DevSecOps Engineer

This is an onsite role with our team in Nicosia, Cyprus. We offer relocation support to our team members relocating from abroad. 

Reluna is redefining the future of Wealth Management and Family Governance with cutting-edge, data-driven platforms. Leveraging advanced automation and scalable architecture, we make complex processes – from data integration to reporting and compliance – fast, seamless and accurate.

We are hiring a DevSecOps Engineer to take ownership of security across infrastructure, pipelines and application delivery. This is not a compliance role - this is hands-on engineering with real control over how security is designed and enforced across our platforms.

Key Responsibilities:

• Design and enforce secure-by-default infrastructure across AWS and Kubernetes
• Own secrets management and identity flows across services and environments
• Harden Kubernetes clusters and workloads with policy-driven security controls
• Build and maintain secure CI/CD pipelines with strong supply chain guarantees
• Implement end-to-end workload identity using modern federation (OIDC, IRSA)
• Integrate security directly into developer workflows without slowing delivery
• Drive threat modeling practices across APIs and distributed systems
• Lead incident response from a security perspective and improve detection capabilities

Looking to advance your Devops career with relocation support? Explore Devops Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

• Continuously audit, validate and improve system security posture
• Partner with DevOps Engineer and engineering teams to embed security into architecture decisions

Must Have Technical Expertise:

• Secrets & Identity: HashiCorp Vault (OSS/Enterprise) - policies, AppRole, Kubernetes auth, etc.
• Kubernetes Security: NetworkPolicies, Pod Security Admission, OPA or Kyverno policy enforcement, RBAC auditing, Service Account token management, Seccomp and AppArmor
• AWS Security: IAM design and governance, SSO permission sets, IRSA (IAM Roles for Service Accounts), EKS access entries, Service Control Policies (SCP), STS and permission boundaries, Ability to read and interpret CloudTrail directly (no reliance on Athena)
• Software Supply Chain Security: Image signing with cosign, SLSA framework implementation, SBOM generation and scanning (syft, grype), Dependency automation (Renovate or Dependabot), Signed commits and enforced branch protection
• GitHub Advanced Security:CodeQL, Secret scanning, Required reviews and branch protections, OIDC federation (no long-lived PATs)
• TLS / PKI: Cert-manager, Let’s Encrypt integration, Private Certificate Authorities, mTLS between services
• Threat Modeling: STRIDE and LINDDUN methodologies, gRPC API threat modeling, OWASP API Top 10

What We Are Looking For:

• 4+ years in DevSecOps, Security Engineering or SRE with strong security ownership
• Proven experience securing Kubernetes-based production systems
• Deep understanding of identity, authentication and authorization models
• Strong bias toward automation and policy-as-code
• Ability to challenge weak security practices and enforce better ones
• Comfortable operating in high-accountability environments with minimal oversight
• Russian and English languages at professional working capacity

Bonus Points For:

• AI-Forward Mindset: Enthusiasm for leveraging AI-assisted tools to enhance productivity and automation
• Experience in regulated or financial environments
• Experience with multi-tenant SaaS architectures at scale

Interested in relocating to United Arab Emirates? Check out our comprehensive Relocation Jobs in United Arab Emirates page with detailed relocation packages and benefits.

• Exposure to service mesh (Istio or Linkerd)
• Experience securing multi-tenant SaaS platforms
• Familiarity with time-series databases (KDB+)
• Background in incident response or red teaming

Reality Check

If your idea of “security” is running scanners and filing tickets, this role will not work. If you build systems that make insecure behavior impossible, you will fit right in.

Why Join Reluna?

At Reluna, you will join a forward-thinking team passionate about innovation in fintech. We value initiative, ownership and bias for action. You will have the opportunity to architect infrastructure for significant scale, drive cost savings through architecture optimization and work with cutting-edge cloud-native technologies

How to Apply

Please submit your updated CV in English. Due to the volume of applications, only shortlisted candidates will be contacted.