DevSecOps

Our client, a leading global company in the online fintech and data tech sector, is seeking a DevSecOps to join their global team. The company operates one of the top-10 most visited websites in the world and is a recognized leader in its industry, with a presence across all continents. Their platform supports 23+ localizations, attracts over 60 million unique users, and generates 4 billion page views, offering a seamless experience across both mobile and desktop applications.

The company’s high-load video, data, and analytical products provide access to more than 300,000 financial instruments. These include real-time quotes, interactive charts, customized portfolios, and the latest financial news and insights. The platform also covers a wide range of financial information, such as world indices, ETFs, commodities, bonds, interest rates, cryptocurrencies, futures, and options.

This position serves as the central point for cloud and infrastructure security within the organization, taking ownership of DevSecOps initiatives across a complex GCP-based environment. Key areas of focus include embedding security into CI/CD processes, managing vulnerabilities, and coordinating incident response. Working closely with DevOps engineers and reporting to the VP of DevOps, the role plays a strategic part in defining tooling, setting policies, and guiding security practices across the platform.

Responsibilities

• Take ownership of the company’s security operations, including planning, designing, and executing security measures.
• Implement best practices to protect infrastructure, code, and cloud-native environments on GCP using cloud tools.
• Conduct continuous threat monitoring, vulnerability assessments, and log analysis to identify and address security risks.
• Manage IAM, RBAC, and other access control mechanisms, securing Kubernetes, containers, and serverless environments.
• Mentor DevOps engineers on security best practices and ensure compliance across the team.
• Integrate security tools into CI/CD pipelines, automate vulnerability management, and research new cloud security technologies.

Requirements

• 4-5 years of hands-on experience in DevSecOps, cybersecurity, or related fields, with expertise in CI/CD tools and security integration.
• Proficiency with cloud-native security tools (e.g., Cloudflare WAF, GCP Security Center) and strong understanding of application security, including OWASP principles.
• Experience with Infrastructure as Code (IaC) tools like Terraform and Ansible, as well as scripting languages (Python, Bash) for automation.
• A collaborative mindset with strong problem-solving abilities and the ability to work independently while managing priorities.
• Relevant security certifications such as CISSM, CISSP, and CCSP is a plus
• Languages: Ukrainian (native/ advanced) and English (advanced working proficiency)