DevSecOps Engineer

A tech scale-up with big plans!

Founded in 2017, Lokalise has hired 200+ people across 41 countries (and counting!), raised $50m of series B funding, and brought on-board customers such as Revolut, Miro, Starbucks, and Mastercard to name but a few.

Not bad, eh?

What we do

Businesses like Hyundai use our localisation platform to bring developers, designers and translators together in one virtual workspace. They use our platform to translate and localise content so it can be delivered across the web, apps, documents and even games to customers in their native languages.

Simply put: companies that localize can connect with over 8 billion people on the planet. 

Please note that we are required to add a location to job ads but Lokalise is a full-remote company and you can work from anywhere.

We're hiring for:

We are looking for an experienced professional, with a proven track record in a similar role, who will be responsible for the development and implementation of a DevSecOps mentality across our organization.

Your main aim will be to improve and embrace security in our code development life cycle, starting from the early stages of code development (“shift security left”) up to and including application deployment and maintenance phases.

You will be:

• Contributing to the maintaining information security management system
• Providing subject-matter expert (SME)-level input on secure coding, architecture, automation, issues, features, and processes
• Participating in external and internal security audits
• Owning the bug bounty program
• Maintaining the vulnerability management program for the Lokalise application
• Implementing the necessary tools and checks in the CI/CD pipeline to make code development more secure and robust
• Educating and evangelizing engineers on secure coding and secure system design practices
• Working together with the members of Security team to implement and maintain a security log management solution
  
  

You should have:

• At least 5+ years of experience in an application security-related role 
• A proven track record as an experienced member of an application security, DevSecOps, or security research team, either as an individual contributor or as a manager
• Technical knowledge and background relevant to IT security management using various tools and techniques
• An understanding of the common IT security frameworks and requirements, such as ISO 27001, NIST, and GDPR
• Experience with working at a SaaS, or product, company.
• First-hand experience with SAST, DAST, and/or vulnerability scanners
• Experience with cloud-based application development and with AWS
• An understanding of main architecture patterns like SOA or microservices, an understanding of version control systems and development workflows, and infrastructure as code using Terraform, Ansible, or similar tools
• Coding experience in PHP and JavaScript languages (preferable) 
• The ability to explain complicated matters in simple terms
• Outstanding emotional intelligence – you know how to actively listen, you can easily communicate with people, convey ideas clearly, and establish quality relationships with others
• Fluent written English skills
  
  

And be:

• A critical thinker with good troubleshooting skills
• A positive, self-starter with a resilient attitude
• A team player
  

Our offer:

• Competitive salary and employee stock options plan
• Learning & Development program
• Flexible working hours 
• Unlimited vacation policy
• Health insurance
• Wellness benefits
• Comprehensive parental leave
• Coworking budget
• Top-notch tech equipment to work with
• Great startup atmosphere, team spirit, and team events

#LI-MM1 #LI-remote