Infrastructure Security Engineer
Remote worldwide
Applications have closed
Status
The open source, decentralised crypto communication super app. Communities, Messenger, Wallet, Browser.About Status
Status is building the tools and infrastructure for the advancement of a secure, private, and open web3.
With the high level goals of preserving the right to privacy, mitigating the risk of censorship, and promoting economic trade in a transparent, open manner, Status is building a community where anyone is welcome to join and contribute.
As an organization, Status seeks to push the web3 ecosystem forward through research, creation of developer tools, and support of the open source community.
As a product, Status is an open source, Ethereum-based app that gives users the power to chat, transact, and access a revolutionary world of DApps on the decentralized web. But Status is also building foundational infrastructure for the whole Ethereum ecosystem, including the Nimbus ETH 1.0 and 2.0 clients, the Keycard hardware wallet, and the Waku messaging protocol (a continuation of Whisper).
As a team, Status has been completely distributed since inception. Our team is currently 100+ core contributors strong, and welcomes a growing number of community members from all walks of life, scattered all around the globe.
We care deeply about open source, and our organizational structure has minimal hierarchy and no fixed work hours. We believe in working with a high degree of autonomy while supporting the organization's priorities.
The role:
You will have the opportunity to research, develop, and evaluate bleeding-edge technologies to strengthen our products and the organization’s Security and privacy stance. In addition, you will touch on a broad array of challenges and topics that fall under the scope of Security, so you must continuously adapt and learn.
Key responsibilities:
General Security & Risk Management
- Support the organization in the continuous analysis of its security posture & risk management.
Security Operations
- Support in the day to day security of the organization resources,
- Incident management.
Secure Software Development
- Support our product teams in the detection, test & remediation of vulnerabilities in the code base,
- Support our product teams in the development of security-related features,
- Support our product teams with the security of their supply chain.
Secure Infrastructure
- Support the detection & remediation of vulnerabilities in our infrastructure,
- Maintain a documentation of the infrastructure & the security aspects,
- Contribute to the continuous improvement of the security of our infrastructure, including the hardening of our services,
- Maintenance of host and cloud firewall rules to limit attack surfaces,
- Configuration & maintenance of our Identity & Access Management solutions,
- Infrastructure pen-testing.
Access Control
- Create and manage user access to applications and resources.
You ideally will have:
- A strong alignment to our principles: https://status.im/about/#our-principles,
- Interest in the web3 values & ecosystem,
Experience or at least interest in the following technologies:
Terraform
Ansible
Docker
Nix
Wireguard
Ubuntu
Firewalls (Cloud & Linux)
Keycloak & related IAM, SSO technologies
OpenSSH
GnuPG
- Security auditing experience,
- “Blue team” experience: security monitoring (e.g. SOC),
- Experience in managing bug bounty programs (e.g HackerOne, Bugcrowd, etc.),
- Information security management framework expertise,
- SDLC experience (design, implementation and compliance).
Bonus points:
Don’t worry if you don’t meet all of these criteria, we’d still love to hear from you anyway if you think you’d be a great fit for this role. Just explain to us why in your cover letter.
- Experience working remotely and asynchronously,
- Experience working for an open source organization.
Compensation: Status offers above-average compensation, payable in fiat and/or crypto.
Hiring process:
- Interview with People Ops team
- Interview with Serhan & Fred from the Security team
- Interview with Jakub from the Infra team
- Paid task
The steps may change along the way if we see it makes sense to adapt the interview stages, so please consider the above as a guideline. We’re looking for the new Infrastructure Security Engineer (you?) to join us as soon as possible.
Tags: Ansible Audits Blue team Cloud Compliance Crypto Docker Firewalls IAM Linux Monitoring Open Source Privacy Risk management SDLC SSO Terraform Ubuntu Vulnerabilities
Perks/benefits: Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs