Senior DevSecOps Engineer - Remote Position

About the Role

We are seeking a Senior DevSecOps Engineer to join our team in a fully remote capacity. This role is open to candidates across Latin America and offers an exciting opportunity to embed security into every stage of our software development lifecycle (SDLC). As a Senior DevSecOps Engineer remote, you will play a crucial role in maturing our DevSecOps practices and ensuring our platform meets stringent security and compliance requirements in the fintech landscape.

What You'll Do

• Design, implement, and maintain security controls within our GitHub Actions CI/CD pipelines, ensuring secure code delivery.
• Take ownership of our vulnerability management program, working closely with engineering teams to prioritize and remediate security findings.
• Act as a security subject matter expert, conducting security architecture reviews and promoting secure coding best practices.
• Manage and support internal and external penetration testing engagements, tracking findings and driving remediation efforts.
• Help define and document foundational security requirements for source code management and CI/CD processes.
• Partner with our GRC function to implement necessary application security controls and support compliance audits.

Requirements

• Proven experience as an Application Security Engineer, Product Security Engineer, or in a similar role.
• Hands-on experience with CI/CD pipelines, preferably using GitHub Actions.
• Strong proficiency with security scanning tools such as SAST, DAST, and SCA.
• Proficiency in Python or another scripting language.
• Deep understanding of web application vulnerabilities and secure architecture principles.
• Experience with cloud-native technologies (GCP, Kubernetes, Docker) and Infrastructure-as-Code tools like Terraform.
• Familiarity with compliance frameworks like SOC 2 and PCI DSS.

Nice to Have

• Experience with vulnerability management platforms like DefectDojo.
• Equivalent competencies in related security domains.

What We Offer

• Competitive salary ranging from $120,000 to $150,000 per year.
• 100% remote work flexibility, allowing you to work from anywhere in Latin America.
• Long-term contractor engagement with a dedicated client.
• Opportunities for professional growth and development in the cybersecurity field.
• Work with a passionate team focused on empowering developers to ship secure code.