Our client is an innovative, hugely successful digital asset platform, providing prime brokerage, custody, exchange, and SaaS services for institutional clients worldwide. As they expand their global operations, they’re looking for high-performing and dynamic individuals to join the growing team, working on a greenfield data platform.
As they expand their global operations, they require a DevSecOps engineer who enjoys a collaborative, transparent working environment, knows what good looks like, and wants to work in a cutting edge field. The successful candidate will join the cross-functional product team to deliver new products, or be part of the platform team building reusable components.
- Provide a security focus on the build and management of modern, automated, cloud native, continuously delivered infrastructure and application pipelines
- Work closely with other DevOps engineers to ensure security best practices are built-in during product and tooling development not added afterwards
- Define the standards that ensure what's produced is compliant with regulatory rules such as SOC2, MAS, PCI etc
- Understand existing infrastructure as code; pro-actively contribute to improvements with a focus on enhancing the security stance - whether this is via controls or automation
- Collaborate closely with development teams to ensure the firm are combining security on both the infrastructure and application stacks and codebases
- Identify new tooling that increases the firm's security levels and reduces toil across the teams
- Work closely with the Security team to ensure threats or vulnerabilities are identified, managed and mitigated across the Cloud and Infrastructure estate
Technical Experience and Qualifications Required:
- Passion for both Security and Devops and enjoys working on merging them together
- Strong knowledge of AWS architecture and security - Network design, WAF, VPNs, API GW’s
- Self-starter, capable of working without direction and able to deliver projects from scratch within, at times, unstructured environments
- Experience with securing CICD pipelines and automated approvals
- Hands-on ability with IaC Cloud build and management tools particularly focused on security best practices and approaches
- Container security - knowledge of container security management and scanning
- Data management - knowledge of control and masking of sensitive data in the cloud
- Privileged Access Management - knowledge of designing and implementing controls
- Financial services background or similar useful, especially with regard to security, compliance and audit
Apply for this role
All fields marked with * are required.