DevSecOps Engineer

Remote

Ava Labs

Ava Labs makes it simple to deploy high-performance solutions for Web3, led by innovations on Avalanche.

View company page

Want to be a part of the fastest-growing blockchain company? Ava Labs makes it simple to launch applications using Avalanche, a smart contracts platform with 800k+ monthly active users. Avalanche is the fastest blockchain, measured by time to finality, and one of the fastest-growing in crypto – with hundreds of dapps and $12B+ in total economic value locked.

Founded by the creators of Avalanche, Ava Labs strives to digitize every asset in the world. In addition to building Avalanche and other tools to support the ecosystem, we offer expertise to ensure that all individuals and organizations can seamlessly use Avalanche and its vibrant app ecosystem. Join us as we empower people to easily and freely digitize all the world’s assets on one open, programmable blockchain platform.

We're looking for a DevSecOps Engineer to work closely with our DevOps team to optimize the security of our cloud infrastructure, including Kubernetes, Docker, and Terraform. You should be fluent in modern DevOps tooling and also possess a keen security mindset, with a deep knowledge of Linux hardening and cloud deployment best practices. Knowledge of AWS and its security quirks is essential, bonus if you know Azure.

WHAT YOU WILL DO

  • Make a full inventory of everywhere we use Kubernetes and cloud instances, report on the current state of affairs, lay out a roadmap for security optimization, and begin implementing those changes in a methodical and well-documented manner
  • Discover new security vulnerabilities in the underlying k8s code
  • Integrate security tools and associated processes into the DevOps
  • Work across cross-functional engineering teams and utilize technical capabilities to support high performance and security across build projects and technical operations
  • Serve as a subject matterexpert (SME) in DevSecOps and security for CI/CD best practices

WHAT YOU WILL BRING

  • 3-5 years of DevOps + security experience
  • Significant experience integrating security tools into a CI/CD pipeline
  • Hands-on experience with IaaC, Docker, Kubernetes, Terraform, Hashicorp Vault, Github Actions or similar
  • Experience of AppSec tooling: SAST (Snyk, Sonatype) / DAST (Burp Enterprise, OWASP Zap etc)
  • Proven track record (or at least demonstrated understanding) of "shift left" approach to implementing security
  • Experience in working on distributed and large complex systems
  • Experience with Atlantis
  • Programming or scripting experience (python/bash/AWS SDK) a big plus
  • Bonus if you have Datadog experience and/or microkernals

#LI-Remote #LI-TW1

WHY AVA LABS?

We're a global, world-class team of experts in computer science, economics, finance, marketing, and law with offices in New York City and Miami. We're highly passionate about Web3 and redefining the way people build and use finance and decentralized applications of all kinds. The company received early-stage funding from Andreessen Horowitz, Initialized Capital, and Polychain Capital, with angel investments from Balaji Srinivasan and Naval Ravikant.

Ava Labs is committed to diversity in the workplace and we’re proud to be an Equal Opportunity Employer. We do not hire on basis of race, color, religion, creed, gender, national origin, citizenship, age, disability, veteran status, marital status, pregnancy, parental status, sex, gender expression or identity, sexual orientation, or any other basis protected by local, state or federal law. All employment is decided on the basis of qualifications, merit, and business need.

Tags: Application security AWS Azure Bash Blockchain CI/CD Cloud Computer Science Crypto DAST DevOps DevSecOps Docker Finance GitHub Kubernetes Linux OWASP Python SAST Scripting Terraform Vulnerabilities

Perks/benefits: Startup environment

Region: Remote/Anywhere
Job stats:  16  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.