DevOps Engineer - Kraken Futures

  • Kraken Digital Asset Exchange
  • London, UK
  • Aug 26, 2019
Permanent DevOps | Blockchain

Job Description

About the Role

You'll be joining the Crypto Facilities (trading as Kraken Futures, KF) engineering team to provide software engineering and cloud infrastructure support and advice across the London-based cryptocurrency futures and indices businesses, as well as becoming part of the global (and world-class) Security Operations team.You'll be a member of a 2-3 FTE DevSecOps team, and will be expected to contribute and learn across the full cloud engineering stack. You will be (or will become) a "T-shaped" individual with enormous potential to further your career in the burgeoning DevSecOps domain, with the guidance of industry leaders in Security and DevOps, and alongside a mature team of true polyglots and talented microservices developers.

Responsibilities - This is a dynamic role in a fast-changing business - but for example:

  • Building application security processes and pipelines to contribute to the KF Development team's move to true Continuous Delivery and Continuous Improvement;
  • Implementing "SAST" and "DAST" systems with the wider Kraken team and/or the Kraken Futures team;
  • Implementing secrets management for cloud applications as part of the Kraken Futures DevSecOps team
  • Working with the global team on Identity and Access Management projects and integration for Enterprise applications;
  • Relating Kraken Futures business processes and requirements to Kraken controls and policies;
  • Becoming an active part of the on call and disaster recovery structures within Crypto Facilities;
  • Deputizing for the CISO and /or fulfilling DevOps responsibilities for the Development teams to cover absence, and to a certain extent capacity issues.

Requirements - Technical

  • Code (or script) in at least one modern application development or utility language;
  • Use Source Code Management and Document Management Systems to organize business function tasks and publish relevant material;
  • Be a competent Linux user;
  • Know how to build, run and deploy secure Docker containers;
  • Be aware of how containers and microservices are configured, and can be secured and orchestrated, in particular using Kubernetes;
  • Use open source tooling to programmatically test and verify the safety and integrity of bespoke software;
  • Analyze data sets and produce reports using basic tools (e.g. SQL, POSIX stream processing tools, spreadsheets, ODBC, Python);
  • Understand principles around secure Identity Management and Authentication;
  • Understand the implementation of secure messaging systems in the context of privacy awareness, including GPG and encrypted instant messaging;
  • Have a good basic comprehension of computer networks, the Internet, and supporting systems such as web servers and proxies;
  • Understand DNS, SSL/ TLS, and how traffic on IP networks establishes end-to-end security and trust.

Requirements - Administrative and Security

  • Work highly independently, with multiple stakeholders outside of the formal management structure;
  • Write good quality policies, procedures and technical documentation;
  • Nurture security awareness in the organization, produce material to support this, and relate this to the current threat landscape;
  • Be familiar with risks introduced to organization by third parties, and processes to mitigate these;
  • Take a risk-based approach to all facets of information security;
  • Have a "finger on the pulse" of current challenges and exploits in the ecosystem;
  • Be an active participant in a truly world class global security organization.

Qualifications (and supplementary industry expertise)

  • A degree from an accredited institution, or equivalent relevant experience alongside a good level of general education;
  • Optional: relevant and well-regarded certifications in cloud computing such as CKA (Certified Kubernetes Administrator), AWS Professional or Specialty levels, Google Professional level;
  • Optional: advanced security accreditation such as CISSP, OSCP, CASP, Security+.

Apply for the position on our Website: