About Hazeltree Fund Services Inc. Hazeltree is a
global leader in cloud-based treasury solutions, empowering
investment firms with cutting-edge technology to optimize financial
performance, enhance liquidity, and mitigate risk. As part of our
commitment to security and innovation, we are expanding our
Information Security Team and seeking a DevSecOps Engineer to drive
security automation and best practices across our cloud
infrastructure and IT operations. Job Overview As a DevSecOps
Engineer, you will play a pivotal role in integrating security
practices into our DevOps pipeline and IT operations. Working at
the intersection of operations, security, and development, you will
collaborate closely with internal teams to safeguard critical
business operations by design and default. You will be responsible
for security automation, CI/CD pipeline enhancements, and cloud
security management, ensuring compliance with industry standards.
Key Responsibilities Security & DevOps Integration: - Support
and extend the secured CI/CD pipeline to enhance development
security. - Work with development teams to optimize infrastructure
security. Cloud & Infrastructure Security: - Maintain and
secure AWS cloud infrastructure for clients and internal
operations. - Automate AWS infrastructure builds following CIS
hardening standards. - Ensure top-tier security configuration,
access management, and incident response on cloud platforms.
Operational Support & Incident Response: - Support
business-critical Windows and Linux-based environments. - Monitor
and respond to security alerts across Infosec, servers, firewalls,
and applications. - Conduct continuous monitoring of internal and
third-party information security controls. Threat &
Vulnerability Management: - Assess SAST (Static Application
Security Testing) and DAST (Dynamic Application Security Testing)
scans. - Implement remediation and mitigation strategies in
collaboration with development teams. - Maintain network security
protocols, firewalls, and threat management platforms. Compliance
& Risk Management: - Ensure compliance with ISO 27001:2022,
SOC1 Type2, and SOC2 Type2 standards. - Provide support for
security audits, policy implementation, and KPI/KRI monitoring.
Qualifications & Requirements Technical Skills: Cloud &
Security Expertise: - Hands-on experience with AWS (or other
cloud-based solutions). - Strong understanding of secured Software
Development Lifecycle (SDLC) and CI/CD platforms. - Familiarity
with OWASP, CIS frameworks, and security best practices.
Infrastructure & Scripting Knowledge: - Proficiency in
Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows
Server, Active Directory). - Strong scripting skills in PowerShell
(highly beneficial). - Experience with Cloud-based security tools
(email security gateways, IAM, endpoint security, threat
management). DevOps & IT Service Management (ITSM): -
Experience with Jira (Atlassian automation), ServiceNow, or other
ITSM platforms. - Understanding of incident management processes
and security KPIs. Networking & Compliance: - Strong knowledge
of network security protocols, vulnerability management, and
firewalls. - Proven experience in security compliance frameworks
and industry regulations. Soft Skills: - Analytical &
Problem-Solving: Ability to analyze security risks and develop
practical solutions. - Communication: Ability to explain complex
security topics to both technical and non-technical stakeholders. -
Collaboration: Experience working in cross-functional teams with a
proactive, team-first mindset. - Adaptability & Resilience:
Ability to stay composed and think strategically in high-pressure
situations. - Ethical Integrity: Strong sense of responsibility for
data confidentiality and compliance with privacy regulations.
Education & Certifications: - Bachelor’s degree in Computer
Engineering, Cybersecurity, or a related field. - 3+ years of
experience in a DevOps or DevSecOps role. - Bonus Certifications
(Preferred, not required): - AWS Certified DevOps Engineer - AWS
Solutions Architect - AWS SysOps Administrator - Certified
DevSecOps or other security-related certifications What We Offer -
Competitive salary and performance-based incentives. -
Comprehensive benefits package, including health, dental, and
vision insurance. - Retirement savings plan with employer
contributions. - Opportunities for professional growth, training,
and certifications. - A dynamic and collaborative work environment
at the forefront of cloud security and treasury technology. How to
Apply Interested candidates should submit their resume and a cover
letter to with the subject line: "DevSecOps
Engineer Application – [Your Name]" Hazeltree Fund Services Inc. is
an equal opportunity employer committed to diversity, equity, and
inclusion.
