Alpaca

API for Free Stock Trading

DevSecOps Engineer at Alpaca

Location
Remote
Job Type
Full-time
Experience
6+ years
Apply to Alpaca and hundreds of other fast-growing YC startups with a single profile.
Apply to role ›

About the role

Alpaca is a series A fintech startup that’s raised over $21M in funding. Alpaca builds an API for stock trading that enables developers across the world to build trading algos, applications, and brokerage services.

Alpaca’s globally distributed team consists of developers, traders, and brokerage specialists, and is backed by a group of prominent investors including Spark Capital, Portag3, Social Leverage, Elefund, Y Combinator, and highly experienced industry angel investors. We are also a very tech-enthusiastic team with notable track records in open source and startup communities.

About the Role

Reporting to the Director of Security, you will help oversee the implementation of our security policies to ensure our cloud-hosted systems and microservices remain secured and compliant.

Job Responsibilities:

● Work with the Engineering team to continue with our shift-left DevSecOps efforts and to

ensure the resiliency of our cloud-hosted systems and microservices

● Conduct threat modeling of the architecture and infrastructure, and enrich the DevOps

architecture with security standards and best practices

● Identify security vulnerabilities in the code and architecture through automated and manual

assessments

● Manage the CI/CD security strategy

● Analyze security logs and alerts, and escalate any potential security threats to help contain

and remediate

● Define KPIs and metrics for the DevSecOps process and recommend enhancements to

improve these metrics over time

● Assist in Incident Response activities as needed

Required Qualifications and Experience:

● Bachelors degree in Computer Science or equivalent work experience

● You have 5+ years of experience in DevSecOps or security operations

● You have extensive experience with Google Cloud Platform, AWS, or Azure

● Understanding of containers and container orchestration (Kubernetes)

● Strong understanding and comfort with POSIX Operating Systems (Linux/BSD, etc.)

● Experience with agile workflows including Scrum and Kanban

● Experience with vulnerability management and pen testing tools such as Tenable, Qualys,

OWASP ZAP, or Burp Suite

● Experience with SIEM or other log and search systems

● Security-related certifications such as CISSP, CSSLP, CEH, or equivalent

Why you should join Alpaca

Alpaca is a hyper growth financial technology company that is democratizing global access to financial markets starting with our API-first stock brokerage. In just two years, billions of dollars of securities are traded every month via our API and rapidly increasing.

Alpaca’s globally distributed team consists of developers, traders, and brokerage business specialists and backed by a group of well-capitalized investors including Spark Capital, Portag3, Social Leverage, Y Combinator as well as highly experienced industry angel investors. We are also very tech-enthusiastic with notable track records in open source and startup communities.