Posted 22 Sept 2022, 0:50 pm
DevSecOps Engineer at Craft
About the Company
Craft is a supplier intelligence company helping organizations accelerate data-informed business decisions. Our unique, proprietary data platform tracks thousands of real-time signals across millions of companies globally, delivering best in class monitoring and insight into global supply chains, among other company cohorts. Our clients, including Fortune 100 companies, government and military agencies, SMEs, asset management groups, and others, use our technology for supply chain intelligence, market intelligence and related use cases. Through our modular, secure, customizable portal, our clients can monitor any company they are working with and drive critical actions in real-time.
We are a well-funded technology company with leading investors from Silicon Valley and elsewhere, but are not your typical data or SaaS startup. Our CEO is a seasoned entrepreneur and Juilliard-trained cellist. The Craft team is globally distributed with headquarters in San Francisco and an office in London. We fully support and encourage remote workers, and have team members across North America, Canada, and Europe. We are looking for innovative and driven people who are passionate about building delightful software to join our rapidly growing team!
A Note to Candidates
We are an equal opportunity employer who values and encourages diversity, equity and belonging at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
About the role:
Craft is growing! And we're looking for a motivated engineer to help us deliver safer software sooner. The ideal candidate is a self-starter, loves their craft, and puts security and ease-of-use at the center of all decision-making.
As a Sr. DevSecOps Engineer at an earlier-stage startup, you will have an opportunity to make a substantial impact on the maturation of Craft’s Cybersecurity program. You will collaborate on planning, requirements, research, and design of security solutions with the rest of the engineering team.
In this role you will:
- Partner with engineering teams to integrate and automate security at every level of the software development lifecycle.
- Perform threat modeling, risk assessment, and code reviews to assess cybersecurity implications.
- Lead infrastructure best practices on building and securing highly scalable systems.
- Extensively improve the existing secure coding practices, lead threat modeling efforts, and implement secure software lifecycle processes and automation
What we’re looking for:
- 5+ years of experience in DevOps or DevSecOps, or similar experience (preferably with Linux systems)
- Deep knowledge of Amazon Web Services (AWS) Infrastructure and best practices
- Familiarity with standards such as SOC2, FedRamp, and/or ISO 27001 as it relates to Cloud and Infrastructure is desirable but not required.
We'd love to hear from you if:
- You're a strong team player, a great listener, and able to facilitate discussion and move diverse opinions towards clear decisions
- Have an extreme ownership of your product, and a can-do, get-it-done attitude
- Are detailed-oriented and are always striving to uncover and fix cybersecurity gaps
- Have a "shipping" mentality, and an ability to get things done
- Advocate for modern engineering and cybersecurity best practices
- Show curiosity through asking questions, digging into to new technologies, and always trying to grow
What We Offer:
- Competitive Salary + Equity at a well-funded, fast-growing startup
- Unlimited Vacation time so you can take what you need, when you need it
- Option to work 100% Remote or out of our San Francisco Office
- 99% Covered Health + Dental + Vision insurance for employees and dependents
- 401K through Human Interest with options to invest how you want it
- $200 Monthly Wellness/Learning stipend (Gym memberships, meals, snacks, books, classes, conferences, etc.)
- $1,000 Workstation Allowance (standing desk, chair, monitor, etc)
Please mention the word **COMPLIMENT** and tag RMTk1LjIwLjI0MS40OQ== when applying to show you read the job post completely (#RMTk1LjIwLjI0MS40OQ==). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.
The offering company is responsible for the content on this page / the job offer.
Source: Remote Ok