DevSecOps Engineer

At Yuno, we are building the payment infrastructure that enables all companies to participate in the global market. Founded by a team of seasoned experts in the payments and IT industries, Yuno provides a high-performance payment orchestrator. Our technology offers companies access to leading payment capabilities, allowing them to engage customers confidently and maintain global business operations with seamless payment integrations worldwide.

As a DevSecOps Engineer at Yuno, you will be responsible for embedding security by default across our development and operations workflows. In this role, you will work closely with Engineering and DevOps teams to design, implement, and maintain secure cloud infrastructure, CI/CD pipelines, and containerized environments. You will play a key role in strengthening our security posture across AWS and GCP, automating security controls through infrastructure as code, and ensuring compliance with industry standards such as PCI DSS and SOC 2, enabling Yuno to scale securely in the global payments ecosystem.

• Design, implement, and maintain security controls integrated into the SDLC, CI/CD pipelines, and cloud environments, ensuring security by default across development and operations.

• Collaborate closely with Engineering and DevOps teams to secure cloud infrastructure, Kubernetes clusters, and containerized workloads.

• Implement and maintain security configurations in AWS and GCP (e.g., IAM, WAF, GuardDuty, Security Groups), continuously strengthening the cloud security posture.

• Automate security processes and controls using scripting and infrastructure as code to improve efficiency and scalability.

• Ensure DevSecOps practices align with compliance frameworks such as PCI DSS, ISO 27001/27701, and SOC 2, supporting audits and internal security assessments.

• Explore and evaluate emerging technologies and architectures (e.g., Kubernetes enhancements, AI integrations) to ensure secure adoption.

• 4+ years of hands-on experience in DevSecOps, security engineering, or similar technical security roles.

• Strong experience integrating security controls into CI/CD pipelines and development workflows.

• Solid knowledge of AWS and GCP and its security services (e.g., IAM, WAF, GuardDuty, Security Hub, Security Groups).

• Experience with containerization and orchestration technologies such as Docker and Kubernetes.

• Hands-on experience with infrastructure as code (e.g., Terraform, CloudFormation).

• Proficiency in programming or scripting languages such as Python and/or Golang.

• Practical experience applying compliance frameworks (e.g., PCI DSS, ISO 27001/27701, SOC 2) to cloud and CI/CD environments.

• Strong problem-solving skills and the ability to collaborate effectively with cross-functional teams.

• Verbal and written English fluency.

• Experience with application security testing and familiarity with OWASP Top 10.

• Experience with security automation and internal tooling.

• Familiarity with observability, logging, and monitoring tools in cloud environments.

• Security certifications (e.g., AWS Certified Security – Specialty, Security+, CISSP, OSCP).

• Competitive Compensation

• Remote work - You can work from everywhere!

• Home Office Bonus - We offer a one time allowance to help you create your ideal home office.

• Work equipment

• Stock options

• Health Plan wherever you are

• Flexible Days off 

• Language, Professional and Personal growth courses