DevSecOps

What You'll Do

We're looking for a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features.

Responsibilities

• Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
• Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.
• Perform vulnerability assessments and security code reviews to identify and address security vulnerabilities and risks.
• Implement and manage security tools and technologies such as SCA, SAST, IaC, etc. 
• Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
• Stay updated with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
• Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.
• Evaluate blockchain protocol repositories for in-depth security and resiliency analysis reporting. 
• Use market data analysis to identify risk vectors for various crypto assets. 
• Understand complex protocol governance structures to prepare concise reporting for executive consumption and decision-making. 
• Analyze crypto asset data across various sectors to provide recommendations for the organization based on variable risk tolerances and use cases. 
• Take part in various tasks related to custody operations. 

Required Skills

• Bachelor's degree or equivalent experience
• Proven experience in software development, DevSecOps, or a related role
• Strong knowledge of software development methodologies, tools, and frameworks
• In-depth understanding of security principles, best practices, and industry standards (e.g., OWASP, NIST, ISO 27001)
• Experience with DevOps and CI/CD practices, including GitLab/GitHub and ArgoCD tools
• Familiarity with cloud platforms (e.g., AWS, Azure, GCP, and associated security controls
• Proficiency in scripting and programming languages (e.g., Python, NodeJS, C)
• Strong problem-solving and analytical skills, with the ability to identify and mitigate security risks
• Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams
• Relevant certifications (e.g., Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)) are a plus
• Understanding technical documents and blockchain protocols
• Strong analytical skills

Nice-to-Have 

• Bachelor's degree in Computer Science, Information Security, or a related field
• Crypto enthusiasm

For employees hired to work from our NYC HQ, Fireblocks is required by law to include a reasonable estimate of the compensation range for this role. This range is specific to New York City, and takes into consideration a wide range of factors that are reviewed when making a hiring decision, such as years of experience, skills, and other business needs.

It is not typical for a candidate to be hired at or near the top of the pay range and each compensation decision is dependent on each individual case. A reasonable base salary range estimate for this position is $168,000 to $221,000. The base salary is one component of the total compensation package, which for some roles may include a target bonus, a very competitive equity grant, and very generous benefits. While we believe competitive compensation is a critical aspect of you deciding to join us, we do hope you also spend time considering why our mission and culture are right for you. We are creating something transformational here, and we hope you are as excited about the future as we are.