DevSecOps Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
Jeeves is a groundbreaking financial operating system built for global businesses that provides corporate cards, cross-border payments, and spend management software within one unified platform. The company operates across 20+ countries including Brazil, Canada, Chile, Colombia, Mexico, the United Kingdom, across Europe, and the United States, and serves over 5,000 clients ranging from venture-backed startups to SMBs around the world. With a mission to empower businesses with more efficient and cost-effective financial solutions worldwide, Jeeves combines cutting-edge financial technology with exceptional team expertise to transform the business financial landscape. Jeeves has been recognized as one of The Information's 50 Most Promising Startups in 2023, as well as a Y Combinator Top Company 2021-2023 and won “Fintech of the Year' at the European Fintech Awards.
Since graduating from Y Combinator in 2020, Jeeves has successfully raised over $380 million and is backed by top world-class investors including Andreessen Horowitz, Y Combinator, CRV, Tencent, Stanford University, Clocktower Ventures, and founders of more than 15 unicorns including David Velez (Nubank), Carlos Garcia (Kavak) and Sebastián Mejía (Rappi).
Job Description:
We seek a skilled and experienced DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will work closely with the CISO to ensure our cloud infrastructure's security, availability, and performance. Your primary focus will be integrating security practices into the infrastructure and secure software development and deployment lifecycle, leveraging AWS services and best practices.
Eligibility Criteria
Bachelor's Degree in Computer Science or equivalent.
Must: 5+ years of applied cloud security knowledge of AWS.
5+ years Experience of reviewing production code and fixes for multiple codebases in Node.js
2+ years of experience investigating the impact of cloud security engineering issues and incidents
Fluent in English
Responsibilities:
Design, implement and maintain secure cloud architecture solutions on AWS, including API security, ensuring compliance with industry best practices, while taking under consideration business needs and constraints.
Collaborate with development and operations teams to integrate security practices into the software development lifecycle (SDLC), including continuous integration/ continuous deployment (CI/CD) pipelines.
Conduct security assessments and vulnerability scans on cloud infrastructure and applications.
Develop and implement security policies, standards, and procedures, ensuring proper access controls, encryption, and data protection.
Monitor and analyse logs and alerts to detect and respond to security incidents, implementing incident response plans.
Automate security processes and tasks using scripting languages, AWS CloudFormation, and infrastructure-as-code (IaC) tools.
Stay up-to-date with the latest security features, tools, and industry trends, providing recommendations for enhancing security posture.
Collaborate with cross-functional teams to define and implement security requirements for new projects and initiatives.
Provide guidance and support to development teams in implementing secure coding practices and conducting security testing.
Knowledge of conducting security checks (application vulnerability analysis and security component analysis).
Lead projects and ongoing support of security operations.
What you bring:
Solid experience in designing, implementing, and securing cloud environments, including services such as EC2, S3, RDS, IAM, VPC, and CloudTrail.
Strong understanding of DevOps methodologies and experience with CI/CD pipelines and tools (e.g., Jenkins, GitHub, SonarQube).
In-depth knowledge of cloud security best practices, industry standards, and compliance frameworks (e.g., NIST, CIS, ISO 27001).
Proficiency in scripting languages such as Python, Bash, Groovy.
Experience with Infrastructure-as-Code (IaC) tools like AWS CloudFormation or Terraform.
Familiarity with security scanning and monitoring tools, such as AWS Security Hub, GuardDuty, Inspector, or third-party solutions.
Strong understanding of network security concepts, including firewalls, VPNs, and secure network architectures.
Knowledge of secure coding practices and experience with application security testing tools (e.g., SAST, DAST, fuzzing, and secure coding patterns).
Excellent problem-solving skills and ability to work collaboratively in a team-oriented environment.
Participate in incident handling and other related duties to support the information security function.
The ability to learn and apply new concepts quickly.
Strong written and oral communication skills
Additional certifications preferred:
Relevant certifications such as AWS Certified Security – Specialty, Certified DevOps Engineer, or other security-related certifications are a plus.
Certified Ethical Hacker, Certified Secure Software Lifecycle Professional.
Certified Information Security Professional (CISSP)
Join our team and contribute to building secure and scalable cloud infrastructure.
Apply now and be part of our innovative and cutting-edge projects.
