DevSecOps Engineer

About the position

FundGuard is a global FinTech firm with offices in Boston, London, Tel Aviv, NYC and Toronto. Our primary customers are global custody banks, asset servicers and institutional asset managers. We are driving the future of AI-driven investment accounting SaaS! In fact, we were recently named to CB Insights' List of the 100 Most Innovative Fintech Startups. We are seeking an experienced DevSecOps Engineer to join our CloudOps team. This is a dedicated role where you will independently drive the implementation and upkeep of security practices across our development and operations processes. You'll collaborate closely with both the development and operations teams to ensure our cloud infrastructure and applications meet security requirements, while supporting efficient and reliable delivery.

Responsibilities

• Design, implement, and maintain security controls across our cloud environments using CNAPP, CSPM, and CWPP solutions
• Lead security automation initiatives within CI/CD pipelines
• Perform security assessments, vulnerability management, and remediation
• Implement and manage cloud security tools and services
• Develop and maintain security documentation and policies
• Collaborate with development teams to integrate security early in the development lifecycle
• Monitor and respond to security events and incidents
• Stay current with emerging security threats and best practices

Requirements

• 5+ years of experience in DevSecOps, Security Engineering, or similar roles
• Strong experience with cloud security services in AWS and/or Azure environments
• Working knowledge of Cloud Native Application Protection Platforms (CNAPP), Cloud Security Posture Management (CSPM), and Cloud Workload Protection Platforms (CWPP)
• Hands-on experience with security tools such as Netskope, Orca/Wiz Security (CNAPP/CSPM), Crowdstrike (CWPP), Snyk, StackHawk DAST, and Knowbe4
• Knowledge of container security and Kubernetes (MUST)
• Experience implementing security in CI/CD pipelines, including SAST/SCA and DAST tools
• Experience coordinating with third-party vendors for security audits and penetration testing, including managing remediation efforts and implementing findings
• Proficiency in scripting languages (Python, Bash)
• Understanding compliance frameworks (SOC1/2, ISO27001, GDPR, DORA, etc.)
• Ability to work autonomously and to drive results
• Strong analytical and problem-solving skills
• Excellent communication and collaboration abilities
• MUST be willing to work on-site in a hybrid model
• Permanent U.S. work authorization REQUIRED (NO STEM-OPT)

Nice-to-haves

• Relevant security certifications (CISSP, CCSP, AWS/Azure Security certifications)
• Experience with Infrastructure as Code (Terraform, CloudFormation)
• Knowledge of Zero Trust architecture and implementation
• Experience with SIEM tools and security monitoring
• Background in application security and secure coding practices