DevSecOps Engineer

We are seeking a hands-on Cloud Security Engineer to help secure the infrastructure and platforms that power our global Fin-Tech systems. In this role, you will work at the intersection of cloud infrastructure, security engineering, and DevSecOps to identify attack surfaces, strengthen security guardrails, and embed security directly into our engineering workflows.

Requirements

• 4–8 years of experience in cloud security, DevSecOps, security engineering, or related roles involving infrastructure and application security.
• Strong understanding of applied cryptography and ability to choose the right security tools, techniques, and approach for securing systems from a variety of threats.
• Strong hands-on experience securing AWS environments including IAM policies, networking controls, access management, logging, and infrastructure hardening.
• Practical experience working with Kubernetes and containerized environments, including securing container images, workloads, and cluster configurations.
• Experience integrating security controls into CI/CD pipelines and development workflows, including automated vulnerability scanning and dependency security checks.
• Ability to write automation and security tooling using scripting or programming languages such as Python, Go, or similar.
• Familiarity with Infrastructure-as-Code tools such as Terraform and an understanding of securing infrastructure configurations and deployment pipelines.
• Experience identifying and remediating cloud security risks such as excessive IAM permissions, exposed services, insecure secrets management, and vulnerable infrastructure components.
• Understanding of common cloud and application security threats including privilege escalation, credential leakage, network exposure, and supply chain vulnerabilities.
• Strong problem-solving mindset with the ability to think adversarially about systems and proactively identify potential attack paths.
• Excellent collaboration and communication skills (verbal as well as written) with the ability to work closely with engineering teams and other stakeholders to improve security posture without slowing development velocity.
• Bonus experience includes security research, penetration testing, bug bounty participation, building internal security tooling, or contributions to security-focused open-source projects.
• Bonus abilities include ability to lead and mentor a team, and ability to drive complex projects spanning code bases, systems, and people.

Benefits

• Competitive salary and equity package
• Flexible work setup
• Paid Health Insurance
• Paid time off
• Paid parental leave
• Annual professional development budget
• Team meals and social events