Devsecops Engineer



Alpaca is a fast-growing fintech API startup backed by a group of prominent investors including Spark, Portage, Social Leverage, Tribe, Horizons, Eldridge, Positive Sum, Elefund, and Y Combinator, and highly experienced industry angel investors. Alpaca has raised a total of $72 million to date.

Alpaca builds a developer API that allows apps and developers globally to launch commission-free stock trading apps. Our platform also offers a developer-friendly community and platform for traders to programmatically trade stocks with ease. Of course, we are very enthusiastic about open source contribution and community building!

Job Responsibilities:

  • Work with the Engineering team to help design secure, highly scalable, mission-critical infrastructure to support our applications
  • Manage the CI/CD security strategy, including integration of Security as Code (SaC)
  • Conduct threat modeling for new product lines and proposed changes to infrastructure and enrich the DevOps architecture with security standards and best practices
  • Analyze, identify, and remediate security weaknesses in our cloud infrastructure
  • Respond to alerts from our security toolsets
  • Ensure data sets and databases within our infrastructure are appropriately secured
  • Continually look for opportunities to improve the software development lifecycle
  • Build cyber resiliency into our cloud infrastructure
  • Define KPIs and metrics for cloud infrastructure security and recommend enhancements to improve these metrics over time
  • Provide security awareness training (formal and informal) for our Engineering team
  • Assist in Incident Response activities as needed

Technology stack:

  • GoLang
  • PostgreSQL, RabbitMQ, Redis, Redpanda (Kafka)
  • GKE & GCP

Required Qualifications and Experience:

  • Bachelor's degree or equivalent experience in Computer Science or related field
  • Experience with at least one of: GoLang, Python, C++, NodeJS
  • SQL or relational database skills
  • Experience managing infrastructure within Azure, AWS, or GCP
  • Hands-on knowledge with Linux, Docker, & Terraform. Kubernetes experience is a plus.
  • Security and DevOps mindset
  • Experience with vulnerability management and pen testing tools such as Tenable, Qualys, Kali, or Burp Suite
  • Experience with SIEM or other log and search systems
  • Good knowledge of the OWASP top 10 or similar application security framework
  • Security-related certifications such as CSSLP, CISSP, CEH, or equivalent are a bonus
  • Understanding of the financial market is a plus
  • Excited about what we are building at Alpaca

Must be eligible to work without sponsorship for this role.

Findwork Copyright © 2021


Let's simplify your job search. Receive your tailored set of opportunities today.

Subscribe to our Jobs