DevSecOps Engineer

Natural Cycles is an international working environment filled with smart and ambitious colleagues working in our offices in Stockholm, Geneva, New York and remotely. Our mission is to pioneer women’s health with research and passion - by empowering every woman with the knowledge they need to be in charge of their health.

We’re looking for a Devops Engineer with a Security and Automation focus who thrives in a fast-paced, data-driven, agile environment and is inspired to use their talents to help us in our mission. Grounded in science and founded by scientists, we pride ourselves with being a very data-driven company and team. This role is thus of great importance and has a high impact cross functionally at Natural Cycles.

We are looking for you whose soft skills shine and who can communicate with ease in English. You are passionate about technology, team work, but also have a responsibility and autonomy in your work. You are able to work efficiently in a remote work environment, in a setting where online and asynchronous communication is the foundation.

We are a remote-first company and have physical offices in Stockholm, Geneva and New York, which you are welcome to use if you are located nearby. Once or twice per year we all meet up in person in a beautiful location to enjoy a few days together.

The team is based in Sweden but the position is open from other locations, allowing fully remote work from European and US east coast time zones.

Mission
In this role you will have a broad range of responsibilities and tasks that touch most of our technical components and teams. You will be working actively to expand Natural Cycles Security capabilities around prevention, detection and alerting (SIEM) including participation in choosing tools to use and setting up data pipelines, alerts etc. as well as champion user-facing security features. As a member of the platform team you will also be working with automating “infrastructure things”, from deployments to release documentation scripts etc. This will enable our teams to optimize and improve the growth drivers while staying secure and hence maximize the impact on our mission to empower women.

What you will be doing

- Working to set up new infrastructure, improving stability and reliability of existing infrastructure. Often POCs are manually set up but then converted to IaaC as it matures.

- Advancing security across the whole software development lifecycle (code, CI/CD, infrastructure)

- Work with cybersecurity from both a technical and compliance perspective (ISO27001, TIR57).

- Performing root cause analysis for issues related to security or technical issues including data quality.

- Actively improve and monitor our SIEM system (Elastic / ELK) including security event gathering, alerting etc. in an effort to improve Threat Intelligence and response.

- Also work with tasks not directly related to security such as for example: automation, devops

- Work hands-on with data insights and analytics and if possible, always take the data driven approach.

- Work closely with stakeholders across the organization to make sure that you provide for the company’s short- and long-term goals and prioritize accordingly.

Our technology stack includes:

- TypeScript, Node.js, Express.js running on GCP AppEngine

- Supporting infrastructure running on Kubernetes (GKE + microk8s), e.g. github actions runners, reverse proxies etc.

- Highly automated CI pipelines (Github Actions, CircleCI)

- Multiple backend production deployments per day with <1% rollbacks (measured since 2019)

- Ionic, Angular, Capacitor on the Frontend

- Python and Kotlin for Data science

- AppStore/GooglePlay releases on a monthly basis

We ♥ Open Source, encourage Open Source contributions and often open our general-purpose repositories (http://github.com/NaturalCycles/).

What skills and experience we think you have

- DevOps Experience, working with automation and infrastructure

- Experience and interest in security. At Natural Cycles a big part of your role will be focused on driving and maintaining security. Everything to setting up secure defaults for infrastructure automation, to code reviewing, to analyzing attacks or threats.

- Good planning and organizational skills with an ability to manage competing demands.

- Creative and pragmatic approach to problem solving with the ability to focus on details while maintaining the “big picture” view.

- Great communication skills with stakeholders, as well as working closely with the full R&D team with product owners, engineers and designers.

- Familiarity with public cloud such as GCP

- Experience with continuous delivery and automated testing.

Not required but it would be a bonus if you also have:

- Experience with modern JavaScript, TypeScript, Node.js.

- Working with Security Compliance (e.g. ISO27001)

- Commercial acumen and understanding of business drivers.

- A passion for women’s health.

How to apply
Apply by uploading your CV and answering the questions in the application form. Please note that we do not accept any applications through email due to GDPR and only applications submitted through the career site (and in English) will be considered.