devsecops engineer
генерация резюме под вакансию
сопроводительное письмо
описание
Mayflower develops a payment gateway that facilitates fund acceptance from users on behalf of merchants and manages payouts from merchants to users. The system handles sensitive user payment data and maintains PCI DSS compliance through multiple integrations with payment systems, processors, and 3DS providers.
задачи
- Design, implement, and manage infrastructure with a focus on security controls and secure configuration;
- Automate cloud operations to ensure deployments and configurations meet security baselines;
- Implement infrastructure security best practices including IAM, network security, encryption, and monitoring;
- Develop and maintain CI/CD pipelines with integrated automated security checks like SCA and SAST;
- Implement security monitoring and logging systems using AWS services;
- Manage security alerting mechanisms to ensure timely detection and response to incidents;
- Apply security best practices in daily operations such as password management and phishing prevention;
- Conduct security assessments and periodic reviews mandated by PCI DSS;
- Manage and control access across services;
- Prepare for and participate in PCI DSS audits;
- Collaborate with development, operations, and security teams to promote shared security responsibility;
- Train and advise team members on DevSecOps principles and secure engineering practices;
- Participate in task definition, estimation, and planning activities;
- Optimize AWS infrastructure for security, performance, scalability, and cost efficiency;
- Maintain documentation and provide reports on security posture and operational metrics.
требования
- 3+ Years of experience with Cloud infrastructure;
- Proficiency in DevSecOps tools and methodologies including CI/CD, Docker, and Kubernetes;
- Knowledge of security best practices in AWS environments;
- Understanding of PCI DSS requirements and experience maintaining compliance in AWS;
- Experience implementing security controls and monitoring for AWS services;
- Experience with logging and monitoring tools like AWS CloudWatch and ELK;
- Deep understanding of networking concepts, VPNs, firewalls, and load balancers;
- Experience with AWS security groups and IAM;
- Experience with Helm, SAML authentication, and SSO solutions;
- Knowledge of encryption techniques and key management;
- English proficiency at B1 level or higher;
- Nice to have: AWS certifications (Solutions Architect, Security Specialty), CISSP or CCSP certification, experience implementing DevSecOps culture, knowledge of security champion programs, experience with Terraform/OpenTofu and Terragrunt, knowledge of CKS certification program, knowledge of GitOps (Helmfile/ArgoCD/FluxCD), experience with Linkerd.
условия
- EU-based employment contract;
- 3-Year Cyprus work visa with full support for relocation and visa processes for the employee and family;
- Full relocation package including flights to Limassol and company-covered apartment for the first month;
- Provident fund (Cyprus) available after probation;
- Transparent performance reviews twice a year with bonus opportunities and salary adjustments;
- Private medical insurance for the employee and family;
- Corporate mobile plan with roaming;
- Mindfulness and well-being support including 50% coverage of psychological assistance;
- 50% Coverage of school and kindergarten fees for children;
- Fully covered sports benefits and access to in-house electric scooters and bike rentals;
- Professional growth support including language courses, conferences, and training;
- Peer recognition program;
- Free breakfasts, lunches, and in-house coffee bar in the office.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.