DevSecOps Engineer Remote - Global

Alpaca is a US-headquartered self‑clearing broker‑dealer and brokerage infrastructure for stocks, ETFs, options, crypto, fixed income, 24/5 trading, and more. Our recent Series C funding round brought our total investment to over $170 million, fueling our ambitious vision.

Amongst our subsidiaries, Alpaca is a licensed financial services company, serving hundreds of financial institutions across 40 countries with our institutional‑grade APIs. This includes broker‑dealers, investment advisors, wealth managers, hedge funds, and crypto exchanges, totalling over 6 million brokerage accounts.

Our global team is a diverse group of experienced engineers, traders, and brokerage professionals who are working to achieve our mission of opening financial services to everyone on the planet. We're deeply committed to open‑source contributions and fostering a vibrant community, continuously enhancing our award‑winning, developer‑friendly API and the robust infrastructure behind it.

Alpaca is proudly backed by top‑tier global investors, including Portage Ventures, Spark Capital, Tribe Capital, Social Leverage, Horizons Ventures, Unbound, SBI Group, Derayah Financial, Elefund, and Y Combinator.

We’re a dynamic team of 230+ globally distributed members who thrive working from our favorite places around the world, with teammates spanning the USA, Canada, Japan, Hungary, Nigeria, Brazil, the UK, and beyond!

We’re searching for passionate individuals eager to contribute to Alpaca’s rapid growth. If you align with our core values—Stay Curious, Have Empathy, and Be Accountable—and are ready to make a significant impact, we encourage you to apply.

We are seeking a Dev Sec Ops  Engineer to own the intersection of security, reliability, and Dev Ops. This role will design and implement resiliency across our cloud platform and CI/CD pipelines, embed “security as code,” help lead incident response for high‑severity outages, and partner with engineering teams to enable safe, fast delivery at scale.

You will be hands‑on and strategic: automating remediation, hardening deployments, owning observability, and driving measurable reductions in security/infra related incident impact. This role reports to the CISO, with a dotted line into Engineering and works closely with Dev Ops, Product, and Engineering leadership.

The Security Team is 100% distributed and remote.

The core responsibilities of the Dev Sec Ops  Engineer role are focused on embedding security throughout our infrastructure and software development lifecycle, enhancing cyber resilience, and driving a strong security culture.

• Secure SDLC Integration: Embed security into CI/CD pipelines by implementing and owning secure controls, including Infrastructure as Code (IaC) scanning, Software Composition Analysis (SCA), secrets checks, policy‑as‑code, and deployment guardrails.
• Vulnerability Management: Lead the process of vulnerability and patch management, automating discovery, prioritization, and remediation across all cloud workloads and their dependencies.
• Platform Hardening: Strengthen cloud and Kubernetes environments through secure configurations, network segmentation, workload identity management, and automated compliance against industry standards (e.g., CSA Star).
• Supply Chain Security: Advance the security of the software supply chain, focusing on generating Software Bill of Materials (SBOMs), artifact signing, dependency governance, and implementing integrity controls.
• Secure Patterns: Create secure “paved roads” for developers, providing hardened IaC modules, templates, tooling, and comprehensive documentation.

• Cyber Resilience: Own and validate cyber‑resiliency standards (secure failover, secure backups, Disaster Recovery playbooks) through secure rehearsals to ensure both the availability and integrity of systems and data.
• Security Deployment: Develop secure deployment patterns, such as canary rollouts, automated safe rollbacks, and guardrails to minimize blast radius.
• Detection & Forensics: Improve detection and response capabilities by building…