DevSecOps Engineer - FinTech (relocation to Cyprus)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
This is an onsite role with our team in Nicosia, Cyprus. We offer relocation support to our team members relocating from abroad. Reluna is redefining the future of Wealth Management and Family Governance with cutting-edge, data-driven platforms.
Key Skills for This Role
Full Job Posting
Overview
This is an onsite role with our team in Nicosia, Cyprus.
We offer relocation support to our team members relocating from abroad.
Reluna is redefining the future of Wealth Management and Family Governance with cutting-edge, data-driven platforms.
Leveraging advanced automation and scalable architecture, we make complex processes – from data integration to reporting and compliance – fast, seamless and accurate.
We are hiring a
Devsecops Engineer
to take ownership of security across infrastructure, pipelines and application delivery.
This is not a compliance role - this is hands-on engineering with real control over how security is designed and enforced across our platforms.
Key Responsibilities
- Design and enforce secure-by-default infrastructure across AWS and Kubernetes
- Own secrets management and identity flows across services and environments
- Harden Kubernetes clusters and workloads with policy-driven security controls
- Build and maintain secure CI/CD pipelines with strong supply chain guarantees
- Implement end-to-end workload identity using modern federation (OIDC, IRSA)
- Integrate security directly into developer workflows without slowing delivery
- Drive threat modeling practices across APIs and distributed systems
- Lead incident response from a security perspective and improve detection capabilities
- Continuously audit, validate and improve system security posture
- Partner with DevOps Engineer and engineering teams to embed security into architecture decisions
Must Have Technical Expertise
- **Secrets & Identity: HashiCorp Vault (OSS/Enterprise)**
- policies, AppRole, Kubernetes auth, etc.
- **Kubernetes Security:**
- NetworkPolicies, Pod Security Admission, OPA or Kyverno policy enforcement, RBAC auditing, Service Account token management, Seccomp and AppArmor
- **AWS Security:**
- IAM design and governance, SSO permission sets, IRSA (IAM Roles for Service Accounts), EKS access entries, Service Control Policies (SCP), STS and permission boundaries, Ability to read and interpret CloudTrail directly (no reliance on Athena)
- **Software Supply Chain Security:**
- Image signing with cosign, SLSA framework implementation, SBOM generation and scanning (syft, grype), Dependency automation (Renovate or Dependabot), Signed commits and enforced branch protection
- **GitHub Advanced Security:**
- CodeQL, Secret scanning, Required reviews and branch protections, OIDC federation (no long-lived PATs)
- **TLS / PKI:**
- Cert-manager, Let’s Encrypt integration, Private Certificate Authorities, mTLS between services
- **Threat Modeling:**
- STRIDE and LINDDUN methodologies, gRPC API threat modeling, OWASP API Top 10
What We Are Looking For
- 4+ years in DevSecOps, Security Engineering or SRE with strong security ownership
- Proven experience securing Kubernetes-based production systems
- Deep understanding of identity, authentication and authorization models
- Strong bias toward automation and policy-as-code
- Ability to challenge weak security practices and enforce better ones
- Comfortable operating in high-accountability environments with minimal oversight
- Russian and English languages at professional working capacity
Bonus Points For
- AI-Forward Mindset: Enthusiasm for leveraging AI-assisted tools to enhance productivity and automation
- Experience in regulated or financial environments
- Experience with multi-tenant SaaS architectures at scale
- Exposure to service mesh (Istio or Linkerd)
- Experience securing multi-tenant SaaS platforms
- Familiarity with time-series databases (KDB+)
- Background in incident response or red teaming
Reality Check
If your idea of “security” is running scanners and filing tickets, this role will not work.
If you build systems that make insecure behavior impossible, you will fit right in.
Why Join Reluna?
At Reluna, you will join a forward-thinking team passionate about innovation in fintech.
We value initiative, ownership and bias for action.
You will have the opportunity to architect infrastructure for significant scale, drive cost savings through architecture optimization and work with cutting-edge cloud-native technologies
How To Apply
Please submit your updated CV in English.
Due to the volume of applications, only shortlisted candidates will be contacted.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Reluna
Engineering Manager / Full Stack+AI - FinTech (relocation to Cyprus)
Dubai, UAE
This role is based in our office in Nicosia, Cyprus. Relocation support will be offered to candidates relocating from abroad Reluna is redefining wealth management with a cutting-edge, data-driven wealth management platf
DevSecOps Engineer - FinTech (relocation to Cyprus)
Dubai, UAE
This is an onsite role with our team in Nicosia, Cyprus. We offer relocation support to our team members relocating from abroad. Reluna is redefining the future of Wealth Management and Family Governance with cutting-edg
DevOps Engineer
Dubai, UAE
The role involves managing cloud infrastructure, improving CI/CD workflows, and collaborating with teams while requiring expertise in AWS, Azure, and Kubernetes.