DevSecOps Engineer (Fintech)

TL;DR

DevSecOps Engineer (Fintech): Enhancing application and infrastructure security by implementing preventative controls and identifying risks through automated and manual testing with an accent on SAST/DAST/SCA integration and threat modeling. Focus on building secure-by-design architectures, conducting penetration tests on internal applications, and collaborating with DevOps teams to remediate vulnerabilities.

Location: Limassol, Cyprus

Company

hirify.global is a global financial institution providing asset servicing and operational solutions for large public and private funds.

What you will do

• Foster a secure-by-design approach across the business as a security champion.
• Manage application security platforms, including the implementation of SAST/SCA and automated DAST solutions.
• Conduct threat modeling and review application architectures to identify risks early in the SDLC.
• Perform penetration testing on internally developed applications and assess third-party vendor security.
• Provide remediation guidance to engineers and validate the resolution of security issues.
• Coordinate and arrange external penetration testing assessments.

Requirements

• Experience in application security focusing on red, blue, or purple team activities.
• Proficiency in one or more languages: Python, JavaScript, .NET, or Java.
• Hands-on experience with DAST tools (Burp Suite, OWASP Zap) and SAST/SCA tools (Snyk, Veracode, Checkmarx).
• Strong understanding and experience testing both REST and GraphQL APIs.
• Experience with development tools including GitLab/GitHub, Datadog, Jira, and Docker.
• Well-rounded knowledge of the Software Development Life Cycle (SDLC) and agile methodologies.

Nice to have

• Experience in the financial sector or another heavily audited industry.
• Knowledge of AWS services such as WAF and Cognito.
• Experience working with Infrastructure as Code, Kubernetes, and Containers.
• Familiarity with auth mechanisms like Open ID Connect, OAuth, and identity providers.
• Experience creating custom CI/CD pipeline jobs for security reviews or scans.

Culture & Benefits

• Opportunity to work within one of the world's largest financial groups.
• Vibrant corporate culture with a connected team environment.
• Strong emphasis on innovation and client focus.
• Access to next-level learning and development opportunities.