DevSecOps Engineer
Indexed description
At Yotpo, we are committed to creating secure, reliable, and innovative solutions for our customers. The Security Team is a core part of every aspect of Yotpo’s business - from customers to backend systems and everything in between. As a Senior Cloud Security Engineer, you will play an integral role in designing, maturing, and automating our cloud security controls. You will also contribute to other security domains and initiatives such as Incident Response, Security Monitoring and Risk Management. You will work in close partnership with our DevOps, R&D and Product teams to help strengthen our security posture and our platform.
Why Join Us:
- Engineers will immerse themselves in a complex, large-scale environment that offers the chance to work with diverse technologies. This unique setting is an exceptional opportunity for growth that not every company can provide.
- Be at the forefront of cybersecurity, tackling complex and emerging challenges.
- Freedom to innovate and implement impactful solutions that directly enhance Yotpo’s overall security posture.
- Engage with a wide range of projects to develop deep knowledge across multiple security domains.
- Serve as Cloud Security Subject Matter Expert (SME), actively supporting R&D and product teams in developing secure solutions.
- Design secure cloud architectures and implement practical, automated, and scalable controls across services in partnership with DevOps, R&D, and Product teams.
- Continuously assess cloud security posture, identifying gaps and opportunities to reduce risk and adopt best practices.
- Implement, mature, and automate end-to-end cloud security controls across AWS, Kubernetes, CI/CD pipelines, and self-managed systems.
- Lead and improve vulnerability management workflows; communicate vulnerabilities and mitigation strategies to stakeholders, balancing business agility and security.
- Own the full lifecycle of security initiatives from proof of concept (POC) and design to deployment and operation while promoting a security-first mindset.
- Maintain and develop the team knowledge base.
- Stay curious and enjoy working with modern security tools and technologies.
- 5+ years of hands-on experience as Cloud Security Engineer, DevSecOps, or similar roles within an AWS environment.
- Expertise in managing cloud security controls (IAM, Security Groups/ACLs, WAF, IDS/IPS, load balancing, proxies, VMs, serverless).
- Experience securing Kubernetes and containerized workloads.
- Proficiency with Python/Bash scripting and automation.
- Experience with Infrastructure-as-Code (IaC), preferably Terraform, and CI/CD tooling (e.g., GitHub Actions).
- Strong communication skills to influence and guide teams as a cloud security SME.
- Excellent problem-solving skills for high-complexity environments.
- Excellent written and verbal English.
- AWS certifications (AWS Certified Solutions Architect, AWS Certified DevOps Engineer, AWS Certified Security - Specialty).
- Experience with CSPM, CNAPP, CWPP, and EDR solutions.
- Familiarity with security standards and frameworks (ISO, TSC, NIST) and their application to cloud environments.
What we offer:
- Track to success – work in a dynamic organization with ambient and laid-back office atmosphere
- Individualized career development, rewards, and recognition.
- Work-life balance – 25 days paid vacation with add-ons for loyalty, regular team buildings and celebrations in and outside the country
- Additional health insurance package
- Internal mobility program and refer-a-friend program
- Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
- Food vouchers
- E-learning portals and knowledge sharing sessions.
- Company backed Hackathons, Tech conferences, workshops events, etc
- Stocked kitchen and bar.
- Equity in options.
- Flexible hybrid capacity
Help us be the best version of Yotpo by building something great together!
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search