Senior DevSecOps Engineer

TL;DR

Senior DevSecOps Engineer (Cloud Security): Designing, implementing, and managing security solutions across the SDLC with an accent on automation, CI/CD pipelines, and robust API security measures. Focus on proactively identifying and remediating vulnerabilities, developing real-time security monitoring solutions, and leading compliance initiatives for cloud services.

Location: Remote. Must reside in countries within or similar to the CET timezone and already have a permit to work in that country.

Company

hirify.global is the world’s first eSIM store, a travel-tech company building digital services that revolutionize the telecom industry for global connectivity.

What you will do

• Design, implement, and manage security solutions across the SDLC, focusing on automation, CI/CD pipelines, and API security.
• Champion security best practices within engineering, DevOps, SRE, and IT teams, fostering a culture of shared responsibility.
• Proactively identify and remediate security vulnerabilities in applications, infrastructure, and cloud services through threat modeling and assessments.
• Develop and maintain security monitoring and alerting solutions to detect and respond to security incidents in real-time.
• Define and enforce secure coding standards, providing training and mentorship to development teams on DevSecOps principles.
• Lead compliance initiatives by contributing to security policies, controls, and audit readiness for SOC 2, ISO 27001, and GDPR.

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• 5+ years of experience in DevSecOps, Security Engineering, or a similar role with a strong focus on cloud security.
• 3+ years of hands-on experience with AWS services, including container orchestration, IAM, and security best practices.
• 2+ years of experience with Kubernetes, including securing clusters and deployments.
• Deep understanding and experience implementing/managing SAST, DAST, container security, and API security testing tools.
• Proficiency in at least one programming language (Python, Go, Java) for automation and tooling.
• Proficiency in infrastructure-as-code tools (e.g., Terraform) and CI/CD platforms (e.g., GitHub Actions, Jenkins).
• Excellent communication and collaboration skills.

Nice to have

• Relevant certifications (AWS Security Specialty, CISSP, CEH, Security+).
• Experience with AI-driven security tools for anomaly detection or Zero Trust principles.
• Experience in securing PHP (Laravel/Symfony) or JS (NuxtJS) applications.
• Proficiency in network security, firewall management, VPNs, and network segmentation.
• Experience in the telecommunications industry with knowledge of eSIM and GSMA technologies.

Culture & Benefits

• Remote-first work environment with a diverse team spread across 50+ countries.
• Health Insurance, work-from-anywhere stipend, annual wellness & learning credits.
• Annual all-expenses-paid company retreat in a gorgeous destination.
• Paid on-call rotation with standby fees and overtime pay.
• Delayed on-call start (no duties for first 6 months) and guaranteed rest periods.