Temporary Senior DevSecOps Engineer

The DevSecOps team is pivotal in helping infrastructure and Release management teams to secure our networks, operating systems, containers, pipelines and code. We are part of the Security team with a mission of reducing the impact of threats to Parity and its products, bolstering their resilience against potential cyber threats. About the position: 

This is a crucial role where your understanding of people, systems and security will allow you to advocate for and influence best practices in a diverse free thinking organisation while facilitating smooth development and implementation processes.  It is a unique opportunity to help secure an innovative organisation where feedback is direct and honest and understands that a check box approach doesn'™t get results.

It involves :

• Advising Infra Engineering and IT teams on security topics and supporting their work from the security standpoint '” maintaining things practical using a risk-based approach with a focus on following areas
   
  • Automation of security controls, security hardening of the developer and IaC processes (building, testing, release), supply chain security (part of the build process), related metrics and monitoring/audits
•  
  • Network, Vm & container image and  system hardening, Cloud issues and misconfigurations 
• 
  
  • Endpoint Security, Infrastructure Identity and Access Management, SIEM, Threat intelligence, common misconfigs (DNS, email, networking, etc.)
•  
• Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests.
• Picking tools, methods and approaches to maintain and improve the security stance of the company. (And we have a strong preference towards FOSS tooling when possible)
• Writing and enabling adoption of  company-wide security standards and guidelines, as well as implementing tools and automation to enable their deployment.
• Mentoring other team members on all matters related to security and IT and infrastructure engineering.

About you: 
You should be able to demonstrate : 

• A focus on outcomes (rather than activities) and outcome based delivery
• Ability  to partner with multiple teams in order to  (including but not only tackle issues, clarifying requirements, communicating and convincing stakeholders, etc..) 
• Comfortable with a Linux-based tech stack (managed VMs, SSH, VPNs, firewalls,)
• Experience with Kubernetes (incl. managed), Terraform, Ansible, Github, Gitlab,, ArgoCD, Image registries
• Experience with various cloud platforms including, Google Cloud, non-managed providers
• We'™d love it if you had an understanding of blockchain tech and associated tooling (wallets, keys, RPC nodes and indexers etc.)
• Ideally you'll live within 2 hours of UTC+0, but exceptional candidates outside of this timezone will also be considered.