Cloud Security Engineer (DevSecOps)

  • 160,000-$220,000 / year + Profit sharing (0.25 - 0.5%) USD
  • London, England, United Kingdom London England GB
  • 3-5 yrs
  • International Digital Assets Exchange Ltd
  • 10 Aug 18 2018-08-10

Interdax is building a 3rd generation digital asset exchange. Our team comes from top HFTs and exchanges like Nasdaq and NYSE, as well as from well known firms in the blockchain space. We are a well-funded project (8-figure sum) currently operating in stealth mode.

In this role you will be responsible for automated security as well as contributing to overall site reliability. This is a hands-on position and requires technical security proficiency within the AWS ecosystem. As a DevSecOps specialist, you will work closely with DevOps, SRE and other engineering teams, designing and implementing security automation best practices in a cloud native environment. Candidates must be experienced in the prevention and remediation of security vulnerabilities for a consumer-facing application running on AWS.

Responsibilities

  • Apply Security-as-Code principles across the board
  • Champion container security, on-boarding and integrating security controls in various cloud native components (Kubernetes, Linkerd/Istio, Cilium, etc).
  • Investigate and resolve security and policy violations by providing postmortem analysis, identify causes, develop solutions and preventive measures
  • Implement security features and monitoring tools, performing periodic security assessments
  • Develop automated security and compliance capabilities in support of DevOps processes
  • Work with the Security team to mature and maintain security procedure and tools
  • Provide support, coaching and mentoring for teammate's work activities on a regular basis.
  • Create security focused dashboards in Kibana or similar to provide high value insights
  • Take responsibility for creating design specifications, unit testing, and prepare technical documentation.

Requirements

  • 3+ years experience in a hands-on cloud information security role
  • Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, EC2, Config, CloudTrail, CloudFormation, Lambda, and others.
  • Strong practical Linux based systems administration skills and scripting experience in a Cloud based environment
  • Working knowledge of IP networking, VPNs, DNS, load balancing and firewalling
  • Experience with IDS/IPS systems (Snort, Suricata or similar)
  • Secrets Management such as Hashicorp Vault or AWS KMS
  • Ability to code algorithms for spotting suspicious activity in system and application logs
  • Familiarity with AWS security monitoring tools (CloudTrail, CloudWatch, Kinesis)
  • Experience using WAF tools like AWS Shield/WAF or Cloudflare
  • Hands on experience mitigating DDOS attacks
  • Experience with PKI and PGP
  • Experience in performing security vulnerability assessments
  • Experience working in a regulated environment such as PCI or SOX

Bonus Points

  • An interest in financial markets and cryptocurrencies.
  • Experience running cryptocurrency nodes (Bitcoin, Ethereum, etc)
  • Experience with HSMs

Compensation and perks

  • Competitive salary ($160,000-$220,000 / year)
  • Profit sharing (0.25 - 0.5%)
  • Fully remote
  • Flexible work hours
  • Unlimited vacation policy
  • Startup culture
  • Team getaways