DevSecOps Manager

About Kraken
As one of the largest and most trusted digital asset platforms globally, we are empowering people to experience the life-changing potential of crypto. Trusted by over 8 million consumer and pro traders, institutions, and authorities worldwide - our unique combination of products, services, and global expertise is helping tip the scales towards mass crypto adoption. But we’re only just getting started. We want to be pioneers in crypto and add value to the everyday lives of billions. Now is not the time to sit on the sidelines. Join us to bring crypto to the world.
We are seeking an extraordinary Application Security - DevSecOps Manager who is passionate about building a world class security team and who can thrive in a fast-paced environment where both individual drive and team collaboration are the keys to success! This is a technical managerial role that is focused on both building out the team and driving forward the current initiatives, with an eye towards the future.
Responsibilities:
Drive hiring and expansion from an international talent pool. 
Set clear direction for the future and improve upon existing processes and procedures.
Provide technical mentorship on integrating Security solutions with new and existing environments.
Working with a diverse set of teams from all over the world to provide general rulesets, as well as repeatable procedures and processes.
Work independently with limited to no supervision for critical, time sensitive and high visible projects.
Conduct regular meetings with the multi-functional teams to ensure Security standards are adequately implemented across all data store technologies.
Recognize that defects and incidents are a precious opportunity to improve, and put processes and tools in place to drive those improvements.

Bring to the table a DevSecOps process experience and mindset, including but not limited to:

• Automating the development and integration of infrastructure and applications, while providing testing along the way
• Experience with security tool sets and processes that enable proactive hardening, not hardening after the fact
• Infrastructure auditing methodologies
• Previous experience with Gitlab and complex security-focused CI/CD pipelines
• Knowledge of various compliance frameworks and building an environment against their recommendations
• CIS, NIST, PCI-DSS, FedRAMP, etc
• Container library vulnerability and dependency identification and remediation techniques
• Cloud Security and Serverless infrastructure hardening expertise 
• Rapid security evaluation of new tools and softwares using code review, scanning methods, company reconnaissance, traffic/activity inspection
• Cloud computing environment concepts
• High availability; redundancy, geo-specific optimizations; disaster recovery; infrastructure as code; as well as security considerations pertinent to these concepts
• Kubernetes security hardening and policy admission framework expertise
• Prior experience working with technologies such as Pod Security Policy, Kyverno, or OPA Gatekeeper and similar
• Kubernetes management and administration knowledge not required but preferred 
• Data lifecycle security experience and knowledge of current best practices.

Location Tagging #USA #Canada #London #Europe #LI-remote
We’re powered by people from around the world with their own unique and diverse experiences. We value all Krakenites and their talents, contributions, and perspectives, regardless of their background. 
As an equal opportunity employer we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws. 
Stay in the know
Follow us on TwitterCatch up on our blogFollow us on LinkedIn