goldenratio.exchange

The Role

We are looking for a highly skilled Senior DevOps Engineer to strengthen our Cloud Platform team. This is a hands-on technical role critical to ensuring our operational excellence, security, and resilience.

You will help build a secure, scalable, and compliant cloud infrastructure that serves as the foundation for all our product teams. This role requires deep hands-on experience with AWS, Kubernetes, and Infrastructure-as-Code.

Crucially, you will be responsible for navigating the strict regulatory landscape of a financial institution. You must have successfully navigated environments requiring ISO 27001, PCI DSS, and DORA compliance. You will work closely with the Cloud Platform Manager and security teams to implement the controls and processes necessary to keep our platform secure and compliant.

While this is a remote-first role, you should be based in a CET-adjacent timezone to collaborate effectively with colleagues.

What You'll Do

• Build Cloud Infrastructure: Design, implement, and maintain our AWS-based infrastructure (EKS, EC2, RDS, IAM, VPC, KMS, networking).
• Infrastructure as Code (IaC): Develop and manage our infrastructure using Terraform/Terragrunt, Helm, and Kubernetes manifests.
• CI/CD & GitOps: Build and optimize CI/CD pipelines (GitHub Actions/GitLab CI) and operate GitOps workflows using ArgoCD or Flux.
• Compliance Implementation: Implement and maintain the specific technical controls and processes required for ISO 27001, PCI DSS, and DORA.
• Security Operations: Apply best practices for cloud security, encryption, access control (IAM, RBAC, Zero Trust), and support incident response.
• Observability: Configure and maintain our observability stack using Prometheus, Grafana, Loki, Alloy, and OpenTelemetry.
• Documentation: Create clear technical documentation, standards, and security policies to support audits and internal knowledge sharing.

• Disaster Recovery: Support Disaster Recovery (DR) and Business Continuity planning and testing.

   

What We're Looking For

• Experience: 5+ years of professional DevOps experience, with a proven track record of building secure cloud environments.
• Compliance Expert: Mandatory hands-on experience implementing and passing audits for ISO 27001, PCI DSS, and DORA. You must understand the technical reality of these frameworks.
• AWS Mastery: Deep experience with AWS services, particularly EKS, networking, and security.
• Certification: AWS Certified Solutions Architect – Associate (Mandatory).
• Container Orchestration: Expert-level knowledge of Kubernetes (EKS), including autoscaling, IRSA, network policies, and cluster security.
• IaC Expertise: Strong proficiency with Terraform / Terragrunt and GitOps methodologies.
• Observability: Experience with monitoring, logging, and distributed tracing tools (Prometheus, Grafana, Loki).
• Security Mindset: Solid understanding of networking (TLS, VPN, WAF) and identity management (IAM, RBAC).

• Soft Skills: Strong ownership mentality, proactive problem-solving, and the ability to communicate effectively with auditors and stakeholders.

   

Bonus Points

• Certifications: AWS Security Specialty, AWS DevOps Engineer (Professional), or CKA/CKAD (Kubernetes).
• Familiarity with MiCA (Markets in Crypto-Assets) regulations.
• Experience with Vault, AWS Secrets Manager, or SSM Parameter Store.
• Experience building AWS Landing Zone / Control Tower architectures.

• Background in FinTech, RegTech, or enterprise banking environments.

   

What We Offer

• Foundational Role: A key role in building the compliant infrastructure backbone for a major European crypto platform.
• High Standards: The opportunity to work in a high-compliance, high-security environment that values technical excellence.
• Clear Ambition: The chance to join a company with a clear goal of becoming the #1 crypto platform in the EU.
• Greenfield Culture, Brownfield Code: A rare chance to join a new company culture with no baggage, while solving the interesting technical challenges of a mature product.
• Flexibility & Connection: A 100% remote-first role with periodic, all-expenses-paid team gatherings and a new hub in Ticino, Switzerland.
• Compensation: A competitive salary and benefits package.

The Role

We are looking for an Application Security Engineer to be a core technical pillar of our new Application Security team. This is a hands-on technical leadership role without people management responsibilities.

You will be the go-to person for security architecture, secure coding practices, and vulnerability management.

Your primary mission is to ensure the integrity of our core platforms—the Exchange and GRX Pay—by building automated security systems and defining the standards that protect our users' assets. You will analyze the existing infrastructure to understand its strengths and weaknesses, developing a clear strategy to harden and evolve it.

While this is a remote-first role, you should be based in a CET-adjacent timezone to collaborate effectively with colleagues. You can also expect to travel for periodic in-person team gatherings.

What You’ll Do

• Architect Secure Systems: Design, build, and maintain the security frameworks for our web and mobile applications, ensuring security is baked into the platform from the start.
• Audit and Hardening: Analyze the existing codebase and infrastructure to identify vulnerabilities. Develop and execute a strategy for incrementally refactoring legacy features into the new, secure platform.
• Secure the Exchange: Profile and optimize our applications to ensure a reliable and secure experience for the data-intensive Golden Ratio Exchange.
• Set the Standard: Define and enforce best practices for code quality, security testing, and automated vulnerability scanning (e.g., SAST, DAST) across all codebases.
• Technical Leadership: Act as the primary technical mentor for other engineers regarding secure development life cycles (SDLC). Solve the most complex challenges related to cryptography and data protection.
• Collaborate: Work closely with the Security Manager and Product teams to translate business needs into scalable, secure technical solutions.

