Senior DevSecOps Engineer

Company: FalconX

Website: Visit Website

Business Type: Startup

Company Type: Product

Business Model: B2B

Funding Stage: Series D+

Industry: Crypto

Job Description

Who are we?

FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and 
cutting-edge technology, FalconX addresses the industrys foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever-
evolving cryptocurrency landscape.

We are seeking a highly skilled Senior DevSecOps Engineer to join our team. This role is responsible for embedding security at every stage of our cloud infrastructure lifecycle, with a strong focus on hands-on implementation, automation, and DevSecOps best practices. You will work closely with development, operations, and security teams to ensure our AWS-based environments are secure, compliant, and resilient.

Key Responsibilities

• Cloud Infrastructure Security
• Design, implement, and maintain security controls within cloud-based systems, focusing on AWS technologies and best practices.
• Integrate security scanning and compliance checks into CI/CD pipelines to ensure continuous security throughout the development lifecycle.
• Conduct regular vulnerability assessments and patching of virtual instances using Ansible and other cloud-native tools.
• Develop and maintain Infrastructure as Code (IaC) using Terraform for IAM, Cloudflare, and AWS components, ensuring security by design.
• Collaborate with cross-functional teams to embed security controls into development and deployment workflows.
• Deploy and manage cloud security tools (e.g., AWS Security Hub, GuardDuty, Inspector) to enhance cloud security posture.
• Automation and Scripting
• Develop and maintain scripts, tools, and automation workflows to streamline security operations, incident response, and compliance checks.
• Create and update Ansible playbooks for consistent, automated security configurations across cloud resources.
• Kubernetes and Container Security
• Apply foundational knowledge of container security, including best practices for Kubernetes clusters and workloads.
• Support the secure deployment and management of containerized applications, ensuring Kubernetes environments adhere to security guidelines.
• Assist with vulnerability scanning, secrets management, and policy enforcement in Kubernetes as needed.
• Compliance and Best Practices
• Ensure cloud infrastructure adheres to industry security standards and compliance requirements (SOC 2, ISO 27001, PCI DSS, etc.).
• Stay up to date with the latest cloud and container security threats, vulnerabilities, and tools, implementing proactive measures to mitigate risk.
• Collaboration and Documentation
• Work closely with DevOps and development teams to integrate security practices into the CI/CD pipeline and SDLC.
• Educate and train teams on secure coding, DevSecOps, and Kubernetes/container security practices.
• Maintain comprehensive documentation of security processes, configurations, and incident response procedures.
  

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 6-8 years of experience in cloud engineering, DevOps, or security engineering, with a strong focus on AWS technologies.
• Hands-on experience with Terraform, Ansible, and AWS services (EC2, IAM, Cloudflare, Kubernetes, etc.).
• Proficiency in scripting languages such as Python or Bash for automation and security tooling.
• In-depth knowledge of cloud security best practices, threat modeling, and common vulnerabilities.
• Experience with cloud security tools and integrating security into CI/CD pipelines.
• Foundational knowledge of Kubernetes security and container security principles.
• Excellent problem-solving skills, attention to detail, and ability to collaborate across teams.