DevSecOps

Qredo is a decentralized digital asset management infrastructure and product suite designed to unlock new opportunities for institutional investors in digital assets and decentralized finance. Qredo's Layer 2 blockchain protocol enables users to seamlessly transfer and settle BTC, ETH, and ERC-20 tokens. Assets are secured by Qredo’s advanced Gen 2.0 multi-party computation (MPC), which provides tier-1 bank security and institutional-grade governance. At Qredo we are developing state of the art cryptographic services to solve the problem of private key management in Tier 1 blockchains. Specifically, we are using Multi-Party Computation Threshold signature scheme (MPC-TSS) for ECDSA and EdDSA to run a distributed, highly available network of signing nodes. *** This is a remote opportunity. We welcome candidates around Europe to apply! ***

Responsibilities

• Working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organisation
• Coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc)
• Review and analyse vulnerability data to identify security risks to the organisation's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives
• Prepare security vulnerability and risk management reports for management
• Configure, implement and leverage computer security and networking diagnostic/monitoring tools
• Work with APIs and Plugins to integrate security tools into established CI/CD pipelines
• Implement secure automation solutions for all environments
• Provide deployment capability to deliver products to point of need, including multiple cloud-based solutions
• Incorporate best practices to increase the quality & velocity of deployments
• Implement security best practices and configuration management
• Increase system performance with a focus on high availability and scalability
• Employ infrastructure as code paradigm to increase automation, scalability, and reliability
• Perform technology watch related to industry trends, best practices, and competition

Requirements

• Bachelor's Degree in Computer Science, Information Technology or any other related field
• Developed CI/CD solution preferably using Gitlab
• Experience with Docker, Kubernetes, HSM's, Terraform and Ansible
• Scripting experience in Bash and Python
• Able to work under pressure in event of a production failure issues
• Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
• Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
• Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)

Qredo offers

• Flexibility to work from anywhere and possibility for international transfer
• Assistance with home office setup as well as offsite team building allowance
• Culturally diverse work environment (we speak 33 languages!)
• Great career development opportunities in a growing company
• Competitive compensation and benefits package within the industry