What We’re Looking For

• Experience: 3+ years of professional experience in application security or software engineering with a heavy focus on security.
• Legacy Systems Experience: Demonstrable experience working with and securing large, existing codebases. You see complex legacy code as a challenge to be solved, not avoided.
• Technical Expertise: Expert-level knowledge of web and mobile security vulnerabilities (OWASP Top 10) and deep familiarity with TypeScript or React environments.
• Security Mindset: Experience building or maintaining shared security libraries or automated security tooling. You enjoy building tools that make other developers more productive and secure.
• Quality Focus: A deep commitment to code quality, automated testing, and integrating security into CI/CD pipelines.
• Location: Based in a timezone adjacent to Central European Time (CET) for optimal team collaboration.
• Communication: Excellent skills in articulating complex technical security concepts clearly to both technical and non-technical stakeholders.

What We Offer

• High-Impact Role: A unique opportunity to be a founding technical expert for application security, making key architectural decisions.
• Clear Ambition: The chance to join a company with a clear goal of becoming the #1 crypto platform in the EU.
• Greenfield Culture, Brownfield Code: A rare chance to join a new company culture with no baggage, while solving the interesting technical challenges of a mature product.
• Flexibility & Connection: A 100% remote-first role with periodic, all-expenses-paid team gatherings and a new hub in Ticino, Switzerland.

The Role

This is a foundational leadership role, reporting directly to the CTO. We are looking for a hybrid leader to build and manage our Tenants team, which is responsible for the most critical component of our platform: Identity & Access Management.

Our management philosophy is unique. The Manager is the single owner of a business vertical, responsible for the Why (the product vision), the What (the features and roadmap), and the Who (the people management and hiring).

You will act as both the Product Manager and the Engineering Manager for all user and company identity services. You will be a highly technical leader, but your primary focus will be on product strategy and team execution, not on being the deepest technical expert. You will partner with a dedicated Senior Engineer (who will own the deep how—the technical architecture) to bring your product vision to life.

Your mission is to define the future of our identity platform, build your team, and lead the technical migration from our legacy codebase to a modern, secure, and MiCA-compliant architecture.

This is a full-time, remote leadership role.

What You'll Do

• Product Ownership (The "Why" & "What"):
  • Define and own the complete product vision, strategy, and roadmap for all identity and access management services.
  • Own the product backlog and prioritize all features related to:
    • User Management: Registration, KYC verification, authentication, 2-factor auth, password reset, session management, and user-level API keys.
    • Company Management: Company creation, KYB verification, member management, and company-level API keys.
    • Notifications: The core service for managing and delivering user notifications.
• People & Team Leadership (The "Who"):
  • Build Your Team: You will have the mandate to hire and build your team of full-stack engineers.
  • People Management: Lead, mentor, and grow your engineers through 1-on-1s, goal setting, and career development.
  • Define Culture: Establish a world-class engineering culture focused on security, reliability, and precision.
• Engineering Execution (The "How"):
  • Lead the planning and execution of the strategy for all identity-related systems.
  • In partnership with your Senior Engineer, guide the team in making high-level technical decisions for security and scalability.
  • Ensure your team delivers high-quality, secure, and reliable services using our stack (Node.js, Nest.js, React, PostgreSQL).
  • Collaborate with all other Managers to provide secure, seamless, and reliable identity services that the entire platform depends on.

What We're Looking For

• Hybrid Experience: 5+ years in software engineering with 2+ years in a leadership role (e.g., Engineering Manager, Team Lead, or a technical Product Manager).
• Domain Expertise: Direct, hands-on experience building and leading teams that manage identity, authentication (e.g., OAuth, JWT), or KYC/KYB systems is a huge advantage.
• Highly Technical: You must come from a strong engineering background (ideally with Node.js or similar) and be able to lead technical discussions on security, authentication, and database design.
• Product Mindset: You must have experience with product management fundamentals: creating roadmaps, managing backlogs, and making data-driven priority calls.
• People Leader: Demonstrable experience hiring, managing, and mentoring engineers.
• Legacy Systems Experience: You are not afraid of a brownfield project. You have experience planning and executing the migration of a critical legacy system.
• Communication: Excellent ability to articulate the "Why" to your team and report progress to the CTO.

What We Offer

• Foundational Leadership Role: A rare opportunity to build the most critical team (identity and security) from scratch, reporting directly to the CTO.
• Full Ownership: Complete autonomy over your product vertical (Why, What, Who).
• Clear Ambition: The chance to join a company with a clear goal of becoming the #1 crypto platform in the EU.
• Greenfield Culture, Brownfield Code: A rare chance to join a new company culture with no baggage, while solving the interesting technical challenges of a mature product.