Devsecops Engineer - Barcelona, España - Adaptive Financial Consulting

Descripción

We are:

We are Adaptive, where you'll use the latest technology to design, build and operate bespoke, real-time, front-to-back solutions for tier-one investment banks and commodity trading firms financial clients using the latest technology, in flat teams where innovation and collaboration are the backbones of our success.

Adaptive has a growing number of projects using the Hydra trading platform in multiple locations (London, Barcelona, Montreal, Manila and New York).

Hydra is a framework built on top of Aeron messaging for building low-latency systems such as exchanges or workflow engines.

We are looking for a DevSecOps Engineer to be the first in our security-focused team and participate in the implementation and continuous improvement of security best practices across the entire organization's back-office and front-office divisions (Consulting, Operate and Product).

You will advocate good security practices and implement innovative security solutions that embrace our company culture and core values.

It will be crucial in your role to stay ahead of the curve and leverage emerging technologies and techniques to drive innovation.

Innovation is not just about technology, it's also about finding new ways to solve problems, improve processes, and deliver value to the Adaptive organization and to our customers.

You are:

• Passionate about security
• A team player and good coordinator
• An excellent communicator, able to communicate in the technical domain to colleagues at all levels
• An excellent troubleshooter

You have:

• Significant professional and practical experience implementing secure software development processes and systems for products and infrastructure
• Experience with vulnerability scanning tools (DAST, SAST, SCA)
• Handson experience with CI/CD tools (Jenkins, CircleCI, GH Actions or Gitlab CICD).
• Handson experience with public cloud platforms (AWS, GCP).
• Familiarity with secure Software Development Lifecycle (SDLC) practices and tools.
• Familiarity with orchestration systems (Kubernetes).
• Proficiency in scripting languages (Python, Shell or other).
• Experience with security frameworks (ISO 27001, NIST).
• Networking & Firewall device skills
• Zero Trust implementation
• Knowledge of Intrusion Detection or Prevention Systems (IDS/IPS) and Security Information and Event Management (SIEM) tools.

Ideally, you might have experience in:

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is a plus but not a hard requirement
• Physical infrastructure

You will:


Use your skills to:

• Help develop, implement, and maintain a secure software supply chain.
• Help develop and implement automated security testing in the CI/CD pipeline.
• Collaborate with development and SRE teams to ensure secure coding practices are adhered to.
• Establish and enforce security standards and best practices.
• Develop and maintain incident response plans (more specifically for our platform vulnerabilities).
• Stay current with the latest vulnerabilities, attacks, and countermeasures.
• Conduct regular security audits and provide improvement recommendations.
• If possible:
• Conduct regular threat modelling and risk assessments.

Why us:

• To be immersed in highstandard engineering culture.
• Our fantastic team takes pride in crafting complex technical solutions but also loves sharing their knowledge and helping you grow professionally (we have extraordinary minds at Adaptive, some of us worked at NASA too).
• You can learn from anyone here, which is the beauty of it.
• To take part in the growth and development of a great company.
• Our teams feel free to speak up, make suggestions and raise concerns.
• Collaborative team environment: we all work together, respect each other, and pitch in
• Great consideration for work/life balance (highly flexible, hybrid working model, wellbeing benefits...) Highly flexible working model. The balance between professional and personal life is massively important to us.
• We work hard to have a positive and collaborative culture and to positively impact our staff and local communities through different wellbeing, diversity and inclusion programmes.

***:
WHAT DO PEOPLE THINK OF US
You can check our _Glassdoor_ page


Benefits (What we offer in return // what you'll get )
We create benefits with YOU in mind.

• 23 days holiday + 2 extra days for Volunteering
• Private health insurance
• Pension plan scheme
• Ticket Restaurant (added to the salary)
• Option for Ticket Transport and/or kindergarten (flexible salary)
• Quarter budget for Wellbeing
• Language classes (English and Spanish)

The Hiring Process:

Long interview processes are stressful and boring and that is not us. We want to make sure that everything runs smoothly.

So here you will have three stage interviews:1) A chat with one of our Talent Acquisition Specialists.

2) A technical assesment inter