Infrastructure & Security Engineer

Company • Spiko is a fintech startup launched in 2023 and based in Paris. Our website is www.spiko.io. • We are building a platform that enables the issuance and seamless access to next-generation financial instruments, which are Internet-native and can be transferred 24/7. • Our first products are Money Market Funds approved by the French Financial Markets Authority. These products provide individuals and corporations with easy, programmable access to the risk-free rates in both € and $. • Today, more than $1B is managed on our platform.

We are looking for a Founding Infrastructure & Security Engineer to join Spiko's 8-people engineering team. You will be the first person in the team fully dedicated to infrastructure, security, and reliability. Until now, these responsibilities have been shared across our full-stack engineers.

Typical responsibilities include:

Cloud Infrastructure & Operations • Manage and evolve our cloud infrastructure on AWS, GCP and Cloudflare using Terraform • Manage our deployed environments on Kubernetes (via Qovery) • Improve reliability, observability, and performance of our systems • Define infrastructure standards and deployment best practices

Security • Set up continuous security scanning and automated vulnerability detection • Evaluate and deploy AI-powered pentesting tools • Organize and manage external security audits • Enforce application and cloud security best practices

Corporate IT & Compliance • Manage VPN, SSO, MFA, and access control policies • Handle employee onboarding/offboarding from a systems access perspective • Drive ISO 27001 compliance (policies, controls, evidence collection) • Respond to internal security incidents (stolen devices, phishing, suspicious access)

Our stack • Cloud: AWS, GCP, Cloudflare (for DNS) • Infrastructure as Code: Terraform • Orchestration & Deployment: Kubernetes, Docker, Qovery • Databases: PostgreSQL • Observability: Datadog (logs, traces, metrics, RUM) • Identity & Access: Ory (Kratos, Hydra, Oathkeeper) • CI/CD: GitHub Actions • Application stack: TypeScript, NX, Effect, React

Who we're looking for

Requirements: • 5+ years of experience in infrastructure, DevOps, or security engineering roles • Strong hands-on experience with AWS (and/or GCP), Terraform, and Kubernetes • Solid understanding of application security, network security, and cloud security best practices • Experience with security audit processes, vulnerability management, or compliance frameworks (ISO 27001, SOC 2, or similar) • Comfortable working autonomously and defining your own roadmap — you'll be the first dedicated person in this area • Comfortable working in an English-speaking environment • Curious, pragmatic, and eager to learn

Nice to have: • Experience in fintech, capital markets, or other highly regulated environments • Familiarity with CI/CD security tooling (SAST, DAST, dependency scanning, container scanning) • Experience with automated pentesting tools or AI-driven security testing • Knowledge of blockchain infrastructure or Web3 security • Experience leading or contributing to ISO 27001 certification

What we offer • €75k - €95k salary + competitive stock options • Remote work policy: the company is based in Paris — you can work remotely up to 2 days per week & 1 full week per month • A small and focused team: you will be an early team member who will shape the company's infrastructure and security practices from the ground up

Hiring process • 45 min intro call with Samuel (CTO) (remote) • 45 min technical interview focused on infrastructure & security with one engineer (remote) • 2h hands-on technical session with two engineers (infrastructure design, security scenario) (in the office) • 30 min chat with Antoine (COO) and 30 min chat with Paul-Adrien (CEO) (in the office)