Skip to content

DevSecOps Engineer

OverflowRemote (Anywhere)July 14, 2026
Remote
Full-time
DevSecOps
Senior · 5+ yrs

Who We Are

Overflow is a Series C, growth-stage technology company on a bold mission: to inspire the world to give. We're a vertical fintech and SaaS platform unlocking more ways to give — cash, stock, crypto, and beyond — through a beautifully designed ecosystem built for high-impact churches, nonprofits, and mission-driven institutions.

Backed by Uncork Capital, Craft Ventures, Salesforce Ventures, R7, and WIF (one of the largest lenders to faith and philanthropic organizations in the country), we're building the infrastructure that makes generosity frictionless at scale.

Our Founding Principles

Overflow was founded on the belief that generosity transforms people and communities. Inspired by Proverbs 11:24 — "The world of the generous gets larger and larger" — we operate with integrity, stewardship, service, and excellence.

How We Work

Overflow operates with a flexible work model. While there is no company-wide in-office requirement, some teams may establish in-person collaboration rhythms based on their function, goals, and team needs.

We maintain offices in Los Gatos, CA and Birmingham, AL for team collaboration, coworking, meetings, and intentional in-person connection.

The Role

As our first DevSecOps Engineer, you will lay the groundwork for our new Platform/DevOps team. Your primary focus will be on Site Reliability Engineering (SRE) and DevOps—keeping our systems highly available, scalable, and efficient—while embedding a strong security posture into everything we build.

You will build the "paved road" for our engineering teams by managing our containerized AWS environment, automating deployments and building out observability foundations. As we scale, you will be instrumental in maintaining our SOC 2 compliance and driving the technical architecture required for our upcoming PCI Level 1 certification.

What You Will Do

Cloud Infrastructure & Platform Security

  • Secure, manage, and scale Overflow’s cloud environment, implementing least-privilege IAM policies, network security (VPCs, WAFs, Security Groups), and robust secret management.

  • Refine existing infrastructure provisioning using Infrastructure as Code (IaC) tools, ensuring security best practices.

  • Deploy and manage comprehensive observability, logging, and alerting frameworks to detect performance bottlenecks, anomalous behavior, or potential security incidents.

Secure CI/CD & Developer Enablement

  • Own and optimize our continuous integration and deployment (CI/CD) pipelines.

  • "Shift Left" by integrating automated security testing (SAST, DAST, dependency scanning, container scanning) directly into the developer workflow.

  • Act as a security champion, partnering with software engineers to perform threat modeling, architectural reviews, and secure coding training.

Compliance & Data Governance

  • Action on compliance requirements (SOC 2, PCI-DSS, and data privacy regulations)

  • Partner with our legal and operations teams to streamline security audits, penetration testing, and vendor risk assessments.

  • Ensure that PII and sensitive financial data are properly encrypted at rest and in transit across all databases and caching layers.

What You Should Have

  • Core Experience: 5+ years in DevOps, Site Reliability, or Cloud Platform roles

  • Cloud Expertise: Deep, hands-on experience with Docker and AWS ECS Fargate

  • CI/CD Automation: Extensive experience building and maintaining robust deployment pipelines using GitHub Actions.

  • Security & Compliance: Practical experience maintaining SOC 2 technical controls and a strong understanding of the architectural requirements for PCI-DSS (ideally Level 1) compliance.

It'd Be Nice If You Had

  • Startup DNA / Founding Experience: Previous experience as the first DevOps or SRE hire at a high-growth startup, comfortable taking ownership of the 0-to-1 platform build.

  • Fintech & Web3 Context: While not a day-one requirement, experience securing financial ledger systems, payment gateways, or blockchain/crypto infrastructure will be increasingly valuable as our platform evolves.

  • Offensive Security Knowledge: Experience participating in bug bounties, conducting internal threat modeling, or a strong understanding of the OWASP Top 10.

Our Compensation Philosophy

Overflow's compensation philosophy is rooted in Carta Total Compensation benchmarks, ensuring pay that is competitive by role, geography, and function. Total compensation may also include equity, performance-based bonuses (for eligible roles), and a comprehensive benefits package.

Benefits & Perks

  • Competitive base salary with equity eligibility

  • Medical, dental, and vision coverage for employees and dependents

  • Generous paid time off and company holidays

  • Paid parental leave

  • 401(k) retirement plan

  • Dedicated mental health and therapy stipend to support personal well-being

  • Team retreats and intentional in-person gatherings throughout the year

Overflow is proud to be an equal opportunity employer and is committed to building a diverse and inclusive team.

Job Details

Experience

Senior · 5+ yrs

Tools & Tech

AWS
C
Docker
ECS
GitHub
GitHub Actions