Secure the Future of Global Finance with Verto!
At Verto, we're not just building a platform; we're democratizing global finance and empowering businesses in emerging markets to thrive. Founded by British-Nigerian entrepreneurs, we understand the challenges businesses face with cross-border payments firsthand. That's why we're committed to bridging the gap between emerging and developed markets, fostering global economic growth, and creating equal access to seamless payment solutions.
Join our mission, backed by world-class investors like Y-Combinator and Quona, and help us secure the platform that's already enabling thousands of businesses to transfer billions of dollars annually. If you're passionate about application security and ready to make a real-world impact, we want you!
DevSecOps Engineer - Your Mission, Should You Choose to Accept It:
As a DevSecOps Engineer at Verto, you'll be a critical player in fortifying our application security and championing a security-first culture. Your expertise in penetration testing and security automation will directly impact the robustness and trustworthiness of our products. You will embed security seamlessly into our development processes, proactively reducing vulnerabilities and ensuring the ongoing protection of our platform and users.
What You'll Be Doing:
Conduct in-depth penetration testing for Web, API, and Mobile (iOS & Android) applications – think like an attacker to protect like a defender.
Perform secure code reviews, particularly for Node.js, and provide actionable remediation guidance to development teams.
Automate security testing and seamlessly integrate security tools into CI/CD pipelines, ensuring continuous security validation.
Develop scripts to automate repetitive security tasks, freeing up your time for more strategic initiatives.
Develop and implement security best practices based on industry standards like OWASP Top 10 and SANS 25.
Monitor and harden AWS cloud security configurations, with a focus on AWS auditing and penetration testing capabilities.
Collaborate with development teams for early-stage threat modeling and risk assessments, influencing security from the ground up.
Create and maintain security playbooks for effective and efficient incident response.
Stay ahead of the curve by researching emerging threats and introducing innovative security methodologies.
What You Need to Succeed:
Proven experience in penetration testing for Web, API, and Mobile (iOS & Android) applications – we want to see your skills in action.
Strong expertise in security testing tools (e.g., Burp Suite, OWASP ZAP) and proficiency in Python scripting.
Solid experience with secure code reviews and providing actionable remediation guidance.
Deep understanding of OWASP Top 10, SANS 25, and other relevant security frameworks.
Hands-on experience integrating security tools into CI/CD pipelines.
Comprehensive cloud security expertise, particularly in AWS (IAM, security monitoring, infrastructure security, including AWS auditing and AWS penetration testing capabilities).
Familiarity with Agile and DevOps methodologies, with a demonstrated security-first mindset.
Proficiency in scripting languages such as Python or other relevant languages (e.g., PowerShell, Bash).
Bonus Points If You Have:
Experience with Node.js applications for code reviews and remediation.
Relevant certifications such as OSCP, CISSP, CEH, AWS Security Specialty, or Certified DevSecOps Engineer.
Experience working in a fast-paced startup environment.
Experience working within a DevOps environment integrated directly with a Product Team.
Experience with Infrastructure as Code (IaC) tools like Terraform or Ansible.
Experience in specific industry domains (e.g., Fintech, Logistics, E-commerce) where robust application security is paramount.
Life at Verto:
We're more than just colleagues; we're a community of passionate individuals who care deeply about our craft, collaborate with purpose, and enjoy the journey together.
Perks & Benefits:
Comprehensive Health & Life insurance.
Flexible work schedules.
Generous leave policy.
Gym membership.
Free lunch.
Car lease policy.
Professional development budget – invest in your growth!
You'll Thrive Here If You:
Are always asking "why?" and challenging the status quo.
Value solving problems over simply completing tasks.
Understand the nuances of synchronous and asynchronous communication.
Thrive in ambiguity and embrace change.
Actively seek and provide feedback.
Prioritize impact over activity.
Are fun to work with – we appreciate a good sense of humor!
The Interview Process:
Expect a conversation with our talent team, an online assessment to showcase your skills, and two insightful interview rounds (technical and cultural) to ensure we're the right fit for each other.