About the role

Atiom is growing into an enterprise-grade platform, and with that growth comes increasing demands around security, reliability, compliance, and operational maturity.

We are looking for a senior DevSecOps / Platform Lead to take full ownership of our infrastructure, security posture, and operational foundations. This role exists to move these responsibilities out of ad-hoc ownership and into a single, expert-led function that proactively pushes the platform forward.

This is not a support role and not a junior sysadmin position. You will be the technical authority for platform decisions and the person responsible for ensuring Atiom is secure, reliable, compliant, and ready for enterprise clients.

‍
Your responsibility:

Platform & Infrastructure Ownership

• Own the overall health, structure, and evolution of our AWS infrastructure
• Design and enforce infrastructure standards and guardrails
• Identify and eliminate single points of failure
• Ensure the platform scales reliably as usage and data volume grow
  
  

AWS Well-Architected Review Improvements

• Take ownership of all existing AWS Well-Architected Review findings
• Classify, prioritize, and drive remediation across all pillars
• Decide when tradeoffs are acceptable vs when improvements are required
• Periodically reassess architecture to prevent regression
  
  

Monitoring, Logging & Observability

• Design and maintain centralized logging and monitoring systems
• Define what must be logged, monitored, and alerted on
• Build actionable alerts that reduce noise and increase signal
• Create dashboards that give clear operational visibility
  
  

Security & Risk Management

• Own AWS IAM strategy and access controls
• Define secrets management and rotation practices
• Review infrastructure and deployment patterns for security risks
• Lead technical incident response for security-related events
• Support threat modeling for new features (e.g. SSO, AI features)
  
  

Compliance & ISO 27001

• Own technical compliance improvements and remediation plans
• Act as the technical lead for ISO 27001 preparation and certification
• Translate compliance requirements into real system changes
• Maintain evidence and controls post-certification
• Ensure compliance remains continuous, not a one-time effort
  
  

CI/CD & Deployment Safety

• Own CI/CD pipelines and deployment standards
• Ensure safe, repeatable, and auditable deployments
• Define rollback and recovery strategies
• Reduce deployment risk and blast radius
  
  

Reliability, Backup & Disaster Recovery

• Define backup strategies and test restores regularly
• Lead disaster recovery planning and realism checks
• Ensure failure scenarios are understood and planned for
• Proactively improve platform resilience
  
  

Cost Visibility & Guardrails

• Maintain clear AWS cost visibility and attribution
• Implement budgets, alerts, and anomaly detection
• Identify waste and unjustified spend
• Partner with leadership on cost vs reliability tradeoffs
  
  

Enterprise Maturity & Technical Leadership

• Identify architectural and operational gaps before they become problems
• Push the platform toward enterprise-grade practices where appropriate
• Challenge short-term decisions that create long-term risk
• Bring structured thinking from larger-scale systems into Atiom
  
  

Cross-Team Enablement

• Work closely with backend, frontend, and product teams
• Provide standards, templates, and guidance that enable safe development
• Review high-risk technical changes
• Reduce operational burden on feature teams
  
  

What success looks like

• Infrastructure decisions are intentional, documented, and predictable
• Monitoring and alerts surface real problems, not noise
• Compliance work is structured and continuously maintained
• ISO 27001 certification is achievable and sustainable
• Deployments are routine and low-stress
• Platform risks are identified early instead of discovered in production
• The CTO is no longer the default owner of infrastructure and compliance
  
  

What we’re looking for:

Required experience

• Strong hands-on experience with AWS in production environments
• Proven experience designing secure, reliable cloud architectures
• Experience with CI/CD pipelines and deployment automation
• Experience implementing monitoring, logging, and alerting systems
• Experience working with compliance frameworks (ISO 27001, SOC 2, or similar)
  
  

Strongly preferred

• Experience preparing for or maintaining ISO 27001 certification
• Experience supporting enterprise or regulated clients
• Background in DevSecOps or platform engineering roles
• Experience designing systems that scale operationally, not just technically
  
  

You will thrive here if you:

• Think proactively about failure, risk, and long-term consequences
• Are comfortable being the technical authority in your domain
• Prefer building guardrails over firefighting
• Can explain complex platform decisions clearly to non-specialists
• Enjoy improving systems that already work — before they break
  
  

Why this role matters

This role is foundational to Atiom’s next phase. As the platform grows, success will increasingly depend on security, reliability, and trust, not just features. You will have real ownership, real influence, and the mandate to raise the technical bar across the company.

About Atiom

Atiom is a behavioral technology company helping frontline teams across the globe work safer, smarter, and more connected. Our platform blends habit-forming UX, enterprise training, and AI-driven insights into one easy-to-use system that drives real-world change.

We’re a tight-knit, mission-driven team that values autonomy, trust, and thoughtful engineering.

Get In Touch

Sound like a fit?

Please send your resume and a short note about your experience building platform or cloud-native systems to careers@atiom.app, we’d love to talk.