Acropolium
  1. All jobs
  2. Operations (Ops)
  3. DevOps

DevSecOps / Infrastructure Engineer

Acropolium

Now we’re looking for a DevSecOps / Infrastructure Engineer to join a greenfield project — a privacy-first messaging application, similar in concept to Signal, built from the ground up.

This role is for a true Fortress Builder — someone who designs infrastructure so that the environment itself cannot be tampered with.

You will be responsible for building a hardened, verifiable, privacy-preserving infrastructure where:

  • servers are immutable,

  • secrets are never exposed,

  • builds are reproducible,

  • and monitoring happens without logging sensitive user data.

You’ll work closely with backend engineers and security-focused stakeholders to ensure the system is trustworthy by design.

Key Responsibilities

  • Design and operate secure cloud or bare-metal infrastructure from scratch

  • Implement immutable infrastructure (servers are replaced, never patched)

  • Enforce strict network policies across Kubernetes clusters

  • Automate infrastructure using Terraform or Ansible

  • Harden operating systems (SELinux / AppArmor, minimal services, attack surface reduction)

  • Design secure secrets management using HashiCorp Vault or HSMs

  • Ensure infrastructure keys are isolated and never exposed to applications or users

  • Build CI/CD pipelines that support reproducible / verifiable builds

  • Ensure binaries can be independently verified against open-source code (hash verification)

  • Secure the entire supply chain from source to deployment

  • Implement traffic obfuscation techniques to resist traffic analysis

  • Design zero-log monitoring using Prometheus / Grafana


 Core Tech Stack

  • Cloud: AWS / GCP or privacy-focused bare metal (Hetzner, Swiss hosting)

  • Containerization: Docker, Kubernetes (K8s) with strict network isolation

  • IaC: Terraform or Ansible

  • Secrets: HashiCorp Vault, HSM

  • Monitoring: Prometheus, Grafana (zero-log approach)

  • CI/CD: Secure pipelines with reproducible builds


Requirements

  • Strong experience as a DevSecOps / Infrastructure / Security Engineer

  • Deep understanding of Linux hardening and OS-level security

  • Hands-on experience with Kubernetes security, networking, and isolation

  • Experience building secure CI/CD pipelines

  • Strong mindset around privacy, threat modeling, and adversarial thinking

  • Ability to design systems assuming hostile environments


Nice to Have

  • Experience with privacy-first or end-to-end encrypted products

  • Background in cryptography-aware systems (even if not a cryptographer)

  • Experience with open-source security projects

  • Familiarity with Signal-like architectures or secure messaging concepts


Work Format

  • Remote

  • Full-time or long-term project cooperation

  • Greenfield product, high ownership, high trust


Hiring Process

1️⃣ Intro call with HR
2️⃣ Technical & security-focused interviewFinal discussion with project leadership

 Offer & onboarding — welcome aboard 🚀

 

Published 27 January
40 views
·
11 applications
To apply for this and other jobs on Djinni login or signup.
📊 $2000-4000 Average salary range of similar jobs in analytics →
Loading...