DevOps Engineer

About Us

We are a global fintech company that specializes in catering to underserved and underbanked consumers. Our organization has a passion for helping people financially through our technology solutions which has allowed us to serve millions of consumers globally.

Headquartered in Montreal, Canada with offices in the United States and Latin America, we encourage personal and professional growth in equal measures. To create the best possible experience for our employees, we continuously invest in our teams and provide opportunities for growth.

The Role

We’re looking for a mid-level DevOps Engineer to help build and operate secure, reliable, and scalable cloud infrastructure for a fintech platform. You’ll partner closely with software engineering, security, and compliance to improve deployment velocity, strengthen production resilience, and meet the operational expectations of regulated financial services (availability, auditability, data protection, and change control).

This is a hands-on role: you’ll ship infrastructure-as-code, improve CI/CD, support incident response, and continuously optimize our production environment.

Responsibilities

Platform reliability & operations

• Operate and improve production systems that support financial workflows (payments, lending, trading, identity/KYC, reporting, etc.).
• Own and improve availability, latency, and error-rate targets through SLOs/SLIs and proactive reliability work.
• Participate in an on-call rotation, lead incident triage, and drive post-incident reviews (RCA) and remediation items.
• Implement robust backup, disaster recovery, and business continuity practices (define and test RTO/RPO).

Infrastructure as Code & cloud engineering

• Design, deploy, and maintain cloud infrastructure using Infrastructure as Code (Terraform/CloudFormation/Pulumi).
• Build scalable and secure environments across dev/stage/prod, enabling consistent and repeatable deployments.
• Improve platform scalability and cost efficiency (rightsizing, autoscaling, reserved instances/savings plans, storage lifecycle policies).

CI/CD and developer enablement

• Build and maintain CI/CD pipelines to support safe, repeatable releases (Jenkins/BitBucket).
• Improve release quality with progressive delivery patterns (blue/green, canary, feature flags) where appropriate.
• Create developer tooling and automation that reduces manual work and increases delivery confidence.

Security, compliance & audit readiness

• Embed security best practices into the platform: least privilege IAM, network segmentation, hardened images, and vulnerability remediation.
• Implement and manage secrets management (Vault, AWS Secrets Manager, GCP Secret Manager) and key management (KMS/HSM concepts).
• Support compliance requirements such as SOC 2, PCI DSS (if applicable), and internal controls through logging, evidence collection, and change management.
• Maintain strong audit trails: infrastructure changes, access controls, deployment approvals, and production change history.

Observability & performance

• Improve monitoring, logging, tracing, and alerting (Prometheus/Grafana/ELK/Open Telemetry).
• Tune alerting to reduce noise and improve signal and ensure operational dashboards support on-call readiness.
• Build operational runbooks and standard operating procedures for repeatable production support.

Who we’re looking for

• 3–6 years of hands-on experience in DevOps / SRE / Platform Engineering (or equivalent).
• Strong experience with at least one major cloud provider preferably GCP.
• Hands-on experience with Infrastructure as Code (Terraform preferred).
• Experience building and supporting CI/CD pipelines and release automation.
• Familiarity with containers and orchestration: Docker and Kubernetes (GKE).
• Solid Linux fundamentals, networking basics (DNS, TLS, load balancing), and scripting (Bash/Python).
• Strong operational mindset: incident response, postmortems, reliability improvements, and documentation.
• Ability to work cross-functionally and communicate clearly with engineers and non-engineering stakeholders.
• French and English is required

Nice to have

• Experience in regulated environments (SOC 2, PCI, SOX, ISO 27001) and supporting audits/evidence collection.
• Knowledge of fintech security patterns: tokenization concepts, encryption at rest/in transit, IAM boundary design, and key rotation.
• Experience with service-to-service authentication (mTLS, OIDC/JWT) and policy enforcement (OPA/Gatekeeper).
• Exposure to event-driven systems (Kafka/SNS/SQS/PubSub) and high-throughput data pipelines.
• Experience with database operations (Postgres/MySQL) including replication, failover, performance monitoring.
• Familiarity with risk controls: separation of duties, environment access controls, deployment approvals, and change windows.

Tech stack

• IaC: Terraform (+ Terragrunt), Helm
• CI/CD: GitHub Actions / GitLab CI / Jenkins /Bit bucket
• Observability: Datadog / Prometheus + Grafana / ELK / OpenTelemetry
• Security: Vault, KMS, SAST/DAST, container scanning (Trivy), dependency scanning, sonar cube
• Containers: Docker, Kubernetes

What success looks like (first 3–6 months)

• Reduced deployment friction and improved release safety (fewer rollbacks, faster recovery).
• Clear, actionable dashboards and alerts; improved on-call experience (lower noise, better runbooks).
• Measurable improvements in reliability (SLO adherence) and incident response (MTTR).
• Stronger security posture (tightened IAM, improved secrets handling, faster vulnerability remediation).
• Audit-ready evidence and change history are easier to produce and validate.