DevOps & Security Manager

Senior DevOps & IT Infrastructure Manager

About Verdantis

Verdantis is an AI-native enterprise software company building intelligent solutions for MRO (Maintenance, Repair & Operations) and Enterprise Asset Management. Our products Harmonize, Integrity, and MRO 360 serve asset-intensive industries including oil & gas, chemicals, pharma, mining, and power generation across the US and Middle East.

About the Role

This is a dual-mandate leadership role. You will own (a) DevOps engineering for our cloud-hosted SaaS products, (b) end-to-end internal IT infrastructure for the entire company, and (c) the security posture for an AI-native product company that handles sensitive enterprise data and uses LLMs in production.

We need someone equally comfortable architecting Kubernetes clusters and writing IAM policies. You'll be the senior-most owner of production cloud reliability, internal IT excellence, and security across our stack including the unique risks that come with AI-native products. This is will be manager role with team reporting to him/her.

Part A: DevOps Engineering

• Architect, automate, and maintain cloud infrastructure on AWS/Azure using Terraform and Ansible
• Own the CI/CD platform (Jenkins, GitLab CI/CD, or GitHub Actions) design pipelines, manage build infrastructure, optimize deployment velocity
• Lead containerization and orchestration strategy (Docker, Kubernetes, Helm)
• Establish SRE practices: SLIs/SLOs, incident response, postmortems, on-call rotations
• Set up and maintain observability stack (Prometheus, Grafana, ELK, or equivalents)
• Drive cloud cost optimization and capacity planning
• Mentor the DevOps Intern and serve as the technical authority on platform engineering decisions
• Partner with the CTO and engineering leadership on infrastructure roadmap aligned with our AI-native product direction

Part B: Security for an AI-Native Product Company

Verdantis builds AI-native products that ingest and process sensitive enterprise master data (materials, equipment, procurement records) for global asset-intensive customers. Our products embed LLMs, agents, and proprietary models which introduces a different security surface from traditional SaaS. You will own this end-to-end.

Cloud & Application Security

• Implement security best practices across AWS/Azure: IAM, network segmentation, secrets management (HashiCorp Vault, AWS Secrets Manager), encryption at rest and in transit
• Embed security into the SDLC- SAST, DAST, SCA, container scanning, and dependency vulnerability management integrated into CI/CD
• Run regular vulnerability scans and coordinate annual penetration testing with external partners
• Define and enforce secure coding standards across the engineering team
• Lead incident response and forensic investigation for security events

AI/LLM Security & Governance

• Establish controls for AI-specific threats - prompt injection, jailbreaks, training data leakage, model inversion, and indirect injection through customer data
• Implement guardrails and content filtering for LLM inputs and outputs across our agentic AI workflows
• Govern the data pipeline used for fine-tuning and RAG- ensure customer master data used in model contexts is properly isolated, anonymized where required, and tenant-segregated
• Manage third-party AI/LLM vendor risk: review contracts, data residency, retention, and training-opt-out clauses for OpenAI, Anthropic, Azure OpenAI, and similar providers
• Maintain an inventory of AI models, datasets, and agents in production with their data flows documented
• Build internal policies on responsible AI use: what employee data, customer data, and code can be sent to which AI tools
• Track emerging AI security frameworks (OWASP Top 10 for LLMs, NIST AI RMF, ISO/IEC 42001) and align our practices accordingly

Compliance & Customer Trust

• Lead preparation and ongoing maintenance of SOC 2 Type II and ISO 27001 certifications
• Respond to customer security questionnaires and support enterprise sales cycles with security artifacts
• Maintain a public trust center- sub-processor list, security whitepaper, AI usage disclosures
• Ensure compliance with regional data residency requirements for US and Middle East customers

Part C: IT & Infrastructure Management

• Own the complete internal IT infrastructure for a multi-location team
• Manage the full asset lifecycle for laptops, desktops, and peripherals: procurement, provisioning, tracking, refresh, and retirement
• Own identity and access management: Google Workspace administration, SSO/Okta, role-based access, joiner-mover-leaver workflows
• Manage office network infrastructure: WiFi, VPN, firewalls, and remote-access security
• Implement and enforce endpoint security: disk encryption, EDR/antivirus, patch management, USB and data-loss policies
• Run IT helpdesk operations: set up ticketing, define SLAs, resolve issues for the global team
• Manage vendor relationships: hardware suppliers, SaaS subscriptions, licenses, and renewals
• Define and enforce IT policies, SOPs, and onboarding/offboarding workflows

Qualifications

• 8–12 years of combined experience across DevOps engineering, security, and IT infrastructure, with at least 5 years in DevOps/cloud and 3+ years owning IT and security for a 50+ person organization
• Deep expertise in at least one major cloud platform (AWS or Azure) with proven production-scale experience
• Hands-on mastery of Terraform, Kubernetes, Docker, and modern CI/CD tooling
• Strong scripting and automation skills (Python, Bash, PowerShell)
• Demonstrated experience implementing security programs: IAM, secrets management, vulnerability management, secure SDLC
• Practical understanding of AI/LLM security threats and mitigation patterns (prompt injection, data leakage, model abuse)
• Experience administering MDM platforms (Jamf, Intune, Kandji, or Hexnode) across mixed macOS/Windows fleets
• Working knowledge of identity providers (Google Workspace, Okta, Azure AD/Entra ID) and SSO/SAML
• Solid grounding in network fundamentals: firewalls, VPN, WiFi, segmentation
• Strong vendor management and budgeting skills
• Excellent communication: able to brief leadership, work with auditors, and engage with customer security teams

Preferred

• Cloud certifications (AWS Solutions Architect Professional, Azure Solutions Architect Expert)
• Security certifications (CISSP, CISM, CCSP, Security+)
• Prior experience preparing a B2B SaaS company for SOC 2 Type II or ISO 27001 audits
• Familiarity with ISO/IEC 42001 (AI Management System) or NIST AI Risk Management Framework
• Experience managing distributed teams across India, US, and Middle East
• Prior people-management experience