Dev/Sec/Ops and Threat Engineering Specialist

Dev/Sec/Ops and Threat Engineering Specialist

Location: Remote (Global)

Offices: London, UK and Bellevue, WA

Employment Type: Full-time, ongoing hire

Company: SunCore Digital

Role Overview

SunCore Digital is strengthening its security and infrastructure foundation as we prepare for rapid scale across our global operations in London, Bellevue, and remote engineering hubs worldwide. We are hiring a Senior Dev/Sec/Ops and Threat Engineering Specialist who can blend DevOps, security engineering, penetration testing, and threat modeling into a unified, proactive security posture.

This role will work closely with engineering, product, design, marketing, operations, and compliance teams to secure our cloud environments, automate infrastructure, support our web and mobile app ecosystem, and ensure our systems remain resilient as we scale. You will also support the secure build-out of SunCore’s dashboard, mobile app, and KYC‑compliant sales flow.

Key Responsibilities

Dev/Sec/Ops and Infrastructure

• Build, maintain, and secure CI/CD pipelines for staging and production environments using GitHub

• Implement infrastructure-as-code and secure configuration management

• Harden cloud environments (DigitalOcean and other providers) for scale, reliability, and security

• Manage SSL/TLS certificates, DNS, and Cloudflare configurations

• Migrate and secure infrastructure components, including SiteGround to DigitalOcean transitions

• Optimize deployment workflows to reduce downtime and improve release reliability

• Support secure architecture for SunCore’s web platform, dashboard, and mobile app (Flutter)

Security Engineering

• Conduct regular penetration testing across applications, APIs, cloud infrastructure, and mobile components

• Perform threat modeling for new features, integrations, and system changes

• Monitor, identify, and remediate vulnerabilities using Dev/Sec/

Ops best practices

• Implement access control policies, secrets management, and API security standards

• Lead incident response planning, tabletop exercises, and recovery strategies

• Build automated security checks into CI/CD pipelines

• Ensure SOC2‑level security readiness, including SHA‑256 secure login and audit preparation

API and Third‑Party Integrations

• Secure and support integrations with: Binance, WhatToMine, Trulioo, Stripe, BitPay, , Docusign, OKTA, Zendesk

• Ensure secure CRM migration and workflows, including HubSpot CRM, Zapier automations, and web‑to‑lead flows

• Support secure onboarding and identity verification workflows across the KYC‑compliant sales flow:

Info → Product Overview → KYC → Payment → Contract → Secure Dashboard Access

Cross‑Functional Collaboration

• Work with UI/UX and digital marketing agencies to ensure secure implementation of design and content

• Partner with engineering leadership to establish best practices for code reviews, documentation, testing, and security

•Collaborate with compliance and operations to ensure regulated‑environment readiness

Qualifications

Required

• 3–6 years in DevOps, Security Engineering, or DevSecOps

• Hands-on experience with CI/CD tools such as GitHub Actions or Jenkins

• Strong knowledge of cloud infrastructure, Docker, Linux, and networking

• Experience with Cloudflare, SSL/TLS, DNS, and IAM/SSO systems like OKTA

• Familiarity with Trulioo or similar KYC/identity verification tools

• Experience with penetration testing tools and methodologies

• Ability to perform threat modeling and security risk assessments

• Strong understanding of secrets management, access control, and API security

• Experience supporting secure API integrations across multiple third‑party systems

• Excellent communication and documentation skills

• Ability to work independently in a fast-paced, async, global environment

Preferred

• Certifications such as OSCP, CEH, Security+, AWS/GCP Certified Security Engineer

• Experience in fintech, blockchain, or regulated industries

• Background in digital identity verification or secure user onboarding

• Experience in scale-up or startup environments

• Familiarity with Flutter, Node.js, Python, and secure mobile app architecture

Compensation

• Negotiable based on location

• Deferred to 60 days post MVP launch

• Role transitions into a permanent hire thereafter

Why Join SunCore Digital

• High-impact role shaping the security foundation of a rapidly scaling digital company

• Fully remote team with async flexibility and optional collaboration in London or Bellevue

• Direct partnership with executive leadership and top-tier engineering, marketing, and design partners

• Competitive compensation with performance upside