Senior DevSecOps Engineer - Remote

Overview

The Engineering team builds the software powering Veriff. We are dedicated to securing and optimizing our infrastructure to ensure we protect user data and provide a seamless experience for everyone. In a fast-paced environment, we need new talent to help us stay ahead, bring fresh perspectives, and implement scalable, secure solutions that keep Veriff on the cutting edge.

In Short

• Enhancing Network Infrastructure on AWS: Continuously improving and optimizing network architecture within AWS, ensuring scalability, performance, and security across all systems.
• Managing Firewall & Security Groups: Implementing and managing AWS security groups, NACLs, and firewalls to safeguard the network from external and internal threats.
• Elevating Kubernetes Network Security: Strengthening the security of Kubernetes networking, focusing on pod-to-pod communication, ingress/egress traffic control, and service-level security.
• Leveraging Istio for Network Mesh Security: Implementing and managing Istio within AWS, ensuring secure service-to-service communication, including mutual TLS, authentication, and authorization policies.
• Network Threat Detection: Monitoring and analyzing network traffic on AWS for potential threats using tools like GuardDuty, VPC Flow Logs, and CloudWatch.
• Ensuring Compliance & Best Practices: Aligning AWS network security configurations with industry standards and regulatory compliance frameworks (e.g., SOC 2, GDPR, AWS Well-Architected Framework).
• Driving Proactive Vulnerability Management: Automating security testing in the CI/CD pipeline using tools like AWS Inspector, proactively addressing vulnerabilities early.
• Optimizing Network Performance: Applying your expertise to optimize network data flow, improve performance, and reduce latency across cloud and on-prem systems.
• Collaborating Across Teams: Working closely with InfoSec, DevOps, and other teams to ensure our network infrastructure is secure, optimized, and aligned with the broader business goals.

Requirements

• Strong expertise in networking and infrastructure optimization, especially within AWS environments.
• Proficiency in firewall management and securing cloud networks using AWS security groups, NACLs, and other best practices.
• Experience with Kubernetes network security, ensuring secure pod-to-pod communication, ingress/egress traffic control, and service-level security.
• Deep knowledge of service mesh technologies, particularly Istio, including mutual TLS, traffic management, and security policies.
• Hands-on experience with AWS GuardDuty and WAF, optimizing and securing these tools for threat detection and response.
• Advanced knowledge of cloud security best practices, including frameworks like the AWS Well-Architected Framework, CIS Benchmarks, and regulatory standards such as SOC 2, GDPR, and PCI-DSS.
• Experience with observability and monitoring tools, including Prometheus, Grafana, AWS CloudWatch, and VPC Flow Logs, to monitor and optimize network performance.
• Strong communication skills, with the ability to collaborate with cross-functional teams and influence decision-making.
• A passion for proactive security and performance optimization, always looking for ways to enhance reliability, reduce risk, and improve user experience.

Benefits

• Stock options that ensure your share in our success
• Medical insurance to ensure you’re feeling great physically and mentally
• Learning and Development & Health and Sports budget that you are free to tailor to your own needs