Offer summary

Qualifications:

At least 5 years of experience in DevOps or infrastructure engineering., Deep expertise in cloud platforms such as AWS and GCP., Proficiency with Infrastructure as Code tools like Terraform, CloudFormation, or Ansible., Strong knowledge of security practices, compliance standards, and automation of security controls..

Key responsibilities:

Design and manage secure cloud infrastructure using IaC tools.

Create and maintain secure CI/CD pipelines with automated security checks.

Implement monitoring, logging, and SIEM integrations for observability.

Develop incident response and disaster recovery plans to ensure system resilience.

Job description

We’re hiring a Senior DevOps and Security Engineer for Ezra Climate — a fastgrowing USbased startup that’s building tools to simplify and accelerate climate financing. Backed by toptier investors, Ezra operates at the intersection of technology, finance, and climate action, with a mission to help individuals and businesses invest in projects that benefit the planet.

As the new Senior DevOps & Security Engineer, you’ll play a critical role in building secure, scalable infrastructure and ensuring development and deployment pipelines are robust, efficient, and compliant. Youll work closely with engineering, product, and security teams to lay the groundwork for reliable and auditable technical systems from day one.

⚠️ Please Note
We are hiring engineers located in Belarus only or those relocated to the LATAM region.
The team operates on a US time zone, so you’ll need to work approximately from 18:00 to 4:00 Minsk time (GMT+3), if located in Belarus.
Please make sure this schedule fits your availability before applying.

What You’ll Do:Design, build, and manage secure cloud infrastructure using Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or Ansible.
Create and maintain secure CICD pipelines (e.g., GitHub Actions, GitLab CI) with integrated security gates and automated tooling (SAST, DAST, dependency scanning).
Build comprehensive monitoring and logging systems using Prometheus, Grafana, Datadog, and integrate with SIEM platforms (e.g., Splunk, Elastic).
Implement and automate compliancefocused controls aligned with SOC 2, ISO 27001, and other frameworks.
Manage secrets securely throughout their lifecycle using tools like AWS KMS, HashiCorp Vault, or Supabase Vault.
Enforce robust cryptographic standards, including TLS setup, encryption in transit, and vendor encryption verification.
Design and apply finegrained IAM and RBAC policies based on least privilege principles.
Perform technical due diligence on thirdparty services to validate security alignment with company standards.
Ensure cloud and network security across multiaccount AWSGCP environments, including services like VPCs, Security Groups, IAM, AWS WAF, and GuardDuty.
Develop and maintain incident response and disaster recovery plans, including automated backups, restores, and failover strategies.
Optimize infrastructure for performance, scalability, reliability, and cost, applying best practices for cloud architecture and resource management.

What We’re Looking For:
5+ years of handson DevOps or infrastructure engineering experience.
Deep expertise in cloud environments (AWS, GCP) and modern security practices.
Strong proficiency with IaC tools (Terraform, CloudFormation, Ansible).
Proven track record of building secure, automated CICD pipelines.
Experience implementing observability stacks (monitoring, logging, alerting).
Handson experience with secrets management, cryptography, and IAM.
Familiarity with compliance standards (SOC 2, ISO 27001) and automating related controls.
Strong analytical mindset with a bias toward reliability, security, and performance.
Excellent communication and collaboration skills in crossfunctional teams.
Ability to freely communicate in English Upperintermediate level at least.

What We Offer:
Competitive compensation
Englishspeaking environment
Opportunities for rapid career development in a hypergrowth startup
Sponsored career development
English lessons
Sport compensation
Medical + Dental insurance
Cool office in the city center
Additional 3 paid sick days
Flexible work start time
Coffee, fruits, snacks, etc.
Gifts on birthdays, holidays and special occasions
Lots of unforgettable teambuilding events