DevSecOps - PKI Specialist
Zoox
Foster City, CA, USA
USD 160k-204k / year + Equity
Posted on Jun 5, 2025
Zoox is seeking a highly skilled and motivated DevSecOps Engineer with a strong specialization in Public Key Infrastructure (PKI), robust experience with Terraform, proficiency in Golang, and deep familiarity with hybrid environments spanning multiple operating systems. This role is critical to securing our infrastructure, enabling streamlined automation, and ensuring the integrity of access controls across complex cloud and on-prem environments.
This position on the Cyber Security team is responsible for designing, developing and maintaining Public Key Infrastructure (PKI) solutions at Zoox. This role will be responsible for all aspects of our PKI solutions, which include managing and maintaining the services that encompass the identities of machines, employees, vendors, and customers. The ideal candidate will be capable of engineering and delivering both enterprise and consumer focused solutions associated with PKI.
In this role, you will:
- Work with Developers and Engineers to improve their security posture for credential and key lifecycle management.
- Communicate and collaborate with other teams, both technical and non-technical, to adopt optimized identity-related solutions
- Contribute to enhancing the team's technical and organizational structure; serve as a role model to others
- Define, design and develop methods to improve PKI operational procedures through Terraform deployments and automation.
- Propose and implement solutions to unify security policies on-prem and across hybrid Cloud environments
Qualifications:
- 3–5+ years in DevSecOps, PKI Engineering, or related engineering roles.
- In-depth knowledge of PKI design principles, standards and best practices across hybrid environments.
- Strong experience with Terraform, including module development and environment provisioning.
- Proficiency in Golang and/or Python for backend development, scripting, and automation tasks.
- Solid understanding of Linux, Windows, and container-based OS environments.
Bonus Qualifications:
- Background in threat detection, incident response, or secure systems design is highly desirable
- Knowledge of AWS Cognito, Hashicorp Vault, AWS Secrets Manager
- Familiarity with Kubernetes, Helm, and GitOps principles
Compensation
There are three major components to compensation for this position: pay, Amazon Restricted Stock Units (RSUs), and Zoox Stock Appreciation Rights. The pay range for this position is $160,000 to $204,000. A sign-on bonus may be offered as part of the compensation package. Compensation will vary based on geographic location and level. Leveling, as well as positioning within a level, is determined by a range of factors, including, but not limited to, a candidate's relevant years of experience, domain knowledge, and interview performance. The pay range listed in this posting is representative of the range of levels Zoox is considering for this position.
Zoox also offers a comprehensive package of benefits including paid time off (e.g. sick leave, vacation, bereavement), unpaid time off, Zoox Stock Appreciation Rights, Amazon RSUs, health insurance, long-term care insurance, long-term and short-term disability insurance, and life insurance.