DevSecOps Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
Jeeves is a groundbreaking financial operating system built for global businesses that provides corporate cards, cross-border payments, and spend management software within one unified platform. The company operates across 20+ countries including Brazil, Canada, Chile, Colombia, Mexico, the United Kingdom, across Europe, and the United States, and serves over 5,000 clients ranging from venture-backed startups to SMBs around the world. With a mission to empower businesses with more efficient and cost-effective financial solutions worldwide, Jeeves combines cutting-edge financial technology with exceptional team expertise to transform the business financial landscape. Jeeves has been recognized as one of The Information's 50 Most Promising Startups in 2023, as well as a Y Combinator Top Company 2021-2023 and won “Fintech of the Year' at the European Fintech Awards.
Since graduating from Y Combinator in 2020, Jeeves has successfully raised over $380 million and is backed by top world-class investors including Andreessen Horowitz, Y Combinator, CRV, Tencent, Stanford University, Clocktower Ventures, and founders of more than 15 unicorns including David Velez (Nubank), Carlos Garcia (Kavak) and Sebastián Mejía (Rappi).
Job Description:
We seek a skilled and experienced DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will work closely with the CISO to ensure our cloud infrastructure's security, availability, and performance. Your primary focus will be integrating security practices into the infrastructure and secure software development and deployment lifecycle, leveraging AWS services and best practices.
Eligibility Criteria
Bachelor's Degree in Computer Science or equivalent.
Must: 5+ years of applied cloud security knowledge of AWS.
5+ years Experience of reviewing production code and fixes for multiple codebases in Node.js
2+ years of experience investigating the impact of cloud security engineering issues and incidents
Fluent in English
Responsibilities:
Design, implement and maintain secure cloud architecture solutions on AWS, including API security, ensuring compliance with industry best practices, while taking under consideration business needs and constraints.
Collaborate with development and operations teams to integrate security practices into the software development lifecycle (SDLC), including continuous integration/ continuous deployment (CI/CD) pipelines.
Conduct security assessments and vulnerability scans on cloud infrastructure and applications.
Develop and implement security policies, standards, and procedures, ensuring proper access controls, encryption, and data protection.
Monitor and analyse logs and alerts to detect and respond to security incidents, implementing incident response plans.
Automate security processes and tasks using scripting languages, AWS CloudFormation, and infrastructure-as-code (IaC) tools.
Stay up-to-date with the latest security features, tools, and industry trends, providing recommendations for enhancing security posture.
Collaborate with cross-functional teams to define and implement security requirements for new projects and initiatives.
Provide guidance and support to development teams in implementing secure coding practices and conducting security testing.
Knowledge of conducting security checks (application vulnerability analysis and security component analysis).
Lead projects and ongoing support of security operations.
What you bring:
Solid experience in designing, implementing, and securing cloud environments, including services such as EC2, S3, RDS, IAM, VPC, and CloudTrail.
Strong understanding of DevOps methodologies and experience with CI/CD pipelines and tools (e.g., Jenkins, GitHub, SonarQube).
In-depth knowledge of cloud security best practices, industry standards, and compliance frameworks (e.g., NIST, CIS, ISO 27001).
Proficiency in scripting languages such as Python, Bash, Groovy.
Experience with Infrastructure-as-Code (IaC) tools like AWS CloudFormation or Terraform.
Familiarity with security scanning and monitoring tools, such as AWS Security Hub, GuardDuty, Inspector, or third-party solutions.
Strong understanding of network security concepts, including firewalls, VPNs, and secure network architectures.
Knowledge of secure coding practices and experience with application security testing tools (e.g., SAST, DAST, fuzzing, and secure coding patterns).
Excellent problem-solving skills and ability to work collaboratively in a team-oriented environment.
Participate in incident handling and other related duties to support the information security function.
The ability to learn and apply new concepts quickly.
Strong written and oral communication skills
Additional certifications preferred:
Relevant certifications such as AWS Certified Security – Specialty, Certified DevOps Engineer, or other security-related certifications are a plus.
Certified Ethical Hacker, Certified Secure Software Lifecycle Professional.
Certified Information Security Professional (CISSP)
Join our team and contribute to building secure and scalable cloud infrastructure.
Apply now and be part of our innovative and cutting-edge projects.