DevSecOps Lead

 About the team:

The DevSecOps team helps infra and CI/CD teams to secure our networks, operating systems, containers, pipelines and code. We are part of the Security team with a mission of protecting and assuring our blockchain and products, bolstering their resilience against potential cyber threats.

About the position:

• Advising Infra Engineering and IT teams on security topics and supporting their work from the security standpoint — maintaining things practical using a risk-based approach with a focus on following areas
• Automation of security controls, security hardening of the developer and IaC processes (building, testing, release), supply chain security (part of the build process), related metrics and monitoring/audits
• Network, Vm & container image and  system hardening, Cloud issues and misconfigurations 
• Endpoint Security, Infrastructure Identity and Access Management, SIEM, Threat intelligence, common misconfigs (DNS, email, networking, etc.)

• Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests.
• Picking tools, methods and approaches to maintain and improve the security stance of the company. (And we have a strong preference towards FOSS tooling when possible)
• Writing company-wide security standards and guidelines, as well as tools and automation to enable their deployment.
• Mentoring other team members on all matters related to security and IT and infrastructure engineering.

About you:

• Ability to lead a team of skilled DevSecOps professionals, you should have experience of leading and growing a team.
• Used to partner with multiple teams in order to tackle issues including clarifying requirements, communicating and convincing them 
• Comfortable with a Linux-based tech stack (managed VMs, SSH, VPNs, firewalls,)
• Experience with Kubernetes (incl. managed), Terraform, Ansible, Github, Gitlab,, ArgoCD, Image registries
• Experience with various cloud platforms including, Google Cloud, non-managed providers
• We’d love it if you had an understanding of blockchain tech and associated tooling (wallets, keys, RPC nodes and indexers etc.)

About working for us:

• Competitive remuneration packages based on iterative market research, including tokens (where legally possible)
• “Future of work” environment that’s remote-first and self-initiating with flexible hours
• Team mates that are genuinely excited about their impact and projects
• Access to the brightest minds in this space to learn about Web3 and develop your skills and knowledge while on the job
• Becoming part of the wider ecosystem (career and networking opportunities)
• Team and company-wide retreats
• Work laptop