About Legacy Legacy is an easy-to-use, non-custodial Web3 wallet designed to protect digital assets through beneficiary protection and seamless DeFi access. Users can swap across chains, earn yield in one click, and safeguard wealth for the next generation. Legacy is built by the team behind Decentralized Masters - a profitable $50M+ education and investment ecosystem with 4,000+ high-net-worth investors. We’ve launched. Demand is strong. Now we need someone to own the post-acquisition customer journey and turn users into long-term, high-LTV subscribers. About the Software Division We are building a portfolio of software products inside the Decentralized Masters ecosystem, including: - Legacy Wallet – a non-custodial Web3 wallet with beneficiary protection and seamless DeFi access - Trading Bot – automated crypto execution tools for serious investors - Future fintech and investor infrastructure tools We are now building the retention and lifecycle engine that will power long-term recurring revenue across all products. About the Role You will be the single person responsible for the security of a platform that tracks hundreds of millions in digital assets. That is the job. Everything else is secondary. We need someone who breaks things for a living. Someone who looks at a login page and sees six attack vectors. Someone who reads a pull request and catches the injection vulnerability that two senior developers missed. Someone who lies awake thinking about the phishing campaign that hasn't been invented yet. If that sounds exhausting, this is not your role. If that sounds like Tuesday, keep reading. Your primary responsibilities are security and quality assurance. You own penetration testing, vulnerability assessments, threat modeling, automated test frameworks, and CI quality gates across every product we ship. You also own infrastructure: AWS, CI/CD pipelines, monitoring, and incident response. And because we are a small, senior team, you will write production code when security and QA responsibilities are covered. You are not a consultant or a checkbox auditor. You are an engineer who ships, and whose code happens to make everything else harder to break. The ideal candidate has spent time at major product-driven fintech and crypto companies where a single security failure can destroy user trust overnight. What You Will Own Security (Primary) - Own the security posture across all products: Legacy, Trading Bot, and future platforms. If something gets breached, it is your problem. If nothing gets breached, it is because of your work. - Conduct regular penetration testing, vulnerability assessments, and threat modeling aligned with OWASP standards and methodologies - Ensure full coverage of the OWASP Top 10 in application security testing, code reviews, and deployment checks - Perform security-focused code reviews across frontend, backend, and infrastructure code, catching what standard code reviews miss - Implement and manage secrets management (Vault, AWS Secrets Manager, or KMS), access controls, and least-privilege policies - Build and maintain incident response playbooks. When something breaks, you lead the response, run the post-mortem, and ship the fix - Stay ahead of Web3 and crypto-specific attack vectors: phishing campaigns, wallet exploits, API key compromises, supply chain attacks, and social engineering - Manage and coordinate external security audits and penetration tests from third-party firms Quality Assurance & Testing (Primary) - Design and implement test strategies across all products: unit tests, integration tests, end-to-end tests, API tests, and regression suites - Build and maintain automated testing frameworks and CI quality gates that prevent broken code from reaching production - Define and track quality metrics: test coverage, flakiness rate, regression detection latency, and bug escape rate - Write and execute security test cases: authentication flows, authorization controls, input validation, API abuse scenarios, and edge cases around financial data - Perform both white-box and black-box testing, leveraging full codebase access to catch issues that surface-level QA would miss - Test across the full stack: frontend UI, backend APIs, database queries, third-party integrations, and on-chain interactions Infrastructure & DevOps (Foundation) - Maintain and improve cloud infrastructure on AWS using Infrastructure as Code (Terraform or CloudFormation) - Own CI/CD pipelines (GitHub Actions preferred): automated testing, security scanning, linting, and deployment - Harden infrastructure: network security, IAM policies, container security, and environment isolation - Build logging, monitoring, and alerting across all services (CloudWatch, Prometheus, Grafana, or equivalent) - Ensure audit trails for user actions, system changes, and access events - Manage production reliability, incident response, and cost optimization Fullstack Development (When the fortress is secure) - Contribute production code across frontend and backend, bringing a security-first mindset to every feature you build - Build features, fix bugs, and ship improvements alongside the engineering team - Every line you write should make the product better and harder to break: input validation, error handling, authentication, and data protection by default - Participate in architecture discussions and code reviews, advocating for testability, reliability, and security in every decision

