teamstation · careersINTERNAL OPENINGS · 2026
Hiring · 170 open roles
REQ-0848

Senior Fractional DevSecOps / Application Security Lead

CategoryOther
Location100% Remote — Latin America
EngagementFull Time Engineering Role
CompensationTop Compensation

Engineering Role Details

Posted Jul 16, 2026

At TeamStation AI, we are on a mission to bring together the brightest minds to solve tomorrow’s toughest technology challenges. Our work is about more than just AI—it’s about building the future through collaboration and innovation. We believe that the key to solving the world’s most complex problems lies in aligning diverse talents and perspectives. Our AI-powered platform enables cutting-edge scientific and technical teams to work smarter, faster, and together. By joining us, you’ll help unlock new technological breakthroughs and drive innovation where it matters most.

Join the Mission at TeamStation AI!

Where do we come from? We are seeking visionaries, innovators, and problem solvers who thrive in fast-paced, collaborative environments. If you’re passionate about AI, technology, and solving critical challenges, we want to hear from you. Come be part of a team where your ideas can drive the future.


Location and Work Arrangement

Location: Latin America
Engagement: Part-time fractional contractor
Start: As soon as possible
Working style: Primarily written communication, structured deliverables, and short calls as needed

Introduction

A TeamStation AI partner in the social and community technology sector is seeking a Senior Fractional DevSecOps / Application Security Lead. You’ll establish the security foundation for an early-stage platform while helping a small development team build effectively without production access, cloud-administrator permissions, live credentials, customer data, or direct push access to main branches.

This is a hands-on leadership role for someone who can define the security strategy, implement practical controls, and guide developers—not simply produce an audit that spends the rest of its life in a folder.

What You’ll Do

  • Review the planned development workflow and create a practical, build-ready DevSecOps control plan.
  • Design secure development, staging, and production separation with appropriate sandbox and access-control models.
  • Establish least-privilege cloud roles, repository permissions, branch protections, pull-request approvals, and main-branch restrictions.
  • Define secrets-management processes and CI/CD guardrails for static analysis, dependencies, container images, vulnerabilities, and exposed secrets.
  • Recommend infrastructure-hardening, logging, auditing, and vulnerability-management practices across cloud resources and developer platforms.
  • Create onboarding and offboarding checklists, a security-review model for developers, and an implementation roadmap with estimates, assumptions, dependencies, and risks.

Tech Stack & Tools

Cloud and access control: AWS, AWS Identity and Access Management

Secrets-management experience: AWS Secrets Manager, AWS Systems Manager Parameter Store, HashiCorp Vault, or an equivalent platform

Accepted source-control experience: Bitbucket, GitHub, or GitLab

The detailed platform stack, architecture, and security design will be disclosed under NDA on a need-to-know basis.

What You Bring

  • Senior-level experience securing cloud applications and establishing DevSecOps practices.
  • Hands-on experience implementing branch protections, pull-request approval workflows, and separate development, staging, and production environments.
  • Proven ability to implement least-privilege AWS access controls and secure secrets-management processes.
  • Experience implementing CI/CD controls such as SAST, SCA, dependency scanning, image scanning, vulnerability detection, or secrets scanning.
  • Practical knowledge of secure application architecture, infrastructure hardening, security reviews, and vulnerability management.
  • Ability to review developers’ work, explain security concerns clearly, and produce useful plans, diagrams, access matrices, READMEs, and checklists.
  • Willingness to use company-owned accounts and provisioned sandboxes, track hourly work, document milestones, obtain approval for significant estimate changes, and secure written authorization before using AI tools or third-party automation with partner materials.

Bonus Points

These are preferences, not requirements. Candidates can qualify without them.

  • Experience establishing DevSecOps or application-security controls in banking, financial services, healthcare, or another regulated or security-sensitive industry.
  • Experience guiding a small development team in an early-stage, founder-led environment.

What’s in It for You

  • A part-time engagement expected to span approximately four to five months.
  • A clearly bounded initial discovery and planning phase expected to require 5–10 hours unless otherwise approved.
  • The opportunity to establish the security architecture, operating controls, and development practices for an early-stage platform.
  • Potential ongoing involvement in implementation, pull-request reviews, access governance, and developer security guidance.

Apply

If you know how to turn rigorous security expectations into controls that a development team can follow every day, we’d like to hear from you.