Were looking for a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness.
The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features.
What You'll Do:
Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.
Perform vulnerability assessments and security code reviews to identify and address security vulnerabilities and risks.
Implement and manage security tools and technologies such as SCA, SAST, IaC Security, etc.
Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
Stay updated with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.
Evaluate blockchain protocol repositories for in-depth security and resiliency analysis reporting.
Use market data analysis to identify risk vectors for various crypto assets.
Understand complex protocol governance structures to prepare concise reporting for executive consumption and decision-making.
Analyze crypto asset data across various sectors to provide recommendations for the organization based on variable risk tolerances and use cases.
Take part in various tasks related to custody operations.

Our team is at the forefront of ensuring the security and resilience of this critical infrastructure, and we're looking for a visionary Security Architect to play a pivotal role in designing and implementing robust security solutions across our infrastructure and applications.

If you have a passion for building secure-by-design systems, a deep understanding of both infrastructure and application security principles, and the ability to translate complex requirements into actionable blueprints, we want to hear from you. You'll be instrumental in shaping our security landscape, ensuring our platform remains a trusted and secure environment for our global users.

What You'll Be Doing:
This is a hands-on position. You need to love writing Python, working with APIs, and codifying infrastructure. Lead the architectural design and implementation of security solutions for our cloud infrastructure, network, and applications.
Get your "hands dirty", fearlessly working on our most complex and risky problems involving production systems and networks.
Constantly push optimizations and best practices. Define and maintain security standards, frameworks, and best practices across the organization.
Collaborate closely with engineering, product, and operations teams to integrate security seamlessly into the development lifecycle and infrastructure deployments.
Evaluate and recommend security technologies and tools to enhance our security posture.
Develop security reference architectures and patterns to guide engineering teams in building secure solutions.
Participate in threat modeling and risk assessment activities to proactively identify and mitigate potential security threats.
Provide expert guidance and mentorship to engineering teams on security-related topics.
Stay current with the latest security trends, threats, and technologies, and translate them into actionable strategies for us.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the company's products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

We're looking for a Security Engineer
WHAT YOULL DO

Lead threat modeling and security review exercises across production and CI/CD environments identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team extending our DevSecOps and Product Security practices to FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with Wizs engineering and operations teams helping them deliver secure-by-design solutions