Security AWS DevOps Engineer

KUNA
KUNA is a leading crypto banking platform encompassing KUNA Pay KUNAio and KUNA Core.

KUNA Pay
KUNA Pay offers businesses a crypto banking solution. KUNA Pay opens the door to exploring new revenue channels or enhancing existing operations through straightforward crossborder transactions.
European businesses benefit from KUNA Pays ability to create crypto bank accounts enabling them to accept crypto payments as a B2B provider and settle in Euros directly into bank accounts bypassing direct crypto involvement.

KUNAio
Launched by fintech innovator Michael Chobanyan in 2015 KUNAio marked Ukraines entry into the public cryptocurrency exchange arena. The platform facilitates the exchange of fiat currency for cryptocurrencies and vice versa. It not only trades its own token KUN but also supports a wide array of major cryptocurrencies allowing for trading through a dedicated mobile app.
KUNAio is currently undergoing transformation and branching out into new European and EEA markets driving improvements in user interface and functionality to better accommodate EU users. We are committed to offering a more regulated suite of investment products including purchase storage sale and transfer services under a VASP license in Lithuania.

KUNA Core
KUNA Core is a tool that allows businesses to implement a readymade solution for simple and understandable interaction with Blockchain. KUNA Core project is to enable project partners to carry out a wide range of the crypto services.

Tasks

Ensure the availability performance scalability and security of production systems;
Identify automation opportunities to improve operations;
Review architecture and offer recommendations for improvements;
System troubleshooting and problem solving across multiple platforms (dev/test/prod);
Embrace continuous integration and continuous delivery (CI/CD) processes;
Evaluate new technology options and vendor products;
Conduct regular Vulnerability Assessments and Penetration Tests. Support External/Internal Audits and security assessment requests. Help remediate the findings and implement improvement measures.
Design implement support and evaluate securityfocused tools into our CI/CD pipeline including AST tool oversight.
Manage the security bug backlog with development teams.
Assist in developing an automated security framework for robust deployment tools and processes leveraging various scripting languages and opensource solutions.
Plays a critical role in providing technical support for daytoday security operations security tool integration automation support change management and business continuity program.
Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new policies and Standard Operation Procedures as necessary.
Design engineer operationalize and maintain the secure systems which support continuous deployment/integration solutions with strong focus towards innovation.
Analyze software design documents from a security standpoint and perform threat assessment for the developed cloudnative platform.
Identify integrate monitor and improve security controls by understanding business processes.
Implement secure software development measures into CI/CD pipelines in collaboration with development teams.
Implementation of solution for monitoring the health of various applications and security appliances.
Development of alerting infrastructure based on critical system resources to ensure a near zero downtime.
Scheduled maintenance activities to keep the infrastructure components robust with latest patches and updated versions of software running in the infrastructure stack.
Evaluate select implement and maintain security tools infrastructure and automation.
Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk.
Additional other duties and responsibilities as assigned.

Requirements

You must have exceptional interpersonal and communications skills (written and verbal) to effectively communicate and collaborate with a broad range of groups and individuals;
Must be disciplined and processoriented;
Must be highly organized and capable of providing appropriate technical support/leadership while requiring minimal daytoday guidance;
Possess superior problemsolving skills for a complex computing environments being able to assemble a team as needed to identify issues root causes and solutions;
Able to communicate difficult technical concepts clearly to a variety of individuals of varying technical expertise and understanding;
Great communication skills great work ethic willing to work extra hours / off hours asnecessary;
Great sense of urgency and ability to react to changing requirements;
Team player;
Comfortable with iterative (Agile Scrum/Kanban) development.

Education and Experience:
Minimum 3 years of experience in DevOps or provisioning environments deploying applications and maintaining infrastructures;
Minimum 5 years of experience in an IT Environment;
Strong Linux experience including a general Linux server hardening processes and security;
Specialist with a DevOps mindset and 4 years of handson experience in AWS (ALB ASG EC2 S3 VPC IAM EKS ECS RDS);
3 years experience with infrastructureascodeTerraform Packer;
4 years experience with Docker and Kubernetes;
23 years experience using monitoring tools such as Prometheus Kibana Grafana;
Experienced in tooling and working on multiregion multiaccount deployments;
An expert in Bash or Python scripts (extra points for software engineering background);
Competent in containerized environments utilizing Kubernetes implementation or the managed ones like EKS or ECS (extra points for Helm ArgoCD Kubernetes Networking & Service Meshes Istio);
Knowledgeable of Cloud Networking & Security (WAF DNS Subnets VPCs VPNs IAM Roles Security Groups);
12 years experience using Cloudflare Cloudfront;
Wellversed with CI/CD tools ( Gitlab CI/CD Github Actions);
Experience working with AST (Application Security Testing) tools and their integration into the CI/CD pipeline;
Experience of VM patch management and related information security functions (authentication encryption iptables SSL Ciphers etc);
Understanding of SIEM technologies and experience with SIEM tools;
CCNA or equivalent network administration experience

Bonus:
Some coding knowledge is a bonus but overall understanding of coding practices is required;
SecOps approaches will be plus;
Experience with Atlassian tools like Jira and Confluence.
AWS certification
Professional certifications related to cybersecurity

Benefits

We have a socially significant project and we want to solve universal problems with payments;
We are ready to give you all the knowledge and training you need and we are open to applying your knowledge and experience to succeed;
Medical insurance policy upon successful completion of the adaptation period;
Flexible hours;
Brandnew equipment;
Office in Warsaw.

We are looking forward to hearing from you :))