Senior DevSecOps Engineer

The Engineering team builds the software powering Veriff. We are dedicated to securing and optimizing our infrastructure to ensure we protect user data and provide a seamless experience for everyone. In a fast-paced environment, we need new talent to help us stay ahead, bring fresh perspectives, and implement scalable, secure solutions that keep Veriff on the cutting edge.

Our DevOps team is the backbone of our security and operational infrastructure. We focus on building and maintaining secure, optimized, and scalable network systems within AWS. We work closely with other cross-functional teams to align our strategies with the company's security goals and best practices. The team is dynamic, agile, and data-driven, constantly enhancing the reliability, security, and performance of Veriff’s network infrastructure.

As a Senior DevSecOps Engineer, we expect you to have strong expertise in network security and infrastructure optimization. Your technical proficiency will guide and mentor others, ensuring we’re leveraging the best technologies, managing risks effectively, and optimizing our costs. You will be at the forefront of shaping and securing Veriff’s network architecture, driving security practices across the organization, and maintaining a proactive stance on system observability and threat management.

You’ll help us protect honest people online by:

• Enhancing Network Infrastructure on AWS: Continuously improving and optimizing network architecture within AWS, ensuring scalability, performance, and security across all systems.
• Managing Firewall & Security Groups: Implementing and managing AWS security groups, NACLs, and firewalls to safeguard the network from external and internal threats.
• Elevating Kubernetes Network Security: Strengthening the security of Kubernetes networking, focusing on pod-to-pod communication, ingress/egress traffic control, and service-level security.
• Leveraging Istio for Network Mesh Security: Implementing and managing Istio within AWS, ensuring secure service-to-service communication, including mutual TLS, authentication, and authorization policies.
• Network Threat Detection: Monitoring and analyzing network traffic on AWS for potential threats using tools like GuardDuty, VPC Flow Logs, and CloudWatch.
• Ensuring Compliance & Best Practices: Aligning AWS network security configurations with industry standards and regulatory compliance frameworks (e.g., SOC 2, GDPR, AWS Well-Architected Framework).
• Driving Proactive Vulnerability Management: Automating security testing in the CI/CD pipeline using tools like AWS Inspector, proactively addressing vulnerabilities early.
• Optimizing Network Performance: Applying your expertise to optimize network data flow, improve performance, and reduce latency across cloud and on-prem systems.
• Collaborating Across Teams: Working closely with InfoSec, DevOps, and other teams to ensure our network infrastructure is secure, optimized, and aligned with the broader business goals.

You are the right future Veriffian for the job if you have:

• Strong expertise in networking and infrastructure optimization, especially within AWS environments.
• Proficiency in firewall management and securing cloud networks using AWS security groups, NACLs, and other best practices.
• Experience with Kubernetes network security, ensuring secure pod-to-pod communication, ingress/egress traffic control, and service-level security.
• Deep knowledge of service mesh technologies, particularly Istio, including mutual TLS, traffic management, and security policies.
• Hands-on experience with AWS GuardDuty and WAF, optimizing and securing these tools for threat detection and response.
• Advanced knowledge of cloud security best practices, including frameworks like the AWS Well-Architected Framework, CIS Benchmarks, and regulatory standards such as SOC 2, GDPR, and PCI-DSS.
• Experience with observability and monitoring tools, including Prometheus, Grafana, AWS CloudWatch, and VPC Flow Logs, to monitor and optimize network performance.
• Strong communication skills, with the ability to collaborate with cross-functional teams and influence decision-making.
• A passion for proactive security and performance optimization, always looking for ways to enhance reliability, reduce risk, and improve user experience.

You’re an especially awesome match if you have:

• Experience with other service meshes beyond Istio, such as Linkerd or Consul.
• Security certifications, such as AWS Certified Security Specialty, CISSP, or CISM.
• Experience with DevSecOps tooling and practices to automate security into the development lifecycle.

 

This role will be 100% on-site in our brand-new office opening soon.

Why Veriff?   We are the preferred identity verification platform partner for the world’s most innovative growth-driven organizations helping conveniently verify and safeguard users anywhere in the world. We support the broadest number of identity documents from nearly every country and territory in the world - and this is continually increasing! With a diverse team and offices in the United States, United Kingdom, Spain, and Estonia, as well as robust backing and funding from investors including Accel, Alkeon, IVP, Tiger Capital, and Y Combinator, we’re dedicated to helping businesses and individuals build a safer and more secure world. We strive to be the benchmark for trust online, and we take pride in being a positive force.    When you join Team Veriff, we offer you the opportunity to have a real impact and advance your career, while looking after you along the way with a range of benefits designed with you in mind. Some of our favorites include...

• Stock options that ensure your share in our success
• Extra recharge days on top of your annual vacation
• Medical insurance to ensure you’re feeling great physically and mentally
• Learning and Development & Health and Sports budget that you are free to tailor to your own needs
• Four weeks of fully paid sabbatical leave after reaching your 5th work anniversary

 

We are an Equal Opportunities employer committed to a diverse and representative team. Different opinions, perspectives and personalities push us forward. We want to hear from people who are passionate about their work and align with our values. Regardless of race, religion, color, national origin, gender, sexual orientation, age, marital status or disability. We also know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates - so rest assured, whoever you are, we want to hear from you!    Please be informed that in the final stage of the recruitment process we may request you to go through identity verification. For more information, please see Recruitment Privacy Policy.   #LI-LP1 #BR