About Legacy Legacy is an easy-to-use, non-custodial Web3 wallet designed to protect digital assets through beneficiary protection and seamless DeFi access. Users can swap across chains, earn yield in one click, and safeguard wealth for the next generation. Legacy is built by the team behind Decentralized Masters - a profitable $50M+ education and investment ecosystem with 4,000+ high-net-worth investors. We’ve launched. Demand is strong. Now we need someone to own the post-acquisition customer journey and turn users into long-term, high-LTV subscribers. About the Software Division We are building a portfolio of software products inside the Decentralized Masters ecosystem, including: - Legacy Wallet – a non-custodial Web3 wallet with beneficiary protection and seamless DeFi access - Trading Bot – automated crypto execution tools for serious investors - Future fintech and investor infrastructure tools We are now building the retention and lifecycle engine that will power long-term recurring revenue across all products. About the Role You will be the single person responsible for the security of a platform that tracks hundreds of millions in digital assets. That is the job. Everything else is secondary. We need someone who breaks things for a living. Someone who looks at a login page and sees six attack vectors. Someone who reads a pull request and catches the injection vulnerability that two senior developers missed. Someone who lies awake thinking about the phishing campaign that hasn't been invented yet. If that sounds exhausting, this is not your role. If that sounds like Tuesday, keep reading. Your primary responsibilities are security and quality assurance. You own penetration testing, vulnerability assessments, threat modeling, automated test frameworks, and CI quality gates across every product we ship. You also own infrastructure: AWS, CI/CD pipelines, monitoring, and incident response. And because we are a small, senior team, you will write production code when security and QA responsibilities are covered. You are not a consultant or a checkbox auditor. You are an engineer who ships, and whose code happens to make everything else harder to break. The ideal candidate has spent time at major product-driven fintech and crypto companies where a single security failure can destroy user trust overnight. What You Will Own Security (Primary) - Own the security posture across all products: Legacy, Trading Bot, and future platforms. If something gets breached, it is your problem. If nothing gets breached, it is because of your work. - Conduct regular penetration testing, vulnerability assessments, and threat modeling aligned with OWASP standards and methodologies - Ensure full coverage of the OWASP Top 10 in application security testing, code reviews, and deployment checks - Perform security-focused code reviews across frontend, backend, and infrastructure code, catching what standard code reviews miss - Implement and manage secrets management (Vault, AWS Secrets Manager, or KMS), access controls, and least-privilege policies - Build and maintain incident response playbooks. When something breaks, you lead the response, run the post-mortem, and ship the fix - Stay ahead of Web3 and crypto-specific attack vectors: phishing campaigns, wallet exploits, API key compromises, supply chain attacks, and social engineering - Manage and coordinate external security audits and penetration tests from third-party firms Quality Assurance & Testing (Primary) - Design and implement test strategies across all products: unit tests, integration tests, end-to-end tests, API tests, and regression suites - Build and maintain automated testing frameworks and CI quality gates that prevent broken code from reaching production - Define and track quality metrics: test coverage, flakiness rate, regression detection latency, and bug escape rate - Write and execute security test cases: authentication flows, authorization controls, input validation, API abuse scenarios, and edge cases around financial data - Perform both white-box and black-box testing, leveraging full codebase access to catch issues that surface-level QA would miss - Test across the full stack: frontend UI, backend APIs, database queries, third-party integrations, and on-chain interactions Infrastructure & DevOps (Foundation) - Maintain and improve cloud infrastructure on AWS using Infrastructure as Code (Terraform or CloudFormation) - Own CI/CD pipelines (GitHub Actions preferred): automated testing, security scanning, linting, and deployment - Harden infrastructure: network security, IAM policies, container security, and environment isolation - Build logging, monitoring, and alerting across all services (CloudWatch, Prometheus, Grafana, or equivalent) - Ensure audit trails for user actions, system changes, and access events - Manage production reliability, incident response, and cost optimization Fullstack Development (When the fortress is secure) - Contribute production code across frontend and backend, bringing a security-first mindset to every feature you build - Build features, fix bugs, and ship improvements alongside the engineering team - Every line you write should make the product better and harder to break: input validation, error handling, authentication, and data protection by default - Participate in architecture discussions and code reviews, advocating for testability, reliability, and security in every decision

