Senior DevSecOps Engineer
zocks · Budapest, Hungary
About The Role
Company Overview
We're Zocks, a venture capital-backed AI startup changing the world of financial services, and other industries that value security and privacy. Our founding team built their careers working on real-time communication products, building enterprise platforms, and crafting tools for some of the most security-conscious industries. With experience gained from industry leaders like Twilio, IBM, Microsoft, and Hearsay Systems, we're using AI to bridge human conversations with enterprise systems, starting with financial services.
Our focus, although simple, is powerful: reinventing business operations and transforming the areas that often get bogged down by slow, inefficient processes. Our innovative platform allows people to communicate naturally, while we capture the information they need, so they can avoid data entry, streamline their operations, and spend more time on what matters most: their clients.
Location: Budapest, XI. (On-site Monday to Thursday, Remote on Fridays)
Why we're hiring for this role: We're rapidly expanding, and with that comes an increasing urgency to mature our security posture. Compliance readiness, and proactive risk management are becoming equally critical — this role will be a key driver of those efforts alongside infrastructure ownership. This could be a unique opportunity to have a big impact in owning security initiatives and establishing a strong security baseline at Zocks.
Key challenges you will work on every day
- Owning the full cloud infrastructure lifecycle across multi-region environments
- Owning and hardening the security perimeter across cloud and network boundaries
- Triaging and remediating findings from penetration tests and vulnerability scans in collaboration with external security partners
- Creating and maintaining our delivery pipeline from developer machines to production, including automated security checkpoints, secrets scanning, and dependency auditing.
- Supporting compliance initiatives (e.g. SOC 2, ISO 27001, NIST) through infrastructure controls, audit logging, and evidence collection
- Optimizing network topology for the best possible connectivity, latency and throughput for end users
What you need
- 6+ years relevant experience (DevOps/Security)
- Deep understanding of AWS security services (IAM, Security Hub, GuardDuty, SCPs, network ACLs)
- Strong knowledge of cloud security best practices
- Experience with network security (VPNs, firewalls, zero-trust architecture, ingress/egress protection)
- Linux hardening experience
- Experience with secrets management (Vault, AWS Secrets Manager)
- Knowledge of PKI / certificate lifecycle management
- Experience with compliance and audit requirements (SOC2, ISO27001, CIS Benchmarks)
- Ability to understand penetration testing findings and coordinate remediation efforts
- Experience with security incident response and risk prioritization
- Fluent English and Hungarian language knowledge
Bonus points for
- Kubernetes security experience
- Familiarity with runtime security tooling (Falco, Wiz, Crowdstrike)
- Experience reviewing Terraform / IaC security configurations
- Exposure to Azure or GCP security
- Python or Go scripting skills
- Experience with container security scanning tools
- Threat modeling experience
- Security automation experience
This listing was posted by a verified recruiter at zocks. Report this listing
JobSpring