DevSecOps Engineer at Alpaca

Posted on: 11/17/2021

Location: (REMOTE)

Original Source

Tags: fintech rabbitmq gcp redis sql spark azure nodejs postgresql golang kubernetes terraform aws python docker kafka

**Overview:** Alpaca is a fast-growing fintech API startup backed by a group of prominent investors including Spark, Portage, Social Leverage, Tribe, Horizons, Eldridge, Positive Sum, Elefund, and Y Combinator, and highly experienced industry angel investors. Alpaca has raised a total of $72 million to date. Alpaca builds a developer API that allows apps and developers globally to launch commission-free stock trading apps. Our platform also offers a developer-friendly community and platform for traders to programmatically trade stocks with ease. Of course, we are very enthusiastic about open source contribution and community building! **Job Responsibilities:** * Work with the Engineering team to help design secure, highly scalable, mission-critical infrastructure to support our applications * Manage the CI/CD security strategy, including integration of Security as Code (SaC) * Conduct threat modeling for new product lines and proposed changes to infrastructure and enrich the DevOps architecture with security standards and best practices * Analyze, identify, and remediate security weaknesses in our cloud infrastructure * Respond to alerts from our security toolsets * Ensure data sets and databases within our infrastructure are appropriately secured * Continually look for opportunities to improve the software development lifecycle * Build cyber resiliency into our cloud infrastructure * Define KPIs and metrics for cloud infrastructure security and recommend enhancements to improve these metrics over time * Provide security awareness training (formal and informal) for our Engineering team * Assist in Incident Response activities as needed **Technology stack:** * GoLang * PostgreSQL, RabbitMQ, Redis, Redpanda (Kafka) * GKE & GCP **Required Qualifications and Experience:** * Bachelor's degree or equivalent experience in Computer Science or related field * Experience with at least one of: GoLang, Python, C++, NodeJS * SQL or relational database skills * Experience managing infrastructure within Azure, AWS, or GCP * Hands-on knowledge with Linux, Docker, & Terraform. Kubernetes experience is a plus. * Security and DevOps mindset * Experience with vulnerability management and pen testing tools such as Tenable, Qualys, Kali, or Burp Suite * Experience with SIEM or other log and search systems * Good knowledge of the OWASP top 10 or similar application security framework * Security-related certifications such as CSSLP, CISSP, CEH, or equivalent are a bonus * Understanding of the financial market is a plus * Excited about what we are building at Alpaca Must be eligible to work without sponsorship for this role.