DevOps Security Contractor

Upwave: The Brand Outcomes Measurement Platform

Upwave is a leading measurement company entirely focused on measuring and optimizing upper funnel campaigns.. The world’s leading advertisers, agencies, and media partners trust Upwave’s robust, AI-driven platform to bring science to the top of the funnel.

With Upwave, marketers maximize the effectiveness of brand spend. Upwave measures Brand Lift, validates Brand Reach, and surfaces Brand Optimization opportunities in one, dynamic platform with cross-channel brand measurement for CTV, Digital, Social, Linear, Addressable, Retail Media, Streaming Audio and more.

We’re a profitable, growth-stage company backed by leading venture investors (Y Combinator, Uncork Capital, Bloomberg Beta, Initialized Capital, PivotNorth, Ridge Ventures, Industry Ventures, Conductive Ventures,) and leading AdTechfounders & CEOs.

We’re a humble but ambitious team that takes its work seriously but never ourselves. Come join us.

DevOps Security Contractor (Part-Time | 10–20 hrs/month)

We are seeking an experienced DevOps + Security Contractor to provide ongoing guidance, system review, and hands-on support as needed. This role is ideal for a senior-level expert who can help ensure our infrastructure, systems, and processes follow modern security best practices while remaining lightweight and scalable.

What You’ll Do

Provide ongoing DevOps and security guidance to engineering and leadership

Review current infrastructure (cloud, CI/CD, access controls) and recommend improvements

Conduct periodic security audits and risk assessments

Advise on and help implement best practices across cloud security, IAM, and data protection

Support incident response for security-related events, as well as helping refine our incident response procedures

Review and strengthen deployment pipelines and system architecture

Assist with security tooling selection and implementation (monitoring, alerting, vulnerability scanning)

Help ensure alignment with SOC 2 and general compliance standards

Partner with engineering on secure system design and new builds when needed

Document recommendations and maintain lightweight security playbooks

What We’re Looking For

15+ years in DevOps, Cloud Infrastructure, or Security Engineering

Strong experience with AWS platform

Deep understanding of:

Infrastructure security & hardening

Identity & access management (IAM)

CI/CD security

Incident response and monitoring

Experience supporting SOC 2 or similar compliance frameworks

Ability to operate independently in a low-hour, high-impact capacity

Strong communication skills—able to translate risk into practical action

Engagement Details

Time Commitment: ~10–20 hours per month

Structure: Ongoing advisory + potential on-call support for incidents

Flexibility: Async-friendly, with occasional scheduled check-ins. You’ll be working with a California-centric team, so must have at least 2-3 hours of overlap with standard PST working hours.

Scope: Strategic guidance + light hands-on execution as needed

Apply To This Job