DevSecOps Engineer (Boston)

About YieldstreetYieldstreet is building the largest global digital wealth management platform to change the way wealth is created. With an investor-first approach, our investor community builds a diversified portfolio of investments outside of the stock market to generate passive income. Yieldstreet is giving unprecedented access to asset classes such as Fine Art, Real Estate, Crypto, Legal & Private Business Credit. We’re headquartered in New York City with offices in Miami, Boston, Brazil, Argentina, Malta and Greece.  Why Yieldstreet? Join a team of diverse, smart, and friendly people from 8 different countries who speak a total of 17 different languages who are on a mission to make alternative investments more accessible. Our team is comprised of successful entrepreneurs with combined exits of over $1B. We get social with each other during happy hours, exercise classes, and team off sites!  What’s in it for you:Competitive compensation packages including equity Health, dental & vision coverage with FSA/HSA optionsUnlimited PTO 401k MatchLearning and Development stipend Wellness creditPaid lunch once a weekCommuter benefit  Life insuranceSabbaticalAbout the RoleYieldstreet is hiring a DevSecOps Engineer to improve the security of our development pipelines and cloud infrastructure. Our suite of reactive applications are served on AWS. The job is to ensure that we are shifting left on security, developing hardened infrastructure, and participating on a blue team to help us defend against bad actors. This role is for someone who has experience operating and securing cloud native applications in a public cloud infrastructure. You will be working on a global team and reporting to the VP of Infrastructure and Security.

What You'll Do:

• Develop hardened systems and cloud platforms with guidance from vendor neutral benchmarks such as CIS, CSA, and NIST
• Work with the Cybersecurity team to bolster our defenses against bad actors and internal threats due to misuse using EDR and SIEM
• Develop security guard rails within AWS and Kubernetes to ensure security controls are being met
• Improve our Static Code Analysis practice by ensuring rules contain new forms of attacks discovered in the wild
• Develop processes to secure and audit our third party software supply chain
• Participate in security tabletop exercises. Develop new exercises based on the evolving cyber security landscape
• Take a lead on our security incident response team and participate in blameless post mortems.

What You'll Need:

• Deep understanding of public cloud infrastructure
• Deep understanding of networking and network security
• Expertise in container orchestration technologies
• Expertise in cloud automation tools such as Terraform, Ansible, Salt, and Helm
• Expertise in Python, Bash, and/or Go 

Bonus points for:

• Knowledge of security toolings such as Crowdstrike Falcon, Falco, and Open Policy Agent
• The ability to present and educate