Senior DevSecOps Engineer

Here at Pleo, our customer base is growing with Sonic.gif speed! This is amazing yet the larger we become, the bigger the temptation for the less lawful sides of society. As a FinTech, we directly handle money for our customers and see the most incidents across all industries. We’re not only about protecting users from password leaks where malicious actors post cat videos to your SoMe account, this is about protecting our customers' money and data integrity. This is where you come in!

The Senior/Staff DevSecOps role focuses on owning the vision for our pipeline tooling and infrastructure as well as cloud and cluster hardening. We strive to shift left work on hardening our application and ensuring we build golden paths. We're looking for someone to take ownership of this specialization and bring an opinionated industry insight.

To give you a better idea, here are some tasks you might do as a Staff/Senior DevSecOps Engineer at Pleo.

Help define how our engineering teams build secure solutions by automating guardrails throughout our entire pipeline. You’ll be in charge of our Infrastructure as Code security policies, improve auto-remediation for issues and occasionally called to directly help developers on remediation;

• Deep dive into various security subjects related to hardening our Kubernetes & AWS infrastructure at Pleo. Then design, implement and give your recommendation on actions;

• Collaborate closely with our DevX and SRE teams to create automated continuous integration (CI) and continuous delivery (CD) around security checks;

• Drive organization-wide security initiatives related to security automation.

To make it clear, we're not building a security team to take over all security-related tasks. We're building a team of specialists that support other teams through platform building, investigating, and coaching.

There will be a lot of flexibility in this role depending on your interests and skills, but as a Senior/Staff role you will:

• Plan, rank, and manage the specialization security roadmap.
• Collaborate on the planning and executing projects related to our security objectives.
• Balance controls against our data classifications while providing tactful friction to meet the needs of the company.

We don’t expect a perfect match in technology and skills as above. We’re open to all levels of experience and receptive to talking with more associate level professionals. What's important is that you have a passion for the field, you are willing to expand your knowledge, and that you enjoy the responsibilities that come along with the role. 

If this philosophy resonates with you, we'd love to meet you, so click apply!

Your profile

• You recognize that communication is a core part of your job as a security engineer at Pleo.
• You are eager to discuss complicated cloud security topics with technical colleagues.
• You are pragmatic in your approach to security. A door that no one can unlock is very secure, but it's also no longer a door.
• Security isn't black magic, it's a matter of understanding complex systems and applying creative thinking to interesting problems.
• You love learning new things and enjoy working with problem areas you aren't an expert in (yet).
• You are honest and unafraid to state things exactly like they are acknowledging and communicating what's broken is the first step to fixing things.

The nitty-gritty skills

• You are comfortable with at least one programming language (Python, TypeScript, Kotlin, Golang) and have foundations with application development.
• Expertise with project ownership for fully automating CI/CD pipelines security checks end-to-end, from code commits to production;
• Experience with hardening, configuring and troubleshooting Kubernetes and AWS environments;
• Strong cloud service knowledge. You understand how to secure all the "meshy" things from sidecars, microservices to service mesh, and you are familiar with the cloud shared responsibility model. You're comfortable balancing the tradeoff considerations with regard to cost, security, and deployment complexity.

Nice to have skills

• Java or Kotlin proficiency and experience with securing applications running on JVM.
• Experience with PCI DSS, GDPR, or PSD2 technical requirements such as proper network segmentation and authorization mechanism.

Show me the benefits

• Your own Pleo card (no more out-of-pocket spending!)
• Lunch is on us - with catering in our Lisbon, Copenhagen and London offices or a monthly lunch allowance paid directly together with  your salary in other markets 🍜
• Private health insurance to ensure you’re fit in body and mind to do your best work
• Option to purchase 5 additional days of holiday through a salary sacrifice
• Wellbeing days - fully paid days off designed for a slower pace, allowing you to take time to recharge and prioritise self-care
• We’re trialling MyndUp to give our employees access to free mental health and wellbeing support with great success so far  ❤️‍🩹
• Access to LinkedIn Learning - acquire new skills, stay abreast of industry trends and fuel your personal and professional development continuously 
• Paid parental leave - we want to make sure that we're supportive of families and help you feel that you don't have to compromise your family due to work 👶
• All of us have a stake in Pleo’s success - ask us about our equity grant scheme

#LI-remote