Senior DevOps Engineer

Senior DevOps EngineerNew York City (3 days a week In-Office) OR Remote US$200,000 – $300,000 base + performance bonus💰About the companyOur client is a founder-owned, bootstrapped trading and technology firm specialising in quantitative strategies, automated market making, and DeFi infrastructure. They execute hundreds of millions in weekly trading volume across centralised and decentralised exchanges.Engineering is small, moves fast, and operates at the intersection of financial risk and systems reliability. Every production incident has a direct P&L consequence. The stack spans Rust, Python, and TypeScript across AWS EC2 and bare metal infrastructure, with a growing number of CeFi and DeFi venue integrations.The roleThis is a greenfield mandate - the first dedicated Production Engineer at the firm. You will own and lead a platform-style rebuild of their production infrastructure from the ground up, spanning deployment standardisation, IaC, network hardening, secrets management, observability, and security.The philosophy is incrementalism over big-bang rewrites. Plans need to improve things week over week while keeping trading systems live. You will earn trust through early visible wins and work directly alongside Engineering and Security leadership.Split: 60% Production Engineering & Reliability · 20% Security · 20% DevEx & Deployment ToolingWhat you'll ownReliability — Uptime and resilience of production infrastructure. The core of the role.Platform build-out — Incremental IaC migration, CI/CD pipeline with UAT/PROD environments and rollback capability, standardised host configuration.Network & secrets — Harden AWS VPC and network segmentation, integrate bare metal into the private network, migrate secrets to a managed solution with least-privilege access and rotation.Observability — Consolidate the monitoring stack, close coverage gaps on host-level metrics and logging, build alerting that surfaces what matters.Security — IAM least privilege, dependency hygiene, and refreshable infrastructure. Bake security defaults into the platform from day one.Requirements5+ years in Production Engineering, SRE, DevOps, or equivalent with direct infrastructure ownershipEngineering background — able to read, reason about, and debug services across Python, Rust, or TypeScriptHands-on IaC experience: CDK, Terraform, or similarCI/CD pipeline design from scratch — environment promotion, change management, rollbackDeep networking knowledge: VPC design, security groups, DNS, and layer 2–7 troubleshootingSecrets management — operational experience migrating from insecure patterns without downtimeProduction experience with PostgreSQL, TimescaleDB, ClickHouse, Redis, or similarTrack record in high-stakes environments where reliability has direct business consequences — financial services, trading, or similarStrong communicator — able to explain architecture decisions to engineers, security, and non-technical stakeholdersNice to haveBare metal and mixed cloud/on-prem experienceBlockchain node or validator operationsCloudflare Zero Trust, Tunnel, or WARP familiarityCompensation & benefitsMajority-covered healthcare, fully covered vision & dental401(k)Free lunch and dinner in-office dailyAll-expenses-paid company offsites📩 Interested or know someone who might be? Drop me a message or apply directly. The company name will be shared with candidates who progress to a first conversation.