Key skills
PythonGoBashPowerShellAILLMClaudeAnthropicLangChainAgenticAWSAzureTerraformKubernetesDockerJenkinsGitHub ActionsGitLab CIPulumiEKSAKSCloudFormationCircleCIIAMCloudWatchPrometheusGrafanaDatadogNew RelicGitHubGitLabSaaSCI/CDLeadershipCommunication
About this role
Edlio is an edtech company dedicated to helping K–12 school districts communicate and connect with their communities. They are hiring a DevOps Engineer to oversee their production infrastructure, ensure PCI DSS compliance, and enhance system reliability and security. The role involves building scalable systems, automating processes, and collaborating with engineering and security teams.
Responsibilities:
- Own and continuously improve Edlio’s cloud infrastructure (AWS/Azure) including networking, compute, storage, identity & access management, and the security controls that protect our cardholder data environment (CDE)
- Build, maintain, and optimize CI/CD pipelines, infrastructure-as-code (Terraform, CloudFormation), and containerized workloads (Docker, Kubernetes) that let engineering ship safely and quickly
- Lead our PCI DSS compliance program: maintain technical controls, gather evidence, manage our compliance platform (e.g., Vanta/Drata), and partner with QSAs and internal stakeholders through annual audits and quarterly scans
- Implement and monitor PCI DSS technical requirements including network segmentation, encryption (in transit and at rest), key management, vulnerability scanning, patch management, and secure configuration baselines
- Build observability into everything monitoring, logging, alerting, and incident response runbooks that keep our systems reliable and our audit trails complete
- Build agentic AI workflows and automations that drive PCI DSS readiness and continuous evidence collection, access reviews, control monitoring, and audit-prep tasks that traditionally eat weeks of manual work
- Integrate AI tools across DevOps workflows from automating deployment checks and security scanning, to building AI-assisted runbooks that make the team faster and safer
- Partner with Engineering and Security to harden production systems, manage vulnerabilities, and respond to incidents
- Document systems and processes clearly so the broader team can self-serve, and so future audits are smooth and predictable
- Act as a trusted advisor to leadership on technology investments, vendor selection, and compliance posture
Requirements:
- 5+ years of hands-on DevOps, SRE, or cloud infrastructure experience in a SaaS or cloud-first environment
- Direct experience supporting a PCI DSS audit: you've owned technical controls, prepared evidence, and worked with QSAs or external auditors through a successful assessment
- Hands-on experience designing and operating CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, CircleCI, or similar) and infrastructure-as-code (Terraform, CloudFormation, Pulumi)
- Deep working knowledge of AWS or Azure including VPC design, IAM, encryption services (KMS), secrets management, and security tooling (GuardDuty, Security Hub, Inspector, or equivalents)
- Experience with containerization and orchestration (Docker, Kubernetes/EKS/AKS) and modern observability stacks (Datadog, New Relic, CloudWatch, Prometheus/Grafana)
- Practical experience building agentic AI workflows and automations (LLM APIs, AI assistants, agent frameworks, or AI-powered scripting) that replace manual work and a clear point of view on how to do it safely in a regulated environment
- Scripting fluency (Python, Bash, Go, or PowerShell) and comfort automating repetitive work
- Excellent written communication you can explain technical decisions to non-technical leaders and write documentation people actually use
- Experience in edtech, K–12, or other regulated/student-data environments (FERPA, COPPA, state privacy laws)
- Familiarity with additional frameworks: SOC 2, ISO 27001, NIST CSF, or HIPAA
- Security certifications such as CISSP, CISA, Security+, AWS Security Specialty, or Certified Kubernetes Security Specialist (CKS)
- Experience with payment processing integrations, tokenization, or working alongside payment service providers (Stripe, Braintree, etc.)
- Experience with compliance automation platforms (Vanta, Drata, Secureframe) and bonus for shipping automations that closed real audit findings
- Experience building internal AI tooling, prompt libraries, or evaluations for AI-assisted DevOps workflows
- Experience with agent frameworks (e.g., Claude/Anthropic, LangChain, custom agents) deployed in a regulated production environment