DevSecOps Engineer

Role Overview

Isn’t it weird how much good old centralised tech it takes to deliver a new decentralised one? CI runners in Kubernetes clusters, release repos in cloud storages, a whole bunch of sophisticated tooling interacting with 400+ Github repos and several dozen of bare metal servers for needs like benchmarking. And to make things even funnier, we’re a principled FOSS shop, so even some of our infrastructure and tooling repos are available to the public eye.

Now, we have an amazing Infrastructure Engineering team we couldn’t be happier with — not only do they manage to keep all that up with sometimes unreasonable uptimes, but also have enough capacity to stay up to date with our tech, practices and approaches.

But at a certain scale of engineering, keeping a holistic security picture in mind and acting on it becomes a full-time job. And this is where you’re coming in.

Responsibilities

• Advising Infra Engineering on security topics and supervising their work (and infrastructure-as-a-code codebases) from the security standpoint — maintaining things practical using some form of a risk-based approach
• Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests
• Picking tools, methods and approaches to maintain and improve the security stance of the company. (And we have a strong preference towards FOSS tooling when possible)
• Writing company-wide security standards and guidelines, as well as tools to enforce those
• Partnering other team members on all matters related to security and infrastructure engineering

Tech Stack

• Linux and Linux-based tech stack (SSH, VPNs, firewalls, IDS/IPS)
• Kubernetes, Terraform, Ansible
• Gitlab, Gitlab CI, ArgoCD
• Hashicorp Vault
• Amazon Web Services, Google Cloud, baremetal hostings
• Prometheus, Grafana, Loki
• And of course blockchain tech and associated tooling (wallets, keys, RPC nodes and indexers etc.)

Culture & Perks

• Competitive remuneration packages, including tokens (where legally possible), based on iterative market research
• Remote-first, global working environment with flexible hours
• Collaborative, fast-paced, and self-initiating culture, designed to mimic an open source workflow
• Energising and collaborative team and company retreats all over the world
• Opportunity to learn more about Web3 while on the job, with access to some of the brightest minds in this space; we have plenty of educational initiatives such as internal sessions, all-hands, AMAs, hackathons, etc.
• Teammates who are genuinely excited about their job, impact, and Parity’s mission
• Opportunity to relocate to Germany or Portugal

For those joining us as employees in Germany, Portugal, or the U.K.:

• 28 paid vacation days per year
• Work laptop (macOS or Linux-based) and equipment to enable you to work successfully
• £2,500 yearly learning and development budget for conferences or courses of your choice

About Us

As stewards of the Polkadot and Substrate ecosystem, Parity is laying the foundation for a better web which respects the freedom and data of individuals and empowers developers to create better services through decentralised technology. The internet is too important to billions of people for it to be at the mercy of a few powerful companies. 

Like Polkadot, Parity was built on a foundation of being decentralised and open, which trickles down to how we work. We’re a distributed organisation and have been from the beginning. Being distributed isn’t just a way of doing business—it’s a mentality that is at the core of our culture. We have a flat structure that pushes power to the edges and empowers our people to take ownership of their role, authority coupled with responsibilities.