The Story So Far: We’re Building a Global Brand in Real Estate

Huspy is one of the leading property technology companies in EMEA.

Launched in 2020, we now operate in multiple cities across the UAE and Spain, expanding into Saudi Arabia and 3 more European markets by 2026. Today, we own the largest portion of the UAE mortgage market and are one of the fastest-growing players in every European city we’ve entered.

We’ve raised over $140 million (Series A and Series B) from the world’s top investors, including Sequoia Capital and Balderton Capital, to reshape the homebuying journey through powerful technology and agent-first tools.

We’ve built a SuperApp that empowers real estate agents and mortgage brokers, bringing cutting‑edge technology to one of the world’s most traditional industries. We’re transforming how property transactions happen — faster, smarter, and better for everyone.

We’re not slowing down. The question is: will you be part of what’s next?

About The Role

We’re hiring a Senior DevSecOps Engineer to strengthen our DevOps/SRE team and own security across the SDLC and production environment. You’ll drive security best practices, embed security into CI/CD and developer workflows, and manage key security initiatives such as vulnerability management and penetration testing with external vendors—while also contributing to platform reliability and operational excellence.

This is a hands-on role for someone who can move comfortably between engineering enablement (platform/SRE) and security leadership (DevSecOps/SecOps).

The Main Event: What You’ll Drive, Build, and Own

DevOps/SRE (Platform Reliability)

• Build and operate scalable, reliable infrastructure (cloud + Kubernetes/container platforms as applicable).
• Improve observability: metrics, logs, tracing, alerting, dashboards; participate in on-call and incident response.
• Define and evolve SRE practices: SLIs/SLOs, error budgets, postmortems, operational readiness.
• Maintain and improve CI/CD pipelines, infrastructure-as-code, deployment safety (blue/green, canary, rollback).
• Drive automation to reduce toil and increase engineering velocity.

Security Ownership (DevSecOps / SecOps)

• Define and roll out security standards and best practices across engineering (secure-by-default).
• Embed security into the SDLC (SAST/DAST, dependency and container scanning, IaC scanning, secrets detection + secrets management).
• Own vulnerability management end-to-end: triage findings, assign risk, drive remediation, verify fixes, track SLAs.
• Establish strong cloud and platform security posture: IAM least privilege, network segmentation, secure baselines/hardening, encryption, key management.
• Own external security engagements: manage penetration testing vendors, scope and coordinate tests, track remediation and retesting.
• Lead security monitoring and response readiness: security logging, detection ideas/playbooks, incident response collaboration.
• Run security awareness initiatives with engineers: guidelines, training, secure coding patterns, lightweight reviews.
• Partner with stakeholders (Engineering, Product, Legal/Compliance) to support audits/customer security questionnaires when needed.

The Perfect Match: What It Takes to Succeed at Huspy

• 5+ years in DevOps/SRE/Platform Engineering with meaningful security ownership (DevSecOps/SecOps).
• Strong understanding of cloud security fundamentals (AWS/GCP): IAM, networking, encryption, logging.
• Experience with CI/CD and integrating security tooling into pipelines (e.g., SAST, dependency scanning, container/IaC scanning).
• Solid Linux and networking fundamentals; ability to debug production issues under pressure.
• Infrastructure-as-Code experience (Terraform or similar).
• Experience with containers and orchestration (Docker/Kubernetes) and securing them.
• Practical knowledge of OWASP Top 10 and secure coding principles; ability to influence code-level security outcomes.
• Vendor management experience for penetration tests and/or security assessments (scoping, coordination, remediation tracking).
• Strong communication skills, able to drive change across teams without becoming a bottleneck.

What Will Make You Stand Out:

• Experience implementing or supporting security frameworks/compliance (e.g., GDPR, ISO 27001, SOC 2, PCI – depending on business needs).
• Experience with WAF, API security, service mesh security, zero trust patterns.
• Familiarity with SIEM/SOAR and detection engineering concepts.
• Experience running bug bounty programs or coordinating responsible disclosure processes.
• Coding ability in at least one backend language (e.g., Python, Go, Node.js, Java) to build tooling/automation.