Trustworthy
DevOps and Sysadmin
Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10), AST (UTC -4), NST (UTC -3:30)
We’re a venture-backed startup on the verge of creating a new category we’re calling the Family Operating System™, and we want you on our team. At Trustworthy our mission is to keep families organized and prepared for the unexpected by delivering a secure and beautiful online service that keeps their most important information up-to-date and accessible. Trustworthy is the family’s single destination point for everything from financial accounts, life insurance policies, and estate documents to family stories, traditions, and passport numbers.
We are seeking a seasoned Security Engineer who is a self-starter, can document their own work, communicate well with the team and is passionate about leading dev ops and wants to have fun on a team with resources and a desire to grow.
Responsibilities
Triage reports from our security monitoring tools with the engineering team
Build and maintain scalable high-quality backend services and productivity tools
Maintain a strong security awareness through frequent assessments and software architecture design processes
Build automation to continuously assess security risks around our AWS cloud infrastructure and further SaaS tools we integrate with like GitHub
Proactively work to identify areas for performance gains including data and scaling challenges
Define security requirements (encryption, backups, data retention, etc.) together with our backend and web teams and automate their enforcement
Design, create and support security tests in CI/CD pipelines, to include IAST, SAST, DAST, container scanning, API scanning, and secret detection
Support new projects and features early in the process with your expertise; Create security requirements and test cases where needed
Apply security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security etc.)
Improve our cloud security configurations through active Terraform improvements and reviews and patch management
Requirements
Exceptional operational troubleshooting capabilities
Process-oriented with great documentation skills
3+ years overall AWS experience
3+ years of hands-on experience with Infrastructure as Code, preferably with Terraform and CloudFormation
2+ years of hands-on experience of programming in languages such as Python, Javascript, Go or similar
Experience with automating cloud-native technologies, deploying applications, and provisioning infrastructure
Good knowledge of Linux Basics and networking fundamentals, IP routing, load balancing and firewalls, VPN, DNS
At least 2-year experience as a SecOps engineer, security engineer, senior reliability engineer, working in a Security Operations Center (SOC), or equivalent education
Infrastructure as Code experience (e.g., Terraform)
Have at least 1-year experience working with AWS SecurityHub or equivalent
Experience with understanding CVEs and remediating security vulnerabilities
To apply for this job please visit apply.workable.com.