Infrastructure & Security Engineer
Overview
Spiko is a fintech startup launched in 2023 and based in Paris. Our website is .
We are building a platform that enables the issuance and seamless access to next-generation financial instruments, which are Internet-native and can be transferred 24/7. Our first products are Money Market Funds approved by the French Financial Markets Authority. These products provide individuals and corporations with easy, programmable access to the risk-free rates in both € and $. Today, more than $1B is managed on our platform.
Role
We are looking for a Founding Infrastructure & Security Engineer to join Spiko's 8-person engineering team. You will be the first person in the team fully dedicated to infrastructure, security, and reliability. Until now, these responsibilities have been shared across our full-stack engineers.
Responsibilities
- Manage and evolve our cloud infrastructure on AWS, GCP and Cloudflare using Terraform
- Manage our deployed environments on Kubernetes
- Improve reliability, observability, and performance of our systems
- Define infrastructure standards and deployment best practices
- Set up continuous security scanning and automated vulnerability detection
- Evaluate and deploy AI-powered pentesting tools
- Organize and manage external security audits
- Enforce application and cloud security best practices
- Manage VPN, SSO, MFA, and access control policies
- Handle employee onboarding/offboarding from a systems access perspective
- Drive ISO 27001 compliance (policies, controls, evidence collection)
- Respond to internal security incidents (stolen devices, phishing, suspicious access)
- Drive cloud and security stack initiatives (AWS, GCP, Cloudflare DNS, Terraform, Ory/Kratos, etc.)
Qualifications
- 5+ years of experience in infrastructure, DevOps, or security engineering
- Strong hands-on experience with AWS (and/or GCP), Terraform, and Kubernetes
- Solid understanding of application security, network security, and cloud security best practices
- Experience with security audit processes, vulnerability management, or compliance frameworks (ISO 27001, SOC 2, or similar)
- Comfortable working autonomously and defining your own roadmap — you will be the first dedicated person in this area
- Comfortable working in an English-speaking environment
- Curious, pragmatic, and eager to learn
Nice to have
- Experience in fintech, capital markets, or other highly regulated environments
- Familiarity with CI/CD security tooling (SAST, DAST, dependency scanning, container scanning)
- Experience with automated pentesting tools or AI-driven security testing
- Knowledge of blockchain infrastructure or Web3 security
- Experience leading or contributing to ISO 27001 certification
What we offer
- Salary: €75k - €95k + competitive stock options
- Remote work policy: based in Paris — up to 2 days per week and 1 full week per month remote
- Small and focused team: you will be an early team member who shapes the company's infrastructure and security practices
Hiring process
- 45 min intro call with Samuel (CTO) (remote)
- 45 min technical interview focused on infrastructure & security with one engineer (remote)
- 2h hands-on technical session with two engineers (infrastructure design, security scenario) (in person or remote)
- 30 min chat with Antoine (COO) and 30 min chat with Paul-Adrien (CEO) (in person or remote)