Cloud Security Software Engineer: Cloud Native
Posted 1 month ago
We’re looking for an independent-minded, autodidact, and detail-oriented cloud security engineer to join our efforts to build a best-of-breed infrastructure-as-code security platform.
You would be working on our brand new infrastructure-as-code security product, expanding our security covers from source code down to the infrastructure. We recognize that developers are increasingly working with technologies like Kubernetes & Terraform, and it can be hard to stay secure and move fast - we provide that peace of mind with this product.
In this role, you would be responsible for the best practice security policies that we recommend developers adopt to stay secure—working closely with the product team to identify customer needs and staying close to the technologies and community to identify security best practices.
You’ll spend your time:
- owning and expanding our cloud security policies ruleset to cover the newest cloud services across AWS, Azure, and GCP
- evaluating the latest infrastructure as code tooling for their security controls, working to develop recommended security best practices
- converting cloud security whitepapers, documentation and API reference material to automated cloud security checks
- building technology for automating our capability to create policies quickly
- talking to our customers, making sure we’re building a product they truly love
- collaborating with your team, planning the most important projects to work on next
You should apply if you:
- have experience with operating infrastructure on one or more public cloud platform providers (AWS /GCP/Azure) using infrastructure-as-code tooling
- have experience writing code across the stack
- have a software security mindset, you know the security and compliance best practices for AWS, Azure and Google Cloud
- ensure a high-quality code that can be safely co-authored in a fast-growing organization
- practice writing tests as an integral part of your software development life-cycle
- communicate proactively and have a team-first mindset
- love working in a fast-paced start-up environment that respects its engineers and customers
We’d especially love to hear from you if you:
- have experience with Open Policy Agent and have defined policies using Rego
- have experience with Kubernetes either as a stand-alone or as a hosted cloud-service (AWS ECS/EKS, GKE or Azure AKS)
- have experience with compliance programs (PCI, HIPAA, NIST, SOC II, etc.)
- have security research experience
- have a good track record of project leadership and mentorship of software engineers
- have strong community involvement (open source, conferences, meetups, etc.)
Please apply below! We care deeply about the warm, inclusive environment we’ve created, and we value diversity - we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not sure whether you’re the right person, do apply anyway :)
Snyk’s mission is to help developers use open source code and stay secure.
The use of open source is booming, but security is a key concern. Snyk’s unique product enables developers and enterprise security teams to continuously find & fix vulnerable dependencies without slowing down, offering seamless integration into Dev, DevOps, and DevSecOps workflows. We care deeply about the quality and usefulness of the tools we develop, always focusing on our customers and users.
We are distributed across four offices in London, Tel Aviv, Boston, and Ottawa, with our engineering teams based mostly in London and Tel Aviv, and 10% of the company working fully-remote. We’ve made an organizational commitment to building a strong, effective, distributed company: we form teams across multiple offices wherever possible, and we invest in communication so that we can benefit from each others’ perspectives. Not to mention that we have an always-on webcam so we can see what’s happening in each office, we make heavy use of video calls, Slack, and some inter-office travel.
At Snyk, we are experiencing rapid growth, and we want you to join us! By the end of Q4 2019 alone, Snyk already had over 110,00 registered users, including multiple enterprise customers (such as Google, Salesforce, