DevSecOps Engineer

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talented team.

Responsibilities:

• Designing Secure CI/CD Pipelines: Develop and maintain automated CI/CD pipelines (preferable Gitlab) with a focus on security best practices, including SAST/DAST/SCA, vulnerability assessment
• Infrastructure Security: Implement and maintain infrastructure as code using Terraform / CloudFormation / Ansible, ensuring secure configuration and compliance with industry standards and regulatory requirements
• Security Monitoring and Incident Response: Set up and manage security monitoring tools to detect and respond to security incidents promptly. Develop incident response playbooks and collaborate with relevant teams to address security incidents effectively
• Security Compliance: Ensure compliance with industry regulations (PCI DSS, GDPR, local financial regulation) and internal security policies. Conduct regular security assessments and audits to identify and address compliance gaps
• Security Tooling and Automation: Evaluate, deploy, and manage security tools and technologies to automate security processes and enhance overall security posture. Continuously research and stay updated on emerging threats and security trends.
• Secrets Management: Design, implement, and maintain robust secrets management solutions and processes using Hashicorp Vault and AWS SM / KMS
• Collaboration and Knowledge Sharing: Work closely with development, operations, and product teams to embed security into the software development lifecycle. Provide security training and guidance to team members to increase awareness and promote a security-first culture. Maintain comprehensive documentation and playbooks for configuring, operating, and troubleshooting security solutions
• Risk Management: Participate in risk assessments and threat modelling exercises to identify potential security risks and vulnerabilities. Develop and implement risk mitigation strategies to minimise exposure to security threats

• Proven experience in DevOps, software engineering, or related roles, with a focus on security
• Hands-on experience with cloud platforms (AWS, Azure, GCP), containerisation technologies (Docker, Kubernetes), configuration management (Ansible)
• Proficiency in scripting and automation using languages such as Python or Bash
• Strong understanding of security principles, protocols, and standards (e.g., OWASP Top 10, NIST Cybersecurity Framework, CIS Benchmarks)
• Experience with security testing tools (e.g., Tryvi, Prowler, ScoutSuite, SonarQube, OWASP ZAP, Nessus) and vulnerability management processes
• Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment
• Knowledge of financial industry regulations and compliance requirements is a plus
• Demonstrated ability to adapt to a fast-paced, dynamic environment and drive initiatives independently
• Business level proficiency in English or above (equivalent to B2 or above in CEFR)

• Competitive Salary: We believe great work deserves great pay! Your skills and talents will be rewarded with a salary that makes you feel valued and motivated.
• Work-Life Harmony: Join a company that genuinely cares about you - because your life outside of work matters just as much as your time on the clock.
• Annual Performance Bonus: Your hard work doesn't go unnoticed! Celebrate your achievements with a well-deserved annual bonus tied to your performance.
• Generous Time Off: Need a breather? Our annual leave policy lets you recharge and enjoy life outside of work without a worry.
• Employee Referral Program: Love working here? Share the love! Bring your talented friends on board and get rewarded for growing our awesome team.
• Comprehensive Health & Pension Benefits: From medical insurance to pension plans, we've got your back. Plus, location-specific benefits and perks!
• Workation Wonderland: Live your digital nomad dreams with 30 extra days to work remotely from anywhere in the world (some restrictions apply). Adventure awaits!
• Volunteer Days: Make a difference! Take two additional paid days each year to support causes you care about and give back to the community.

Be a key player at the forefront of the digital assets movement, propelling your career to new heights! Join a dynamic and rapidly expanding company that values and rewards talent, initiative, and creativity. Work alongside one of the most brilliant teams in the industry.

#LI-Remote OR #LI-Hybrid
Department Security Locations London, United Kingdom, Vilnius, Lithuania, Sofia, Bulgaria, Limassol, Cyprus Working options Hybrid, Remote, In-office