant applications in a collaborative environment.
🇺🇸 United States – Remote
💵 $130k - $180k / year
⏰ Full Time
🟠 Senior
⛑ DevOps & Site Reliability Engineer (SRE)
🔥 1 hour ago
201 - 500
Site Reliability Engineering Manager managing the availability and performance of Immense Studio's game platform. Leading SRE functions and collaborating with diverse teams for high-quality game infrastructure.
🔥 1 hour ago
DevOps Engineer responsible for building and operating SCIA’s automation platform. Enhancing Azure Infrastructure-as-Code, managing CI/CD pipelines, and leading technical onboarding engagements.
🇺🇸 United States – Remote
💵 $109.7k - $164.6k / year
⏰ Full Time
🟡 Mid-level
🟠 Senior
⛑ DevOps & Site Reliability Engineer (SRE)
🦅 H1B Visa Sponsor
🔥 3 hours ago
Distinguished Site Reliability Engineer developing and maintaining large scale Kubernetes clusters for NVIDIA. Engaging in the whole lifecycle of services from design to production support.
🇺🇸 United States – Remote
💵 $320k - $488.8k / year
⏰ Full Time
🟠 Senior
🔴 Lead
⛑ DevOps & Site Reliability Engineer (SRE)
🦅 H1B Visa Sponsor