Experteer Overview
¿Está considerando presentar su candidatura para este trabajo? Compruebe todos los detalles en esta descripción del puesto y luego haga clic en "Solicitar".
In this role you will strengthen the security, reliability, and compliance of ThetaRay’s cloud-native AML platform. You will join a global engineering team and work closely with cross-functional groups to embed security across the software lifecycle. You will tackle vulnerability management, secure CI/CD practices, and Kubernetes hardening to enable scalable, compliant fintech defense. This is a hands-on role at a Madrid R&D hub, offering impact through secure, end-to-end platform improvements. You drive security initiatives in a collaborative, global environment.
Compensaciones / Beneficios
• Identify and remediate security vulnerabilities across containers, dependencies, and infrastructure
• Fix vulnerabilities in CI/CD pipelines, container images, Kubernetes workloads, and cloud infrastructure
• Support and secure Kubernetes environments (AKS preferred; OpenShift a plus)
• Implement and maintain security controls for container security, image scanning, runtime security, and Kubernetes hardening
• Leverage SAST and code analysis to remediate security risks in code
• Use CSPM tools to detect and fix cloud misconfigurations
• Automate security, compliance, and operational tasks with Bash and scripting
• Enforce secure software delivery with CI/CD security gates, scans, and compliance checks
• Collaborate with global teams across time zones on security initiatives and incident response
• Promote DevSecOps practices and integrate security into the SDLC
Responsabilidades
• Proven DevSecOps/DevOps security-focused experience
• Hands-on CVE handling, vulnerability remediation, patching, and risk prioritization
• Strong Kubernetes xqbhyrx experience (AKS; OpenShift a strong advantage)
• Solid Linux systems expertise (troubleshooting, hardening, packaging, permissions, networking, logs)
• Proficiency with Bash scripting
• Experience with SAST tools (e.g., SonarQube, Checkmarx, Veracode, Snyk Code, Semgrep)
• Experience with CSPM tools (e.g., Prisma Cloud, Wiz, Defender for Cloud, Orca, Lacework)
• Familiarity with container security tooling (image scanning, secrets, policies)
• Ability to collaborate with global teams and communicate in English
Requisitos principales
•