DevSecOps Engineer at Alpaca
About the role
Alpaca is a series A fintech startup that’s raised over $21M in funding. Alpaca builds an API for stock trading that enables developers across the world to build trading algos, applications, and brokerage services.
Alpaca’s globally distributed team consists of developers, traders, and brokerage specialists, and is backed by a group of prominent investors including Spark Capital, Portag3, Social Leverage, Elefund, Y Combinator, and highly experienced industry angel investors. We are also a very tech-enthusiastic team with notable track records in open source and startup communities.
About the Role
Reporting to the Director of Security, you will help oversee the implementation of our security policies to ensure our cloud-hosted systems and microservices remain secured and compliant.
● Work with the Engineering team to continue with our shift-left DevSecOps efforts and to
ensure the resiliency of our cloud-hosted systems and microservices
● Conduct threat modeling of the architecture and infrastructure, and enrich the DevOps
architecture with security standards and best practices
● Identify security vulnerabilities in the code and architecture through automated and manual
● Manage the CI/CD security strategy
● Analyze security logs and alerts, and escalate any potential security threats to help contain
● Define KPIs and metrics for the DevSecOps process and recommend enhancements to
improve these metrics over time
● Assist in Incident Response activities as needed
Required Qualifications and Experience:
● Bachelors degree in Computer Science or equivalent work experience
● You have 5+ years of experience in DevSecOps or security operations
● You have extensive experience with Google Cloud Platform, AWS, or Azure
● Understanding of containers and container orchestration (Kubernetes)
● Strong understanding and comfort with POSIX Operating Systems (Linux/BSD, etc.)
● Experience with agile workflows including Scrum and Kanban
● Experience with vulnerability management and pen testing tools such as Tenable, Qualys,
OWASP ZAP, or Burp Suite
● Experience with SIEM or other log and search systems
● Security-related certifications such as CISSP, CSSLP, CEH, or equivalent
Why you should join Alpaca
Alpaca is a hyper growth financial technology company that is democratizing global access to financial markets starting with our API-first stock brokerage. In just two years, billions of dollars of securities are traded every month via our API and rapidly increasing.
Alpaca’s globally distributed team consists of developers, traders, and brokerage business specialists and backed by a group of well-capitalized investors including Spark Capital, Portag3, Social Leverage, Y Combinator as well as highly experienced industry angel investors. We are also very tech-enthusiastic with notable track records in open source and startup communities.