Tech Lead; DevSecOps
Listed on 2026-07-07
-
IT/Tech
Cybersecurity
About Blinq
Blinq is the AI contacts app for people who meet people. We're on a mission to unlock the world's relationship potential. So much of what's possible in the world is locked inside relationships that never quite happen. A missed conversation, a forgotten follow‑up, the right person at the wrong time. We're building so those chances aren't left to chance. What started as the world's #1 digital business card is now used by 4 million professionals and at 93% of the Fortune 500.
Therole
We're hiring a Tech Lead / Dev Sec Ops Engineer, a security‑first engineer who is also a strong backend engineer in our Node.js / Type Script stack. You'll set the technical direction for how we build securely, harden our cloud environment, own our security incident detection and response, and lead the work that takes our security posture (and compliance) to the next level.
This is a high‑trust, high‑autonomy role with room to shape how security and infrastructure work as we scale.
- Lead design and delivery across our Node.js / Type Script backend and platform, balancing security and platform work with the product‑adjacent building that keeps us shipping.
- Own and harden our GCP, Cloudflare, and Firebase infrastructure – IAM, networking, secrets management, and infrastructure‑as‑code (Pulumi Type Script & Terraform).
- Embed security into the SDLC: threat modeling, secure code review, and CI/CD security guardrails (SAST/DAST, dependency scanning).
- Run vulnerability management end to end – triage, remediation, coordinating external penetration tests, and enhance our vulnerability disclosure programme.
- Own detection, logging, and incident response, including endpoint detection & response (EDR) and security monitoring in Datadog.
- Lead anti‑phishing, spam, and platform‑abuse detection and prevention.
- Drive identity and access governance – SSO, OAuth, and IAM audits and improvements.
- Drive our SOC 2 / ISO 27001 and privacy (GDPR) efforts, turning compliance requirements into pragmatic engineering controls.
- Set technical standards and mentor engineers, raising the bar for how the whole team builds and ships securely.
- Tech Lead‑level experience as a strong backend engineer with a security focus, ideally in Node.js / Type Script.
- Solid application/product security fundamentals – OWASP, secure design, code review, API security.
- Hands‑on cloud experience (GCP ideal; Cloudflare/Firebase a plus) and infrastructure‑as‑code (Pulumi in Type Script; Terraform or similar experience translates well).
- Detection & response depth – EDR, security monitoring / SIEM, and incident response. Hands‑on experience with Datadog is highly desirable.
- Familiarity with security tooling – SAST/DAST, Snyk/Dependabot/Renovate, secrets scanning, secrets management – and vulnerability management.
- Identity / auth depth – OAuth, SSO, and end‑user authentication.
- Exposure to SOC 2, ISO 27001, or GDPR/privacy in a SaaS environment. Compliance automation (e.g. Vanta) a plus.
- A pragmatic, build‑first mindset – comfortable owning ambiguity and setting direction in a scaling startup.
- Strong communication and the ability to lead and mentor without heavy process.
- Prior experience as an early or first security hire at a startup.
- Dev Sec Ops / CI‑CD security tooling and automation.
- Detection & incident response experience.
- Identity/auth depth (OAuth, SSO).
- Endpoint security / MDM exposure (e.g. Iru).
- Equity and ownership. We're building something massive and we want you to share in the upside. Genuinely.
- Competitive salary and a real growth path. As Blinq grows, your role and compensation grow with it.
- Time to switch off. 20 days of annual leave plus a flexible policy for everything life throws at you beyond that.
- Good times, often. Team lunches, padel, game nights, Barry's sessions. We like hanging out and it shows.
- Regular catered lunch at some of our offices, plus an always‑stocked snack bar.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
#J-18808-LjbffrTo Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: