Staff DevOps Engineer

We are seeking a highly skilled and experienced Staff DevOps Engineer to join our team. This role will focus on Site Reliability Engineering (SRE), enhancing our developer platform, and ensuring robust security practices. The ideal candidate will have a strong background in SRE principles, platform engineering, and security, with a proven ability to drive improvements in system reliability, performance, and security.

The position:

Are you data-driven and have a passion for information security? Do you love data analysis and making large amounts of information understandable and actionable for others? Do you like solving new problems and building new tools and codes? Do you like to work with others in a collaborate effort to build better more security applications? Would you like to join a team of talented security and technology professionals who are focused on building a robust and secure infrastructure? If so, join our team to develop these skills and build your career!

A Place for Mom is updating its security monitoring and vulnerability management systems. These systems need to provide useful information to the development teams so they can understand security concerns before they are deployed to production. We are seeking a Staff DevOps Engineer - Security to work as part of a team, interpret findings, and own the issue through remediation, to help us achieve our goal of zero security incidents.

Who you are:

You are an experienced and results-oriented Staff DevOps Engineer - Security who can work cross-functionally to develop and implement security improvements and safeguards which will protect A Place for Mom’s assets, employees, and customers.

What you will do:

• Incorporate A Place for Mom Values into each customer and co-worker interaction.

• Perform configuration, network, and application technical vulnerability assessments, identify vulnerabilities, validate their relevance, and work with teams to remediate them.

• Design and implement security solutions across infrastructure and applications to ensure "secure by default" principles are followed.

• Monitor, analyze, and respond to alerts from automated logging and monitoring tools, including AWS Security Hub, AWS Systems Manager, Cisco Duo Security, Endpoint protect and Security Information and Event Management (SIEM) tools, like Alert Logic or Rapid7, including collaborate with DevOps teams to automate security practices, integrating security controls and checks into CI/CD pipelines

• Respond to security related requests, events, and incidents; perform triaging and investigation as needed; and provide the fixes as appropriate

• Analyze security threats, vulnerability assessments, and audit results to identify the root cause and recommend or implement security solutions that enable business objectives.

• Lead the development and enforcement of security standards, policies, and procedures, ensuring alignment with industry best practices.

• Collaborate with other teams to support response efforts to security-related findings or concerns and drive to resolution.

• Analyze mean time to remediation, incident response times, and other security metrics and provide assessment reports.

• Develop and maintain automated security testing and scanning tools to detect vulnerabilities during the development lifecycle.

• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions and improved security processes.

• Evangelize a culture of security to the rest of the company through education, support, and empathy, fostering a culture of security awareness

• Stay up-to-date on the latest security threats, vulnerabilities, and trends, proactively recommending improvements to security posture.

• Perform additional tasks as assigned.

Qualifications

• Strong knowledge and 5+ years’ experience in Computer Science, Information Security, or related field (or equivalent work experience).

• TCP/IP and other network protocols

• Computer systems and their security functions including authentication, access control, and auditing

• Securing Windows and Linux-based environments

• CI/CD pipelines using GitHub, familiarity with IAC tools like Terraform

• AWS Containerization like Fargate

• Entry point tools and applications such as firewalls, WAF, CDN, APIs

• Endpoint solutions such as Anti-virus software and intrusion detection, and encryption

• In depth knowledge of AWS environments and their security services

• Scripting with Powershell, Bash, AWS CLI, Cloudformation and Terraform

• Managing Security tools: such as MFA, SIEM, Auditing, Security Training, Risk Registry

• Strong understanding of Security frameworks such as NIST, ISO

• Strong understanding of application security, including secure coding practices, OWASP Top 10, and vulnerability assessment tools (e.g., Snyk, Veracode, Burp Suite), and be able to provide recommendations over time.

• Strong problem-solving skills and ability to communicate complex security issues to both technical and non-technical stakeholders.

• Ability to work independently, as a team member, or under the direct supervision of a company leader.

Additional recommended skills/education:

• Ability to work independently, as a team member, or under the direct supervision of a company leader

• Practical experience implementing a zero trust environment

• Experience with penetration testing, and replication of the finding independently

• Bachelor’s degree in IT

• CISSP/CISA/Security+/Network +/CWAPT/OSCP/CEH or other security certification is a plus.

Compensation

• Base Salary: $150,000 to $170,000 + 10% Bonus

• Benefits:

  • 401(k) plus match

  • Dental insurance

  • Health insurance

  • Vision Insurance

  • Paid Time Off

#LI-KT1

#LI-REMOTE

About A Place for Mom

A Place for Mom is the leading platform guiding families through every stage of the aging journey. Together, we simplify the senior care search with free, personalized support — connecting caregivers and their loved ones to vetted providers from our network of 15,000+ senior living communities and home care agencies.

Since 2000, our teams have helped millions of families find care that fits their needs. Behind every referral and resource is a shared goal: to help families focus on what matters most — their love for each other.

We’re proud to be a mission-driven company where every role contributes to improving lives. Caring isn’t just a core value — it’s who we are. Whether you’re supporting families directly or driving innovation behind the scenes, your work at A Place for Mom makes a real difference.

Our employees live the company values every day:

• Mission Over Me: We find purpose in helping caregivers and their senior loved ones while approaching our work with empathy.

• Do Hard Things: We are energized by solving challenging problems and see it as an opportunity to grow.

• Drive Outcomes as a Team: We each own the outcome but can only achieve it as a team.

• Win The Right Way: We see organizational integrity as the foundation for how we operate.

• Embrace Change: We innovate and constantly evolve.

Additional Information:

A Place for Mom has recently become aware of the fraudulent use of our name on job postings and via recruiting emails that are illegitimate and not in any way associated with us. APFM will never ask you to provide sensitive personal information as part of the recruiting process, such as your social security number; send you any unsolicited job offers or employment contracts; require any fees, payments, or access to financial accounts; and/or extend an offer without conducting an interview.

If you suspect you are being scammed or have been scammed online, you may report the crime to the Federal Bureau of Investigation and obtain more information regarding online scams at the Federal Trade Commission.

All your information will be kept confidential according to EEO guidelines.

A Place for Mom uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify.