About Smartsheet
For over 20 years, Smartsheet has helped people and teams achieve–well, anything. From seamless work management to smart, scalable solutions, we’ve always worked with flow. We’re building tools that empower teams to automate the manual, uncover insights, and scale smarter. But more than that, we’re creating space– space to think big, take action, and unlock the kind of work that truly matters. Because when challenge meets purpose, and passion turns into progress, that’s magic at work, and it’s what we show up for everyday.
Automation is the key to creating highly reliable and secure large-scale software systems. Are you someone who engineers solutions to problems rather than simply fixing the same thing over and over again? Can you protect Smartsheet against attackers?
We are looking for a Senior DevSecOps Engineer to join our global Security Operations team. In this critical role, you will be a leader in maturing our security and reliability posture by treating both as software engineering challenges. You will engineer and operate a highly reliable, scalable, and defensible production environment, directly impacting our ability to deliver a world-class service to our customers 24/7. This is a unique opportunity to blend deep expertise in Site Reliability Engineering (SRE) and modern Security Operations, working at the intersection of infrastructure, automation, and security to build a platform that is resilient and secure by design.
You will work remotely from Bulgaria.
What You Will Do
- Engineer Secure and Resilient Infrastructure: Design, build, maintain, and improve secure, scalable, and highly available infrastructure in our multi-cloud environment (primarily AWS) using Infrastructure as Code (IaC) principles with tools like Terraform, Kubernetes, and Helm.
- Automate Proactive Security: Engineer and automate threat detection, incident response, and vulnerability management processes. You will build the tools and workflows that allow us to respond to threats at machine speed.
- Secure the Software Development Lifecycle: Architect and secure our CI/CD pipelines, integrating automated security tooling (SAST, DAST, SCA) to provide developers with fast, actionable feedback.
- Master Container Security: Manage, operate, and secure our container orchestration platform (Kubernetes), implementing best practices for container security from the registry to runtime, including knowledge of hardening requirements such as CIS Benchmarks or DISA STIG.
- Lead Incident Response: Act as a technical lead during security and reliability incidents, driving resolution and conducting blameless post-mortems to engineer preventative solutions.
- Drive Automated Compliance: Implement and automate technical controls to ensure continuous compliance with frameworks such as FedRAMP, SOC 2, and ISO 27001.
- Mentor and Lead: Serve as a subject matter expert for security and reliability, mentoring other engineers and championing a culture of operational excellence and security ownership across the organization.
Get to Know Us:
At Smartsheet, your ideas are heard, your potential is supported, and your contributions have real impact. You’ll have the freedom to explore, push boundaries, and grow beyond your role. We welcome diverse perspectives and nontraditional paths—because we know that impact comes from individuals who care deeply and challenge thoughtfully. When you’re doing work that stretches you, excites you, and connects you to something bigger, that’s magic at work. Let’s build what’s next, together.
Nice to Have
- Advanced industry certifications such as CISSP, CISM, OSCP, or cloud-specific security certifications.
- Experience with compliance frameworks like FedRAMP, ISO27001, SOC2.
What You Have (Qualifications)
- 8+ years of progressive experience in technology, with at least 5 years in a hands-on senior role such as Site Reliability Engineering, DevOps, or Security Engineering.
- A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience.
- Expert-level proficiency in at least one major cloud provider, preferably AWS, with deep knowledge of core infrastructure and security services.
- Expert-level proficiency with Infrastructure as Code, particularly Terraform.
- Expert-level proficiency in a scripting or programming language such as Python, Go, or Ruby, with a proven history of building automation and custom tooling.
- Deep experience with containerization and orchestration technologies (Kubernetes), including securing containerized environments.
- Proficiency with the modern security operations toolchain, including SIEM, EDR, and vulnerability scanning technologies.
- Experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines.
- A critical thinker with a proven ability to troubleshoot complex problems in high-pressure production environments.
- Excellent verbal and written communication skills and a collaborative spirit.
- Fluency in English is required
- Legally eligible to work in Bulgaria on an ongoing basis
