Isn’t it weird how much good old centralised tech it takes to deliver a new decentralised one? CI runners in Kubernetes clusters, release repos in cloud storages, a whole bunch of sophisticated tooling interacting with 400+ Github repos and several dozen of bare metal servers for needs like benchmarking. And to make things even funnier, we’re a principled FOSS shop, so even some of our infrastructure and tooling repos are available to the public eye.
Now, we have an amazing Infrastructure Engineering team we couldn’t be happier with — not only do they manage to keep all that up with sometimes unreasonable uptimes, but also have enough capacity to stay up to date with our tech, practices and approaches.
But at a certain scale of engineering, keeping a holistic security picture in mind and acting on it becomes a full-time job. And this is where you’re coming in.
Key functions and responsibilities
- Advising Infra Engineering on security topics and supervising their work (and infrastructure-as-a-code codebases) from the security standpoint — maintaining things practical using some form of a risk-based approach.
- Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests.
- Picking tools, methods and approaches to maintain and improve the security stance of the company. (And we have a strong preference towards FOSS tooling when possible)
- Writing company-wide security standards and guidelines, as well as tools to enforce those.
- Partnering other team members on all matters related to security and infrastructure engineering.
Tech you’d be working with
- Linux and Linux-based tech stack (SSH, VPNs, firewalls, IDS/IPS)
- Kubernetes, Terraform, Ansible
- Gitlab, Gitlab CI, ArgoCD
- Hashicorp Vault
- Amazon Web Services, Google Cloud, baremetal hostings
- Prometheus, Grafana, Loki
- And of course blockchain tech and associated tooling (wallets, keys, RPC nodes and indexers etc.)
Not a perfect match to our requirements? We're happy to receive your application anyways and hear how you think you can help us achieve our mission.