About The Role
We are looking for a DevOps Engineer to help build, operate, and improve the platform for a security-first crypto custody product: cloud infrastructure, Kubernetes, CI/CD, GitOps delivery, observability, and production operations.
The role involves hands-on work with AWS, Kubernetes, Terraform, GitLab CI/CD, GitOps, observability, and security tooling. We value an engineer who can investigate production infrastructure issues, automate routine work, and improve platform reliability without adding unnecessary complexity.
What You’ll Do
● Maintain and evolve AWS infrastructure using Terraform.
● Work with Kubernetes/EKS: deployment, networking, troubleshooting, and resource management.
● Develop GitLab CI pipelines for build, test, security checks, and deployment.
● Support a GitOps delivery model with ArgoCD and Helm.
● Configure and improve monitoring, logging, and alerting.
● Work with secrets, IAM, service accounts, and least-privilege access patterns.
● Participate in incident troubleshooting, root cause analysis, and runbook improvements.
● Help embed security practices into delivery flows: image scanning, dependency scanning, and policy checks.
● Collaborate with backend, frontend, and security teams on infrastructure and delivery topics.
Must-have Experience
● 2-3+ years of experience as a DevOps, SRE, or Platform Engineer.
● Strong Linux knowledge and solid networking basics: DNS, TLS, HTTP.
● Hands-on experience with AWS or another major cloud provider.
● Experience operating Kubernetes in production or close-to-production environments.
● Experience with Terraform or another IaC tool.
● Experience building and maintaining CI/CD pipelines, preferably with GitLab CI.
● Understanding of GitOps; experience with ArgoCD or Flux is a plus.
● Experience with Docker/OCI images, container registries, and Helm charts.
● Basic understanding of observability: metrics, logs, traces, and alerts.
● Understanding of security basics: IAM, secrets management, vulnerability scanning, and least privilege.
● Ability to investigate issues using logs, metrics, and documentation.
● Readiness to document decisions and maintain runbooks/operational docs.
Nice to Have
● Cilium, Istio, Gateway API, Kyverno.
● External Secrets Operator, IRSA, OIDC to AWS.
● GitLab CI catalog components or reusable pipeline templates.
● OpenTelemetry, VictoriaMetrics/Prometheus, Loki, OpenSearch, Grafana.
● Supply chain security: Cosign, SLSA, SBOM, Trivy, SonarQube.
● Teleport, PAM, VPN-first/private infrastructure access.
● Runtime security tools: Falco, Tetragon.
● Bare-metal, k3s, Ansible.
● Confidential Computing: Intel TDX, AMD SEV-SNP, Kata Containers.
● Fintech, crypto, regulated, or security-sensitive domain experience.
Soft Skills
● Ownership mindset: drive tasks to completion and think about reliability and maintainability after release.
● Clear communication with backend, frontend, security, product, and compliance teams.
● Pragmatic engineering approach: choose simple, maintainable solutions and avoid unnecessary infrastructure complexity.
● Security-first mindset: consider least privilege, failure modes, auditability, and production access risks.
● Comfort with ambiguity and fast iteration without losing engineering discipline.
