DevSecOps Engineer

We are a Polish branch of a fast-growing InsurTech product company from Silicon Valley - Hippo Insurance. Our mission is to revolutionize home insurance in the US, starting from IoT monitoring devices to our industry-leading software. 
How do we want to get there? We need a top-notch talent, just like you! 
Putting a lot of effort into hiring top-tier professionals is a proof that we care a lot about tech experience, the attitude, human approach, and what we could call „culture fit”.
„SwingDev is all about people” - yes, it may sound a bit cliche. But whether we're writing code or just hanging out, we know that people are at the heart of everything we do. We like to have a good time and keep things light, even when we're tackling big projects. We could brag about what’s making us special, but we’ve boiled it down to two key ingredients: mature, companionable people who, rather than compete, prefer to inspire and have each other’s backs; a culture of trust, empathy, and positivity that keeps us together, lets us interact as teammates and friends, and truly enjoy the ride.
So if you're a DevOps Engineer with a knack for security and looking to shake things up while having a good time, you've come to the right place. 🚀

About the role:
At Hippo, we're tackling complex challenges in engineering, data, and operations that are transforming an outdated insurance industry. As a DevSecOps Engineer, you'll play a key role in expanding our suite of products, supporting both mature offerings and new MVPs. In this role, you’ll use your understanding of cybersecurity and risk management to drive security projects from concept to completion. You’ll collaborate with stakeholders to create effective security designs and protocols while securing microservices and monitoring for threats.
If you’re passionate about crafting clear security designs and protocols, driving security projects from start to finish, securing microservices, and identifying vulnerabilities in distributed systems while analyzing logs and security signals, we’d love to hear from you!

What will you do?

• In this role, you’ll collaborate closely with various stakeholders, including Security Engineers, Engineering Managers, and developers to create effective security designs and protocols while securing microservices and monitoring threats. That’s why this position requires not just strong technical skills, but also great communication abilities, a knack for mentoring, and knowledge-sharing.  
• You’ll be responsible for building a world-class, scalable, and resilient security infrastructure that keeps the Hippo platform safe and sound. 
• You’ll boost developer productivity by integrating security tools and processes into our CI/CD pipelines, as well as monitoring systems and cloud environments to ensure everything runs smoothly. 
• You’ll be using Golang, Python, and other scripting languages like Bash on a daily basis to automate security operations, build secure APIs, and develop serverless security functions.
• You’ll get to work with various cloud providers, databases, open-source tools like Terraform, Kubernetes, and Docker, and a range of security tools like CSPM, DSPM, WAF, ZTN, DAST, SAST, Vault, and more, giving you a chance to explore and enhance our security setup. 
• You’ll be the advocate for a security-first mindset within the DevOps team and across the organization, promoting awareness and best practices related to infrastructure security. 
• You'll be able to put your mark on the project, and you will take ownership and responsibility for what you do. This isn’t a “just keep the lights on” role — you’ll shape how things are done from the ground up. 
• You’ll work closely with other Senior DevOps Engineers, sharing responsibility for on-call rotations and keeping the platform healthy. 

We might be a match if you…

• Have 3+ years of hands-on DevOps experience and security is an area that you understand, have skills in and are passionate about. 
• Are skilled in Golang or Python.
• Have hands-on experience with tools like AWS, Kubernetes, Terraform, Docker, and modern CI/CD systems. 
• Understand AWS VPC or GCP networking, including key concepts like network separation, security groups, and ACLs. 
• Have worked with security frameworks such as OWASP, NIST, or SANS and know your way around Intrusion Detection and Prevention Systems (IDPS). 
• Have experience securing CDN configurations and can integrate them into a broader security strategy. 
• Can recognize and defend against common CDN attack vectors like DDoS attacks, cache poisoning, and content hijacking. 
• Know about authentication protocols like SAML, OIDC, OAuth or similar. 
• Are comfortable working with security logging and metrics systems to keep things running smoothly. 
• Enjoy working in a small, focused, and highly efficient team. 
• Have a great command of English (written & spoken).  
• Are available in the afternoons – you'll join a Polish-American team, so you can expect afternoon meetings. Rest assured, we prioritize work-life fit, respect everyone's private lives, and don’t work at night but we still must ensure that communication between the time zones is effective.

You will get extra points for:
• Relevant Certifications (CCSP, CSSLP, AWS certifications, etc.)
• Experience with SOX 404(b), SOC2. 

Recruitment process:

• Send us your CV – it's the best way for us to get to know you.
• Meet Gabi, one of our Recruiters.
• Join Paweł, our Sr. DevOps Engineer, for a 60-minute technical interview.
• Have a conversation with Eli (Sr. Manager, DevOps & SRE) and Shaun (Sr. Manager, Cybersecurity).
• Catch-up with Tomek (Security & Technology Director).
• Meet on the final stage with Marcin and Alicja.
• and... welcome aboard! 👋

What benefits are waiting for you?
Salary23.000 – 26.000 PLN + VAT on B2B or equivalent on the contract of employment
Basics 📝 Form of employment of your choosing🌎 Remote work & flexible working hours 🤒 Paid sick leave🏖️ Paid holidays
Health & Safety💊 Private medical care with dentists & orthodontists package for you and your family ❤️ Group life insurance🧘 Psychotherapists support — free online sessions with psychologists and psychotherapists.🤸 Home physiotherapy🏅 Multisport card & meditation apps reimbursed 50%
Working conditions & Development💻 Gear with Apple Logo and monitor🌱 50% reimbursement for courses, conferences, books & certificates🇺🇸 Free access to private language lessons🐕 6 Personal Development Days & 4 Voluntary Days Off 
Extras you may like🎫 Cafeteria platform — extra “stówka”every month to spend on whatever you want to🧒 Nanny services for parents 📦 Concierge services – a personal assistant to help you to deal with your everyday matters🎮 Chill room with table football & PlayStation 5🍦 Free snacks, and ice cream in the office (every day, all year round!)🍱 Free Friday Lunch in the office🎉 Team building events — we party together several times a year during the annual Offsite & Christmas Parties, beer after work, or our #WinterEscapeMonth workation in Cyprus