Senior DevSecOps Engineer in Torrance, California at MOTER Technologies, Inc.

MOTER Technologies, Inc. (“MOTER”) is unlocking the world of connected vehicle data to power innovative products and services for the automotive, mobility, and insurance industries. Our edge-computing-based advanced data analytics and software platform transforms vehicle data into actionable insights that drive the next generation of driver scoring, risk analytics, and insurance solutions.

MOTER is modernizing the insurance industry by equipping insurers with real-time vehicle insights to enhance underwriting, streamline claims, and improve risk assessment. To drive this transformation, MOTER is building white-labeled insurance products for some of the most recognized brands in the automotive industry. These offerings leverage the full suite of MOTER’s connected vehicle data solutions—including next-generation telematics and claims visualization tools—bridging the gap between automakers and insurers, accelerating innovation, and delivering measurable value across the mobility ecosystem.

Job Overview

The Senior DevSecOps Engineer builds and operates the platform that powers developer experience and security across our engineering organization. This role will design and run our CI/CD runner fleet (Bitbucket Pipelines and/or GitLab Runners), shape the security guardrails that protect production, and turn high-friction requests — ACL changes, IAM roles, network rules, secrets — into safe, automated, self-service paths.

This role will own our shared Terraform libraries and operate them as internal services with an API-first mindset, so product engineers can request infrastructure — VPC endpoints, IAM roles, S3 buckets, RDS, EKS workloads — in a paved-road, secure-by-default way. This individual will harden our AWS multi-account environment and Amazon EKS footprint, drive vulnerability management and pentest remediation, and partner with engineering teams as a trusted security advisor. This is a hands-on platform-engineer-meets-security role.

This role is AI-first. The Senior DevSecOps Engineer is expected to write and maintain code — Terraform and other IaC, automation scripts, runner configurations, internal tooling, and security policies — using AI-assisted engineering as a core part of your daily workflow. The ideal candidate is comfortable delegating well-scoped tasks to AI coding agents, reviewing and hardening their output, and treating prompt design, evals, and guardrails as part of the engineering craft. This role reports to the Director of Engineering.

• Work AI-first. Use AI-assisted engineering as your default approach to write, refactor, and maintain Terraform and other IaC, pipeline configurations, automation scripts, internal tooling, and security policies — while reviewing AI-generated output critically and owning the final quality, security, and reliability of what ships.
• Help define and evolve MOTER’s standards for AI-assisted engineering: code review, evals, secret hygiene, prompt and context patterns, and guardrails that keep AI-generated infrastructure and security code safe in production.
• Build and operate our CI/CD runner fleet on Bitbucket Pipelines and/or GitLab Runners — ephemeral, autoscaling, OIDC-authenticated to AWS, with strong workload isolation, signed artifacts, and SLSA-aligned supply-chain controls.
• Own MOTER’s shared Terraform libraries and modules; expose them as internal services with an API-first interface so engineering teams can request infrastructure (VPC endpoints, IAM roles, S3 buckets, RDS, EKS workloads) in a paved-road, secure-by-default way.
• Create safe, automated self-service paths for high-toil requests — ACL and security-group changes, IAM permission grants, KMS keys, and secret provisioning — backed by policy-as-code, automated review, and full auditability.
• Define and enforce security policies and guardrails across the SDLC: pre-commit hooks, SAST/DAST/SCA, IaC scanning (Checkov, tfsec, OPA/Conftest), container image scanning, and secret detection — tuned for high signal-to-noise and clear remediation paths.
• Harden MOTER’s AWS multi-account environment using AWS Organizations, SCPs, Control Tower (or equivalent landing zone), IAM Identity Center, GuardDuty, Security Hub, Config, CloudTrail, KMS, and Secrets Manager.
• Operate and secure our Amazon EKS clusters and Amazon ECR supply chain: RBAC, network policies, admission control (OPA Gatekeeper / Kyverno), pod security standards, IAM Roles for Service Accounts (IRSA), image signing (cosign), and runtime protection.
• Run a risk-based vulnerability management program across cloud, code, containers, and dependencies; coordinate internal and external penetration tests, triage findings, drive remediation, and verify fixes.
• Lead incident response readiness for cloud workloads — detections in GuardDuty / Security Hub, runbooks, tabletop exercises, and post-incident reviews.
• Partner with product and platform engineering as a trusted security advisor — threat models, design reviews, lightweight standards, and developer enablement.
• Performs other related duties as assigned.

• Hands-on experience working AI-first with agentic AI coding tools — including for Terraform / IaC, pipeline configuration, and security tooling — with a clear point of view on when to delegate, how to verify, and how to keep humans accountable for the result.
• Comfort experimenting with new AI coding assistants and agent frameworks as the landscape evolves, and a thoughtful view on the trade-offs between speed, security, and code quality when using them.
• 8+ years of professional experience across DevOps, SRE, platform engineering, or DevSecOps, with at least 4 years focused on cloud security and developer platform work.
• Deep, hands-on AWS expertise at production scale — including IAM, networking (VPC, PrivateLink, Transit Gateway), KMS, GuardDuty, Security Hub, Config, CloudTrail, and Secrets Manager — with experience operating a multi-account environment using AWS Organizations, SCPs, and Control Tower (or equivalent landing zone patterns).
• Strong experience operating CI/CD runners in Bitbucket Pipelines and/or GitLab Runners (or equivalent), including ephemeral compute, OIDC-based AWS auth, and pipeline hardening.
• Production experience writing and maintaining Terraform — including module design, state management, policy-as-code (OPA/Conftest, Checkov, tfsec), and patterns for exposing IaC capabilities as internal APIs or self-service platforms.
• Hands-on Kubernetes / Amazon EKS operating experience and a working knowledge of container and supply-chain security (image signing, SBOMs, runtime controls).
• Demonstrated track record of converting high-toil security and platform workflows (ACLs, IAM, network rules, secrets) into safe, automated, self-service paths.
• Strong programming or scripting skills in Python, Go, TypeScript, or Bash — you build tools, you don’t just configure them.
• Experience running a risk-based vulnerability management program and coordinating internal and external penetration test engagements.
• Bonus: AWS Certified Security – Specialty, AWS Solutions Architect – Professional, CKS, OSCP, or equivalent practical experience; familiarity with SOC 2 / ISO 27001 from an engineering perspective.
• Proficiency with Microsoft Office Suite (Excel, Word, etc.) required.
• Strong organizational skills with the ability to effectively handle multiple assignments, prioritize tasks, and meet deadlines in a dynamic, results-oriented environment.
• Strong written and verbal communication skills to collaborate effectively with team members, clients, and brokers.
• High work ethic, self-motivation, and initiative.
• Good judgment, high integrity, and the ability to work both independently and as part of a larger team.
• Legal authorization to work in the U.S. without sponsorship.

• Torrance, CA (Tuesdays and Thursdays in office)

• The annual salary range for this position is $120,000 - $145,000/year. Actual compensation will be determined based on the candidate's experience, skills, and qualifications.
• This is an exempt position.

• 10%

Benefits of Working with Us

• Comprehensive benefits package including medical, dental, and vision coverage; basic life and long-term disability insurance; Health Savings Account (HSA); Flexible Spending Account (FSA); generous paid time off and holiday pay; and a 401(k) with company match.
• Complimentary catered office lunches.
• Flexible office hours to support work-life balance.
• A collaborative culture where your input directly impacts the product and company trajectory.
• A health and wellness-focused work environment with team social events.
• Business casual dress code.

EEO Statement

MOTER Technologies Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

If you require accommodation or assistance with your application, please contact our Human Resources department at (424)322-9518.