DevSecOps Engineer

About the Opportunity 

DevSecOps Engineer specializes in designing and implementing secure infrastructure architecture within our multi-cloud environment. This role focuses on building security-first infrastructure solutions, threat detection systems, and compliance frameworks across AWS and Alibaba Cloud platforms.

Where You Will Make a Difference 

• Design and implement secure multi-cloud infrastructure using Terraform/Terragrunt with security best practices
• Design and implement secure CI/CD pipeline infrastructure with SAST/DAST integration and security gates
• Architect and deploy Azure Sentinel SIEM infrastructure with Logic Apps for automated incident response
• Build and maintain Cloudflare Zero Trust network architecture, tunnels, and security policies
• Develop Infrastructure as Code templates for secure Kubernetes clusters with network policies and RBAC
• Implement comprehensive secrets management infrastructure using AWS Secrets Manager and HashiCorp Vault
• Design security monitoring infrastructure with centralized logging using ELK stack and FluentBit
• Build automated vulnerability scanning infrastructure and remediation workflows
• Implement database security hardening for MySQL, PostgreSQL, and Redis clusters
• Design network segmentation and micro-segmentation strategies for containerized environments
• Develop security automation tools and infrastructure for threat hunting and incident response
• Architect backup and disaster recovery infrastructure with security controls and encryption
• Build security testing infrastructure for application and infrastructure vulnerability assessments

Who You Are

• 10+ years of Infrastructure Security/DevSecOps experience in enterprise environments
• Expert-level Terraform/Terragrunt skills for secure infrastructure provisioning
• Deep knowledge of AWS security services (GuardDuty, Security Hub, Config, CloudTrai, EKS, ECR, RDS, EC2, ECS, S3l)
• Proficiency in Kubernetes security architecture (Pod Security Standards, Network Policies, RBAC)
• Hands-on experience with infrastructure vulnerability scanning and hardening
• Expertise in network security architecture and Zero Trust implementation
• Strong knowledge of container security and image scanning infrastructure
• Experience with SIEM/SOAR infrastructure design and implementation
• Understanding of PKI infrastructure and certificate management at scale
• Knowledge of database security architecture and encryption strategies
• Experience with infrastructure compliance automation and policy as code
• Proficiency in security automation scripting (Python, Go, Bash)
• Ability to design secure CI/CD infrastructure and supply chain security
• Strong infrastructure troubleshooting and security incident response skills

Nice to have 

• Security certifications (CISSP, CCSP, AWS Security Specialty, AWS Solution Architect, AWS DevOps Professional)
• Knowledge of service mesh security architecture (Istio, Linkerd)
• Familiarity with infrastructure security scanning tools
• Experience with security orchestration and automated remediation platforms
• Understanding of threat modeling and security architecture review processes
• Knowledge of infrastructure penetration testing and red team exercises
• Experience with security metrics and KPI infrastructure for executive reporting

Why Join Us 

• Awarded Best Managed Company of Switzerland by Deloitte in 2024 and 2025
• Bi-Annual Company Wide Trips (2023 Armenia 2025 Switzerland and more to come!) 
• Fully Remote Work from either Germany, UK, France or Armenia
• High Work Flexibility 
• Employee-Focused Culture
• Innovative and Collaborative Team
• Great Working Conditions