DevSecOps Engineer

Department: Security

Employment Type: Permanent employee

Schedule: Full-time

Seniority: Experienced

Location: Remote, Almaty, Limassol, Barcelona, Serbia

At Vivid, we're reimagining how individuals and businesses manage money. Our all-in-one app opens up a world of financial possibilities: invest in global stocks, ETFs, and over 150 cryptocurrencies, earn cashback on everyday purchases, and access personalised insights to make the most of your finances – all tailored to your lifestyle.   
  
For businesses, Vivid Business offers a powerful suite of tools, including multi-IBAN accounts, high-interest rates, business cashback, team cards, and seamless accounting integrations to streamline operations.   
  
Our mission? Your success. Everyone deserves the chance to see their finances flourish, and we’re dedicated to empowering our customers to make this a reality.   
  
Since our 2020 launch in Germany, Vivid has rapidly expanded across Europe, earning the trust of over 500,000 customers looking for a simpler, smarter way to grow their wealth. With over €200 million raised from top investors and a valuation of €775 million, Vivid is where modern finance meets real opportunity. Join us and experience a new way to thrive financially.We are looking for a hands-on DevSecOps Engineer to strengthen and scale security initiatives in our fully cloud-native AWS environment. You will help evolve our DevSecOps practices, improve cloud and Kubernetes security, vulnerability management, and perform security reviews across infrastructure and applications. 

You will work closely with security and engineering teams, making hands-on improvements while contributing to long-term security direction. We value practical, scalable solutions and smart automation, and we expect ownership and a proactive mindset. 

As we actively adopt AI, use LLMs extensively, and build internal AI agents, security must scale alongside innovation and regulatory requirements – making AI-aware security a key part of this role.Cloud & Platform Security 

• Continuously improve the security of our AWS and Kubernetes platforms. 
• Strengthen IAM, RBAC, encryption, secrets management, and network controls through secure-by-default policy-as-code. 
• Manage edge security, including traffic filtering, WAF configuration, and external exposure management. 
• Perform security reviews of new services, architectural changes, and platform components. 

Application & AI Security 

• Embed automated security controls into SDLC and CI/CD (SAST, dependency and container scanning, policy enforcement). 
• Lead vulnerability management processes, including detection, assessment, prioritization, and reporting. 
• Integrate automation and AI-assisted tooling to enhance security reviews and reduce manual effort. 
• Define and implement security controls for AI infrastructure components, including gateways, MCP servers, and model proxies. 
• Identify and mitigate AI-specific risks such as prompt injection, data leakage, and agent privilege escalation.

• 5+ years of hands-on experience in DevSecOps, Cloud Security, or related fields. 
• Strong hands-on experience operating AWS and Kubernetes in production environments. 
• Experience implementing security in Infrastructure as Code and CI/CD workflows. 
• Solid understanding of cloud security fundamentals such as access control, secrets management, network security, and encryption. 
• Familiarity with container security and common application security risks. 
• Deep understanding of AI/LLM security risks, including prompt injection, data leakage, model abuse, and agent privilege escalation; hands-on experience securing AI infrastructure components such as LLM gateways, MCP servers, or agent-based workflows.
• Comfortable with scripting and working in Git-based development environments. 
• Good communication skills and ability to work effectively with engineering and product teams. 
• Comfortable communicating clearly in English, both written and spoken. 

Nice to Have 

• Experience scaling security practices in fast-growing or regulated environments. 
• Experience building internal security tooling or automation from scratch.

• We have a hybrid model in our Limassol office, or fully remote outside office locations. 
• We support relocation to Cyprus (visa, package) when needed.
• Competitive senior-level compensation, reflecting the seniority and impact of the role (depending on location). 
• Learning & development budget to support your professional growth. 
• Fully paid vacation and sick leave. 
• Sports compensation. 
• Real growth prospects, significant responsibility, and the ability to make an immediate impact from day one. 

Enhance your expertise and shape the future of FinTech. Join Vivid's talented team and help us revolutionize how businesses think about their finances!