About us 

VERSA AI is an innovative and fast-growing start-up in the Contact Centre automation space designing and deploying GenAI voice and chart agents. We’re on a mission to build and support the Contact Centre of the future, using the power of conversational AI to create natural, beautiful conversations between humans and machines. 

Our technology helps clients deliver exceptional customer experiences while simultaneously cutting costs and scaling efficiently. An Australian-founded business with a strong foothold in the US, we are expanding our operations and building out our team on the ground in the critical market. 

We are looking for passionate, entrepreneurial individuals who are eager to make a significant impact in a dynamic, fast-moving environment, and who want to shape how we deliver our platform and inform what we build next through real world implementations. 

About the Role 

We are hiring our first dedicated Senior DevSecOps Engineer to take ownership of the security, reliability, and operational maturity of our cloud platform. This is a foundational hire. You won’t be maintaining someone else’s framework; you’ll be building it from the ground up. 

Our platform runs on AWS (Lambda, Fargate/ECS, EC2, S3, Aurora DB, ElastiCache/Redis, CloudWatch, etc) with CI/CD pipelines. We’re growing fast and need someone who can bring structure where there is currently improvisation: centralising secrets management, enforcing least-privilege IAM, standardising pipelines with security gates, introducing infrastructure-as-code and best practices for VPCs/subnets/routing, and building an observability stack that gives the team real-time visibility into what’s happening across our environments. 

Reporting to the Head of Engineering, you’ll work closely with a small, high-output engineering team to embed security into every stage of the development lifecycle, without slowing anyone down. You’ll have real autonomy to choose tools, define standards, and shape how we operate as we scale. 

Who we are looking for 

You have experience building software/writing code for developer tooling, deployment tools, monitoring tools, not just assembling the parts.  

You are a pragmatic, security-minded engineer who has built DevSecOps practices inside fast-moving teams before. You’re equally comfortable writing IaC code with various tools as you are configuring security guardrails/rules, IAM policies/roles or redesigning/debugging CI/CD pipelines. You’ve seen the chaos that comes with rapid growth and you know how to impose order without creating bureaucracy. 

You bring strong opinions on how to do things right (secrets rotation, least-privilege IAM, automated scanning, centralised logging) but you’re flexible about the path to get there. You understand that in a startup, you sometimes need to ship a pragmatic 80% solution this week rather than a perfect one next quarter. 

Above all, you want to be the person who builds the security and infrastructure foundation that the company grows on for years to come. 

Required Experience 

• 7+ years of hands-on experience in DevOps, Platform Engineering, or DevSecOps roles, with at least 2 years focused on security practices 
• Deep AWS expertise across IAM, KMS, Secrets Manager, VPC, Lambda, Fargate/ECS, EKS, EC2, S3, CloudWatch, CloudTrail, GuardDuty, Config, and Security Hub 
• Proven experience designing and enforcing least-privilege IAM strategies, including service roles, cross-account access patterns, and MFA enforcement 
• Strong Infrastructure-as-Code skills with Terraform/Pulumi/CloudFormation and other IaC tools, including experience with policy-as-code tools such as Checkov, tfsec, or OPA/Rego 
• Experience building and hardening CI/CD pipelines with integrated SAST, SCA, secrets scanning, and container image scanning 
• Hands-on experience with secrets management platforms (AWS Secrets Manager, HashiCorp Vault) including rotation policies and client separation 
• Track record of implementing centralised observability: log aggregation (CloudWatch, ELK, or Datadog), metrics collection (Prometheus/Grafana), distributed tracing (OpenTelemetry), and defining SLIs/SLOs 
• Experience setting up cloud security monitoring with real-time alerting (CloudTrail analysis, GuardDuty, AWS Config rules) and integrating alerts into Slack or similar channels 
• Strong scripting and automation skills in Typescript, Python, Bash, or Go 
• Excellent communication skills. You can translate security risk into engineering priorities and bring developers along with you rather than blocking them 

Nice to Have 

• AWS certifications (DevOps Engineer Professional, Security Specialty, or Solutions Architect Professional) 
• Experience with container security (ECS/EKS RBAC hardening, image signing, admission policies, registry controls) 
• Familiarity with vulnerability management workflows, CSPM tooling, and CVSS-based remediation prioritisation 
• Exposure to securing AI/ML workloads, model-serving pipelines, or real-time voice/NLP inference infrastructure 
• Experience working in a startup where you were the first or sole DevSecOps/security hire