Senior DevSecOps Engineer

Who Are Yapily

Why we exist, and where we're headed:

Our Mission: Redefining how the world interacts with value.

Our Vision: A world without financial friction

Our Purpose: To empower everyone to access and move value

At Yapily, we're building a powerful, scalable, and secure open banking infrastructure that redefines how the world interacts with value.

Our open banking platform powers leading companies, such as Adyen, Intuit QuickBooks, and Google. By delivering payment initiation, bank data access, and pre-built products, we enable businesses to innovate fast and push the boundaries of financial technology.

As an early pioneer of open banking, we're actively shaping the future of this industry with unrivalled expertise and a relentless focus on innovation.

What We Are Looking For

As a Senior DevSecOps Engineer, you will be a key driver in integrating security into every phase of our Software Development Lifecycle (SDLC). You will join a high-impact team, responsible for securing our highly available, multi-tenant platform built primarily on GCP and Kubernetes.

This role requires a proactive and automated approach to security—you will be laying down the foundational security posture, automating compliance checks, and ensuring we not only meet but exceed the security requirements necessary for regulated financial services.

Requirements

Responsibilities: Secure Infrastructure & Compliance

As a Senior DevSecOps Engineer, you will be responsible for:

• Owning Security Tooling: Selecting, integrating, and maintaining security tooling both within our environments and in our CI/CD pipelines
• Engineering Security Guardrails: Designing, implementing, and enforcing automated security guardrails and policies across our entire cloud estate and CI/CD pipeline
• GCP Security Focus: Hardening and securing our Google Cloud Platform environment, including IAM policies, network security and resource configuration management
• Compliance Automation: Working closely with compliance and governance teams to translate requirements into automated, verifiable infrastructure and deployment practices
• Vulnerability & Patch Management: Automating and managing the end-to-end process for identifying, triaging, and working with the engineering teams to remediate security vulnerabilities in infrastructure, applications, and third-party dependencies
• Developer Empowerment: Building and maintaining "golden path" templates for secure service deployment, enabling feature teams to confidently and safely push code without compromising security
  
  

Incident Response: Contributing expertise to the security incident response team, helping to swiftly and effectively manage and resolve security events.

What You Bring (Essential Skills)

• Cloud Architecture & Security: Deep, practical experience designing, managing, and securing high-availability infrastructure within GCP
• API security: Proficient in reviewing, providing patterns and upskilling engineers to provide a secure API interface
• Kubernetes Security Proficiency: Expert knowledge of deploying, operating, and hardening Kubernetes (GKE) clusters, including network policies, container runtime security, and secrets management
• Infrastructure as Code (IaC): Solid skills in writing, securing, and testing configuration using Terraform or OpenTofu
• Security Tooling Expertise: Hands-on experience deploying and managing key security tools (e.g., Aqua Security, Falco, Prisma Cloud, or similar CSPM/CWPP/CNAPP solutions)
• Automation & Scripting: Proficient in at least one relevant language (Python, Golang, or Shell) for developing security automation and workflow tooling
• CI/CD Guardrails: Proven ability to build secure, repeatable, and robust deployment pipelines (e.g., GitLab CI, GitHub Actions) that integrate mandatory security checks