At Hippo, were tackling complex challenges in engineering, data, and operations that are transforming an outdated insurance industry. As a DevSecOps Engineer, youll play a key role in expanding our suite of products, supporting both mature offerings and new MVPs. In this role, you’ll use your understanding of cybersecurity and risk management to drive security projects from concept to completion. You’ll collaborate with stakeholders to create effective security designs and protocols while securing microservices and monitoring for threats.
If you’re passionate about crafting clear security designs and protocols, driving security projects from start to finish, securing microservices, and identifying vulnerabilities in distributed systems while analyzing logs and security signals, we’d love to hear from you!
responsibilities :
In this role, you’ll collaborate closely with various stakeholders, including Security Engineers, Engineering Managers, and developers to create effective security designs and protocols while securing microservices and monitoring threats. That’s why this position requires not just strong technical skills, but also great communication abilities, a knack for mentoring, and knowledge-sharing.
You’ll be responsible for building a world-class, scalable, and resilient security infrastructure that keeps the Hippo platform safe and sound.
You’ll boost developer productivity by integrating security tools and processes into our CI/CD pipelines, as well as monitoring systems and cloud environments to ensure everything runs smoothly.
You’ll be using Golang, Python, and other scripting languages like Bash on a daily basis to automate security operations, build secure APIs, and develop serverless security functions.
You’ll get to work with various cloud providers, databases, open-source tools like Terraform, Kubernetes, and Docker, and a range of security tools like CSPM, DSPM, WAF, ZTN, DAST, SAST, Vault, and more, giving you a chance to explore and enhance our security setup.
You’ll be the advocate for a security-first mindset within the DevOps team and across the organization, promoting awareness and best practices related to infrastructure security.
Youll be able to put your mark on the project, and you will take ownership and responsibility for what you do. This isn’t a “just keep the lights on” role — you’ll shape how things are done from the ground up.
You’ll work closely with other Senior DevOps Engineers, sharing responsibility for on-call rotations and keeping the platform healthy.
requirements-expected :
Have 5+ years of hands-on DevOps experience and 2+ years of SecOps/Security Engineer experience.
Feel confident in Golang or Python.
Have hands-on experience with tools like AWS, Kubernetes, Terraform, Docker, and modern CI/CD systems.
Understand AWS VPC or GCP networking, including key concepts like network separation, security groups, and ACLs.
Have worked with security frameworks such as OWASP, NIST, or SANS and know your way around Intrusion Detection and Prevention Systems (IDPS).
Have experience securing CDN configurations and can integrate them into a broader security strategy.
Can recognize and defend against common CDN attack vectors like DDoS attacks, cache poisoning, and content hijacking.
Know about authentication protocols like SAML, OIDC, OAuth or similar.
Are comfortable working with security logging and metrics systems to keep things running smoothly.
Enjoy working in a small, focused, and highly efficient team.
Have a great command of English (written & spoken).
Are available in the afternoons – youll join a Polish-American team, so you can expect afternoon meetings. Rest assured, we prioritize work-life fit, respect everyones private lives, and don’t work at night but we still must ensure that communication between the time zones is effective.
offered :
Form of employment of your choosing
Remote work & flexible working hours
Paid sick leave
Paid holidays
Private medical care with dentists & orthodontists package for you and your family
Group life insurance
Psychotherapists support - free online sessions with psychologists and psychotherapists.
Home physiotherapy
Multisport card & meditation apps reimbursed 50%
Gear with Apple Logo and monitor
50% reimbursement for courses, conferences, books & certificates
Free access to private language lessons
6 Personal Development Days & 4 Voluntary Days Off
Cafeteria platform - extra “stówka”every month to spend on whatever you want to
Nanny services for parents
Concierge services – a personal assistant to help you to deal with your everyday matters
Chill room with table football & PlayStation 5
Free snacks, and ice cream in the office (every day, all year round!)
Free Friday Lunch in the office
Team building events - we party together several times a year during the annual Offsite & Christmas Parties, beer after work, or our #WinterEscapeMonth workation in Cyprus
