DevSecOps Engineer

About the Role:

We’re looking for a team player with excellent interpersonal skills & service oriented. Creative & out of the box thinker. An autodidact, quick, effective and versatile who’s able to change directions in midstream. Independent & Accountable. As a DevSecOps Engineer at Payoneer, you’ll play a critical role in embedding security throughout the software development lifecycle (SDLC). You’ll help design, implement, and maintain security controls and automations across our CI/CD pipelines, infrastructure, and application stack. 

What you’ll be spending your time on:

• Integrate and maintain security tools across the CI/CD pipeline: 
• SAST (e.g., SonarQube) 
• SCA (Software Composition Analysis) / Dependency Scanning (e.g., Snyk, Trivy, GitHub Dependabot) 
• Secret Detection (e.g., Gitleaks, HashiCorp Vault) 
• Container/Image Scanning (e.g., Aqua, Prisma Cloud, Trivy) 
• Drive security automation and enforcement for: 
    •  Infrastructure as Code (e.g., Terraform) 
    •  Configuration Management (e.g., Ansible, Chef) 
    •  GitOps workflows (e.g., ArgoCD) 
    •  Embed security guardrails and best practices across the SDLC 
    •  Automate compliance checks (e.g., OWASP Top 10, CIS Benchmarks) into development workflows 
    •  Integrate with observability and monitoring systems (e.g., Prometheus, Grafana, ELK, Coralogix) 
• Collaborate cross-functionally with Product, QA, Development, and IT/Ops teams to continuously improve the security posture 
• Participate in on-call rotations for production systems as needed 

 Have you done this kind of stuff?  

• BS degree in computer science, computer engineering, relevant technical discipline or equivalent practical experience 
• At least 3 years’ experience as DevOps/DevSecOps/Security Engineer 
• Experience with CI/CD tools and source control management tools (e.g., Git, Azure DevOps, SonarQube, Artifactory etc...) 
• Proven experience securing CI/CD pipelines 
• Expertise in SCA, SAST, secret scanning, and container security 
• A minimum of 3 years of exposure running production workloads (AWS, Azure or GCP) 
• Hands-on experience with Kubernetes, Docker, and GitOps tooling (ArgoCD or Flux) 
• Proven Scripting capabilities: (e.g. PowerShell/Bash/Python) 
• Experience with logging, SIEM, and monitoring platforms 
• Experience with IAM, secrets management, and compliance frameworks (SOC2, ISO, etc.) 
• High level Linux OS expertise  
• Strong troubleshooting skills 
• Proactive by nature; internal drive for excellence and improvement 

Not a must but a great advantage 

• Experience with relational and non-relational databases (Oracle, PostgreSQL, SQL, MongoDB) Experience with software development and development frameworks
• Experience with event streaming and messaging platforms such as Kafka, RabbitMQ
• Knowledge and understanding Storage and Networking 

#LI-PG1