Job Description

JOB DESCRIPTION DevSecOps Engineer Experience: 7 + years “Reflections Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets." JOB DESCRIPTION We’re looking for a DevSecOps Engineer to build and own our Internal Developer Portal (IDP), enabling developer self-service, golden paths, compliance, automation, and best practices. RESPONSIBILITIES • Architect, design, deploy, and maintain our Internal Developer Portal so dev teams can self provision infrastructure and applications. • Define & implement golden paths (reusable templates) for infrastructure & app deployment that enforce security, compliance, and cloud best practices. • Integrate the portal with CI/CD pipelines, cloud infrastructure (Kubernetes, AWS/Azure/GCP), and developer tooling. • Embed DevSecOps practices from the beginning – security scanning, vulnerability management, policy-as-code. • Continuously improve developer experience: usability, speed, support. • Evaluate, adopt, or build tools/automation to enhance workflows. • Provide ongoing troubleshooting & support for the IDP and associated infrastructure. • Create and maintain clean, comprehensive documentation + guidelines for best practices. PRIMARY SKILLS • Proven experience in a DevSecOps or Platform Engineering role. • Demonstrated experience designing and running Internal Developer Portals (or equivalent self service / “golden paths”). • Strong cloud-native skills: Kubernetes, Docker, and services from AWS / Azure / GCP. • Solid CI/CD expertise: Jenkins, GitHub Actions, Argo CD, GitLab CI, etc. • Proficiency with Infrastructure as Code (Terraform, Ansible, Pulumi, etc.). • Deep understanding of security in cloud environments, pipeline security, secrets management, vulnerability scanning, compliance. • Excellent communication & ability to collaborate with both development and operations teams. SECONDARY SKILLS (IF ANY) • Experience with Port.io or similar IDP / developer self-service platforms. • Templating tools for app/infrastructure deployment. • Experience building software catalogs or reusable component libraries. • Comfortable scripting (Python, Go, Bash). • Familiar with security scanning / remediation tools.