• Own the security posture across all products: Legacy, Trading Bot, and future platforms. If something gets breached, it is your problem. If nothing gets breached, it is because of your work. • Conduct regular penetration testing, vulnerability assessments, and threat modeling aligned with OWASP standards and methodologies • Ensure full coverage of the OWASP Top 10 in application security testing, code reviews, and deployment checks • Perform security-focused code reviews across frontend, backend, and infrastructure code, catching what standard code reviews miss • Implement and manage secrets management (Vault, AWS Secrets Manager, or KMS), access controls, and least-privilege policies • Build and maintain incident response playbooks. When something breaks, you lead the response, run the post-mortem, and ship the fix • Stay ahead of Web3 and crypto-specific attack vectors: phishing campaigns, wallet exploits, API key compromises, supply chain attacks, and social engineering • Manage and coordinate external security audits and penetration tests from third-party firms • Design and implement test strategies across all products: unit tests, integration tests, end-to-end tests, API tests, and regression suites • Build and maintain automated testing frameworks and CI quality gates that prevent broken code from reaching production • Define and track quality metrics: test coverage, flakiness rate, regression detection latency, and bug escape rate • Write and execute security test cases: authentication flows, authorization controls, input validation, API abuse scenarios, and edge cases around financial data • Perform both white-box and black-box testing, leveraging full codebase access to catch issues that surface-level QA would miss • Test across the full stack: frontend UI, backend APIs, database queries, third-party integrations, and on-chain interactions • Maintain and improve cloud infrastructure on AWS using Infrastructure as Code (Terraform or CloudFormation) • Own CI/CD pipelines (GitHub Actions preferred): automated testing, security scanning, linting, and deployment • Harden infrastructure: network security, IAM policies, container security, and environment isolation • Build logging, monitoring, and alerting across all services (CloudWatch, Prometheus, Grafana, or equivalent) • Ensure audit trails for user actions, system changes, and access events • Manage production reliability, incident response, and cost optimization • Contribute production code across frontend and backend, bringing a security-first mindset to every feature you build • Build features, fix bugs, and ship improvements alongside the engineering team • Every line you write should make the product better and harder to break: input validation, error handling, authentication, and data protection by default • Participate in architecture discussions and code reviews, advocating for testability, reliability, and security in every decision

Senior DevOps Engineer | 100% Remote (WFH) Opportunity General Summary The Senior DevOps Engineer is a key member of the IT Operations team, responsible for designing, automating, and maintaining the infrastructure and CI/CD systems that enable reliable, secure, and efficient software delivery across the organization. This role operates at the intersection of cloud infrastructure, container orchestration, and developer experience—ensuring that development, QA, data, and application teams can ship with confidence. Reporting directly to the IT Operations Director, this engineer will own critical systems including OpenShift/ROSA clusters on AWS, Jenkins and GitHub Actions pipelines, Argo-based GitOps workflows, and a multi-cluster observability stack built on OpenTelemetry. The ideal candidate brings deep hands-on experience with Kubernetes at scale, AWS infrastructure as code, and CI/CD pipeline design—combined with the judgment and communication skills to collaborate effectively across a broad set of cross-functional teams. Essential Duties and Responsibilities Infrastructure & Cloud - Design, provision, and maintain AWS infrastructure using Terraform, including VPCs, IAM roles (IRSA), PrivateLink, Route 53, S3, RDS, etc. - Leverage deep proficiency in Terraform and Ansible to grow the organization's infrastructure-as-code footprint across current and future platforms — using Terraform to provision and define infrastructure, and Ansible to configure, tune, and operationalize it. - Operate and maintain Red Hat OpenShift (ROSA) clusters on AWS, including upgrades, operator lifecycle management, and platform-level troubleshooting. - Implement and enforce Infrastructure-as-Code (IaC) practices across all environments, ensuring consistency, security, and repeatability. - Manage cross-account AWS patterns including IAM role chaining, S3 replication, and security services (GuardDuty, CloudTrail). CI/CD & Automation - Own and improve Jenkins pipelines end-to-end, including Jenkinsfile development, Ansible playbook integration, and credential management. - Build and maintain GitHub Actions workflows, including reusable workflow templates, composite actions, OIDC-based AWS auth, and enterprise policy configuration. - Manage and evolve ArgoCD-based GitOps deployment