Senior DevSecOps / Infrastructure Engineer

About the Role

We are looking for a Senior DevSecOps / Infrastructure Engineer to join a Client’s team building a privacy-first, Zero-Knowledge product.
This role focuses on security, hardened infrastructure, immutable deployments, and verifiable CI/CD pipelines. The goal is to ensure the system is tamper-resistant, privacy-preserving, and secure by design.

Location: Remote
Cooperation Type: Full-time, long-term
Experience Level: Senior
Start: ASAP

Responsibilities

• Design, build, and maintain secure cloud or bare-metal infrastructure
• Implement and manage Docker and Kubernetes with strict network policies
• Manage Infrastructure as Code using Terraform or Ansible
• Harden systems using SELinux, AppArmor, OS hardening, and minimal attack surface practices
• Implement immutable infrastructure (replace servers instead of patching)
• Set up and manage secrets management solutions (Vault / KMS / HSM)
• Build and maintain secure CI/CD pipelines with reproducible and verifiable builds
• Implement monitoring and observability using Prometheus and Grafana (zero-log approach where possible)
• Work on traffic obfuscation and privacy-preserving networking
• Collaborate with backend, mobile, and security teams to ensure end-to-end system security
• Participate in architecture decisions, security reviews, and incident prevention
• Ensure high availability, reliability, and scalability of infrastructure

Requirements

• 6+ years of experience in DevSecOps / Infrastructure Engineering
• Strong experience with Linux server administration and hardening
• Hands-on experience with Docker in production environments
• Strong experience with Kubernetes (networking, security, scaling)
• Experience with Infrastructure as Code (Terraform or Ansible)
• Experience with cloud platforms (AWS or GCP)
• Experience building and maintaining CI/CD pipelines
• Experience with secrets management (Vault, KMS, or HSM)
• Experience with monitoring and observability (Prometheus, Grafana)
• Strong understanding of infrastructure security, threat modeling, and risk mitigation
• Ability to work independently and take ownership of critical infrastructure components
• English: Upper-Intermediate or higher

Nice to Have

• Experience with Immutable Infrastructure
• Experience with Reproducible / Verifiable Builds
• Experience with HashiCorp Vault
• Experience with Hardware Security Modules (HSM)
• Experience with traffic obfuscation or privacy-focused networking
• Experience with bare metal or privacy-focused hosting (Hetzner, Swiss hosts)
• Experience with zero-log monitoring practices
• Experience with privacy-first or security-critical products

What We Offer

• Competitive compensation according to your experience (gross system)
• Fully remote work and long-term cooperation
• Opportunity to work on a security-critical, privacy-first product
• Ownership over core infrastructure and security architecture
• Fast hiring process and quick start
• Supportive engineering culture focused on quality, ownership, and reliability

What happens after you apply

• Quick CV review
• Short recruiter call
• Technical interview with LITSLINK team 
• Fast decision & offer