Skip to content

DevSecOps Engineer (f/m/x)

RemoteGermany, Berlin, BerlinTech - Infrastructure

Job description

About 🍋

We're on a mission to open 100 million brokerage accounts within the next ten years. Providing tech companies with the infrastructure to launch stock trading in Europe. To do so we are building a brokerage API beloved by the developer community.

Over the last 12 months, we focused on bringing the first version of the API to the market. Thousands of developers signed up and hundreds started to build their individual use cases with us. This resulted in 80+ inquiries from companies to launch their own stock trading UI with With 15 million of fresh funding, we are now taking the next steps towards our mission: Building out our capabilities to allow companies to offer stock trading to their customers.

We have experienced first hand that brokerage infrastructure is broken. It’s a messy and complex problem that will take time to solve. But that’s exactly what we enjoy. Going to places nobody else dares and shielding our customers from the biggest pain. This not only creates tons of value when done right, but attracts the smartest minds - because we belief outlier companies are built by exceptional people like you.

Your mission:

As a DevSecOps Engineer, you will lead the design, guidance and automation of our cloud infrastructure security, with robust, secure and scalable solutions. You’ll develop proactively strategies and solutions to ensure security is at the heart of everything we do here at

This means: you will expand and improve our existing Trading API Product to become the leading trading API for developers. The next step is offering a brokerage service to companies. You will have an important role in building our brokerage API offering that allows companies to easily embed brokerage services into their existing products.

Job requirements

Who you are:

  • You have proven experience with AWS infrastructure and services and you know your way around AWS security services, such as: VPC, Security Groups, Control Tower or CloudTrail.
  • You are keen to dive deeper into AWS ecosystem and cloud technologies.
  • You have experience with K8s and securing K8s applying security network policies, admission controllers, open policy agent or service mesh.
  • You are well experienced with DevOps best practices, CI/CD pipelines, GitHub and understanding of how to embed security controls in their life cycle.
  • You know how to identify security tools and lead the implementation of solutions from PoC to Production (e.g. Pipeline integrity, API Threat Protection, Container Security, Cloud security etc.)
  • You are well versed with IaC and CM tools such as Terraform and Helm chart.
  • You have gained hands-on experience as a DevSecOps engineer with extensive knowledge in network security, including Firewalls/WAF, PKI, IDP, RBAC.
  • You have a solid understanding of and experience with vulnerability assessments, application penetration testing, and a solid understanding of network and web protocols.
  • It’s a plus to hold any Security Certifications such as: GSEC, CISSP, CCSP, CCSK, CISM, GCUX or SAST.

You will be successful if:

  • Security is everything to you. We operate in a highly regulated environment and therefore having worked prior in a Fintech or Financial Service provider (Bank, Insurance or Brokerage) or within the Cyber Security industry would be preferred.
  • You enjoy building from scratch. This means high involvement in the product development process itself while advocating for the highest security standards. It also means that you enjoy taking technical decisions.
  • You have a bias for action over discussion. To avoid getting stuck in discussion, you collect new feedback, try out a different approach or gather data with a proof of concept because you trust the process.
  • You are ready and willing to take ownership of problems and act on them with no supervision and decisively.
  • You have a collaborative mindset. Working together as a team and sharing knowledge comes natural to you. Long term - you consider becoming a team lead.
  • You have no problem with learning new technologies on the go. You try to solve problems with more things than the ones you already know. We will always enable you with that, but your willingness has to come first.
  • You understand what working in a startup or a similar lean organization is like. Working in an early-stage startup can be somehow frightened, overwhelming and amazing at the same time.


"hours": 40, // -- Default: 40hrs; Min: 20hrs; Max: 40hrs
"holidays": 25, // -- Default: 25d; Min: 20d; Max: 30d
    "salary": "?", // -- Min: 50K; Max: 120K
    "shares": "?", // -- Mandatory
"clothing": { "hoodie": 1, "t-shirt": 1, "pair-socks": 2 },
"equipment": { "laptop": ?, "screen": ?, ...},
    "location": "remote", // -- Options: remote | Berlin



  • meetings_per_week:

min : 1 


description: fewer meetings than in your last job

  • chaos: 



description: manageable amount of chaos

  • mistakes: 

frequency: every_now_and_then

description: to remember that we are all human

  • offsite: 

frequency: quarterly 

description: optional to generate lasting memories with the team

As an equal opportunity employer, is committed to building an inclusive workplace. The company welcomes people from all different backgrounds, including age, citizenship, ethnic and racial origins, gender identities, individuals with disabilities, marital status, religions and ideologies, and sexual orientations to apply.

About the process:

Hiring can be an exhausting process, especially when you're the one trying to get hired. Therefore, we try to make this a fast and transparent process. Additionally, you will always have one contact person guiding you through the process and helping you to schedule meetings, and setting you up on a path of success.

Your process will look like this:
1. Get to know each other | 30 minutes
2. Technical chat with a member of the Infrastructure team | 60 minutes
3. Tech talk with our CTO Matias | 30 minutes
4. Meet the Founder Max | 30 minutes chat (Optional at the HQ)