DevSecOps at TrueLayer
TrueLayer’s DevSecOps Engineering team are critical to ensuring the security of our infrastructure and systems; they are an integral part of our mission to provide secure, reliable banking APIs that are powering the new era of financial innovation.
As the subject matter expert in our team, you will be an authority on identifying, minimizing and remediating vulnerabilities in our infrastructure, and will deliver security infrastructure that aligns with our ambitious business strategy.
Who we are:
At TrueLayer, we build universal APIs that allow companies to access the financial data of their customers, securely and efficiently.
Headquartered in London, we’re a small team of talented, creative problem-solvers who are working hard to build the most innovative financial technology possible. To date, we’ve raised $12.5M from investors including Northzone, Anthemis, and Connect Ventures.
And, we’re just getting started.
What you will do:
- Work closely with stakeholders across the business to drive the adoption of security best practices;
- Safeguard our AWS and Kubernetes infrastructure and CI/CD pipelines, and ensure our applications are consistently built with security in mind;
- Work closely with Compliance Operations to ensure any technical control requirements are in place and functional;
- Co-ordinate and manage all aspects of penetration testing projects;
- Implement frameworks to identify and remediate security vulnerabilities with efficiency and thoroughness;
- Conduct regular architecture and application reviews and employ industry best practices across our platform.
We’re looking for people who:
- Have a minimum of 2 years of engineering experience, with a focus on security;
- Are thoroughly proficient with at least one scripting language, and one object-oriented programming language;
- Have demonstrable experience working with AWS, Docker and Kubernetes;
- Can show a good understanding of the most common vulnerabilities;
- Are self-starters, and can tackle critical projects with minimal supervision;
- Can demonstrate exceptional communication skills, with a talent for conveying highly technical security concepts to colleagues of technical and non-technical backgrounds;
- Thrive in environments where big-picture thinking is coupled with consistent execution;
- Are thoroughly passionate about championing security best practices in a fast-growing, ambitious startup.
Nice to have:
- Specific experience working in a highly regulated industry - ideally banking, FinTech or insurance;
- Previous experience in a high-growth startup.
What you need to send to us:
- A CV/Linkedin profile;
- A paragraph or two about a time something went wrong - how was the issue identified, prioritized and remediated? What lessons did you learn that will stick with you for the rest of your career?
We look forward to hearing from you!
Please note, we don’t accept applications from recruitment agencies. Thank you!