DevOps / Security Engineer

About Us

GL.iNet is a global leader in networking solutions, specializing in OpenWrt-based travel routers, IoT gateways, and secure networking devices. Our products are sold in over 120 countries, with partners including AT&T, Toyota, and ExpressVPN.

We are expanding our U.S. engineering team in Northern Virginia and building a next-generation platform that connects embedded systems with cloud infrastructure at scale.

Role Overview

We’re looking for a DevOps / Security Engineer to own the security, reliability, and infrastructure behind our cloud platforms and firmware ecosystem.

This role sits at the intersection of DevOps, cloud security, and IoT systems, and is critical to:

• Supporting our GoodCloud device management platform
• Building CI/CD pipelines across US & China teams
• Driving security compliance (FCC, NIST, etc.)

You’ll be a key contributor to both engineering velocity and product security.

What You’ll Do

Cloud Platform Security

• Own security operations across cloud services hosted in the U.S.
• Build and maintain threat detection, monitoring, and incident response systems
• Conduct security assessments and penetration testing
• Manage IAM, access control, and secrets management
• Ensure compliance with U.S. privacy and security standards

DevOps & CI/CD

• Design and maintain CI/CD pipelines across distributed engineering teams (US + China)
• Implement automated security testing (SAST, DAST, dependency scanning)
• Manage infrastructure using Infrastructure as Code (Terraform, CloudFormation, etc.)
• Build monitoring, logging, and alerting systems
• Support firmware build pipelines for embedded systems

Firmware Security & Compliance

• Establish firmware security and compliance workflows aligned with FCC requirements
• Manage vulnerability disclosure and patch management
• Coordinate with global teams on security updates and CVE fixes
• Support regulatory submissions and documentation

Compliance & Documentation

• Implement controls aligned with NIST / SOC2 frameworks
• Maintain documentation for audits and regulatory reviews
• Track and report security metrics and compliance status

What We’re Looking For

Experience

• 6+ years in DevOps, Platform Engineering, or Security Engineering
• 3+ years hands-on experience in cloud security or DevSecOps
• Experience with IoT platforms or device management systems (strong plus)
• Exposure to regulatory environments (FCC, SOC2, NIST) preferred

Technical Skills

• Strong experience with AWS, GCP, or Azure
• CI/CD tools: GitHub Actions, GitLab CI, Jenkins
• Infrastructure as Code + containers: Terraform, Docker, Kubernetes
• Solid understanding of:
  • Network security
  • VPN technologies
  • Secure communication protocols
  • Linux system administration & security hardening

Language & Collaboration

• Mandarin Chinese preferred (for collaboration with China-based R&D teams)
• Comfortable working across global teams and time zones

Benefits

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Parental leave
• Vision insurance

Work Location

Hybrid remote in Chantilly, VA 20151