Autsorsa is a fast-growing company founded and based in EU that serves clients from all over the world, providing business outsourcing and outstaffing services.

Our mission is to discover talent and inspire to achieve good results. Our goal is strong results for the needs of our clients and satisfaction in the work of our teams.

Our client is a pioneering crypto exchange and broker-dealer committed to offering secure, innovative, and compliant solutions within the rapidly evolving virtual assets space. Based in the UAE, they operate under the stringent regulations of the Virtual Assets Regulatory Authority (VARA). We seek a dedicated professional to join the team as a Remote DevSecOps Lead to spearhead our cybersecurity, compliance, and data protection initiatives.

About the Role

As the DevSecOps Lead, you will be instrumental in integrating security practices into our development and operational processes. You will ensure that our infrastructure and applications adhere to the highest security standards, comply with VARA regulations, and effectively manage data protection. Additionally, you will act as the primary liaison between regulatory bodies for information security and data protection matters.

Key Responsibilities

DevSecOps Leadership:

• Security Integration: Embed security measures throughout the software development lifecycle, ensuring robust protection for applications and infrastructure.
• Infrastructure Management: Design, implement, and maintain secure cloud-based infrastructures (preferably AWS) using Infrastructure as Code (IaC) tools like Terraform and Helm.
• Automation: Develop and manage automated security testing and deployment pipelines to enhance efficiency and reliability.
• Monitoring & Incident Response: Establish continuous monitoring systems and lead incident response efforts to address and mitigate security breaches promptly.
• Collaboration: Work closely with development, operations, and compliance teams to foster a culture of security awareness and best practices.

Regulatory Compliance & Data Protection:

• Regulatory Liaison: Serve as the Information Security and Data Protection Officer (DPO) representative, acting as the primary point of contact with VARA and other regulatory authorities on cybersecurity and data protection matters.
• Compliance Assurance: Ensure all systems and processes comply with VARA's cybersecurity and data protection standards, as well as other relevant regulations.
• Risk Management: Conduct regular risk assessments and audits to identify vulnerabilities and implement corrective actions.
• Policy Development: Develop and enforce policies and procedures related to information security and data protection.
• Training & Awareness: Educate employees on security protocols, data protection laws, and best practices to cultivate a security-conscious culture.

Qualifications

• Experience: At least 5 years of experience in DevSecOps, cybersecurity, or related roles within financial services or cryptocurrency sectors.
• Technical Expertise: Proficient in cloud security architectures, containerisation (Docker, Kubernetes), CI/CD pipelines, and automation tools.
• Regulatory Knowledge: Comprehensive understanding of VARA-UAE regulations and other relevant data protection frameworks is an advantage.
• Certifications (Preferred): Cloud-Security or CyberSecurity certification is highly desired.
• Skills: Strong analytical, problem-solving, and communication skills with the ability to lead cross-functional teams and interact with regulatory bodies effectively.

Why Join Us?

• Competitive Compensation: Attractive salary and benefits package.
• Professional Growth: Opportunities for advancement in a cutting-edge industry.
• Equity Opportunities: Potential to earn equity as part of our commitment to rewarding long-term contributions.
• Innovative Environment: Engage in a collaborative and forward-thinking workplace.
• Impactful Role: Play a key role in shaping the security and compliance landscape of a leading crypto exchange and broker-dealer in the UAE.

By applying to this advertisement, you voluntarily provide your personal data and consent to their processing for the purposes of the recruiting. The processing of your personal data is carried out in full compliance with the requirements of Regulation (EU) 2016/679 (General Data Protection Regulation), the Personal Data Protection Act and all other applicable regulationsLicense for the selection of personnel from the Employment Agency No. 3484 of 08.03.2023 and No. 3485 of 08.03.2023 for the EU.