DevSecOps Engineer

Typeform is a refreshingly different form builder. We help over 150,000 businesses collect the data they need with forms, surveys, and quizzes that people enjoy. Designed to look striking and feel effortless to fill out, Typeform drives 500 million responses every year and integrates with essential tools like Slack, Zapier, and Hubspot.

The Platform and Security team ensures that Typeform engineers can build, deploy, and operate services safely and efficiently. As we scale into AI-powered products, our engineering velocity has increased significantly. New workloads—including model‑serving, agent‑based systems, and real‑time data pipelines—introduce new security challenges that the current team lacks capacity or AI‑specific expertise to manage.

This is where you come in: as our DevSecOps Engineer, you'll embed security into the development lifecycle, enable high‑velocity feature delivery, and ensure that new AI capabilities are safe, compliant, and resilient.

Things you will do:

• Embed security into the software development lifecycle, enabling teams to ship features safely at high velocity.
• Partner with engineering and AI teams to assess and mitigate security risks for new AI features, infrastructure, and pipelines.
• Develop and maintain secure CI/CD pipelines, tooling, and automation to support rapid deployment.
• Conduct threat modeling, vulnerability assessments, and code reviews for new services and AI workloads.
• Advise on secure architecture patterns for infrastructure, agent systems, and model‑serving environments.
• Implement monitoring, alerting, and incident response practices for critical security events.
• Define best practices, standards, and policies for secure feature delivery across engineering teams.
• Act as the internal security advocate, balancing risk management with product velocity.

What you already bring to the table:

• Several years of experience in DevSecOps, security engineering, or cloud security.
• Deep understanding of security in distributed systems, cloud‑native infrastructure, and CI/CD pipelines.
• Knowledge of threat modeling, vulnerability assessment, and incident response practices.
• Experience securing AI/ML workloads, model‑serving pipelines, or agent‑based systems (or a strong willingness to learn).
• Familiarity with IaC, Kubernetes, and cloud platforms (AWS, GCP, Azure).
• Strong collaborator able to influence engineering teams and embed security practices without slowing development.
• Strong communication skills to explain complex security concepts to non‑security teams.

Extra awesome:

• Hands‑on experience with AI security, model risk, or prompt injection mitigation.
• Experience in high‑velocity SaaS or PLG environments.
• Contributions to open‑source security tooling or frameworks.
• Experience implementing automated security testing in CI/CD pipelines for both code and infrastructure.

Typeform drives hundreds of millions of interactions each year, enabling conversational, human‑centered experiences across the globe. We move as one team, empowering our collective efforts by valuing each individual's unique perspective. This fosters strong bonds grounded in respect, transparency, and trust. We champion our diverse customer base by anticipating their needs and addressing their challenges with priority. Committed to excellence, we hold high expectations for ourselves and each other, continuously striving to deliver exceptional results. We are proud to be an equal‑opportunity employer. We celebrate diversity and stand firmly against discrimination and harassment of any kind—whether based on race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or veteran status. Everyone is welcome here.