workflows, including ApplicationSets and multi-environment promotion strategies. - Automate operational processes across Linux and Windows targets, including certificate rotation, AD group management, and environment provisioning. Observability & Reliability - Configure and maintain the observability stack (OpenTelemetry Collectors, Prometheus, etc.) across multiple clusters. - Define and implement SLIs, SLOs, and actionable alerting to support reliability goals and reduce mean time to detection. - Develop and maintain runbooks, troubleshooting guides, and incident response documentation. - Collaborate with application teams to instrument services and improve end-to-end traceability. Collaboration & Mentorship - Partner with application development and data engineering teams to streamline deployment workflows and troubleshoot environment issues. - Collaborate with security and compliance teams on IAM policy design, secrets management, and vulnerability remediation. - Provide mentorship to junior team members and contribute to team knowledge sharing through documentation and technical presentations. - Communicate project status, risks, and infrastructure decisions clearly to leadership and non-technical stakeholders. Requirements - 7–11 years of experience in DevOps, Platform Engineering, SRE, or Infrastructure Engineering roles. - Deep hands-on experience with Kubernetes or OpenShift in production, including operator management, RBAC, ingress configuration, and cluster upgrades. ROSA or OCP on AWS strongly preferred. - Strong AWS infrastructure experience including VPC design, IAM (IRSA, cross-account trust), S3, Route 53, PrivateLink, RDS, etc.. Must be comfortable working in Terraform (or equivalent IaC tooling) at scale. - Strong experience with Ansible for configuration management, playbook development, and operational automation across Linux and Windows targets, including integration with orchestration platofrms and credential management. - Demonstrated experience building and maintaining CI/CD pipelines across Jenkins and GitHub Actions, reusable workflows, OIDC auth, and enterprise governance. - Experience with GitOps tooling (Argo) and deployment strategies (blue/green, canary, progressive rollout). - Working knowledge of observability tooling: Prometheus, Grafana, OpenTelemetry, or similar. - Proficiency in scripting and automation with Bash, Python, or Go. PowerShell experience is a plus given hybrid Linux/Windows environment. - Experience working in hybrid environments spanning Linux containers and Windows server administration. - Familiarity with Kafka or event-driven architecture on Kubernetes is a plus. - Experience in regulated industries (insurance, finance, healthcare) is preferred. Soft Skills & Working Style - Strong written and verbal communication skills with the ability to explain complex infrastructure concepts to non-technical stakeholders. - Collaborative mindset with willingness to work across domain boundaries — helping a data engineer debug a DAG or pairing with security on IAM policy review. - Documentation-oriented: writes runbooks, architectural decision records, and onboarding material as a natural part of the work. - Self-directed with the ability to manage multiple priorities, escalate appropriately, and make pragmatic trade-off decisions. - Curiosity and ownership mentality Education/Certifications - Bachelor’s degree in Computer Science, Systems Engineering, or a related field, or equivalent professional experience. - Certifications (Preferred, Not Required) - AWS Certified DevOps Engineer, Solutions Architect, or SysOps Administrator. - Certified Kubernetes Administrator (CKA) or Red Hat Certified Specialist in OpenShift. - HashiCorp Certified: Terraform Associate. Work Environment - Remote: This role is 100% remote, open to candidates currently located in the United States who are able to work without sponsorship. - Requires a private, quiet workspace suitable for focused work and video collaboration. - Hours: Schedules are set to accommodate the needs of the role and organization, and may be adjusted as needed. - Travel: Occasional travel to off-site locations for meetings may be required. Salary Range : $90,000 - $135,000 with a comprehensive benefits package. Details: EMPLOYERS Benefits and Perks About EMPLOYERS As a dynamic, fast-growing provider of workers' compensation insurance and services, we are seeking a goal-oriented individual willing to put their ideas to work! We offer a positive, challenging work environment combined with an opportunity to build your career as you help us grow our business in innovative and imaginative ways that are uniquely EMPLOYERS! Headquartered in Nevada, EMPLOYERS attributes its long-standing success to its most valuable resource, our employees across the United States. We are known for the quality service and expertise we provide to our clients and the exemplary work environment we provide for our employees. We live and breathe our core values: Integrity, Customer Focus, Collaboration, Initiative, Accountability, Innovation, and Personal Fulfillment. At EMPLOYERS, you will discover an energetic environment that inspires top achievement. As "America's small business insurance specialist," we have the resources, reputation, and expanding nationwide identity to enrich your work/life and enhance your career. About EMPLOYERS #LI-Remote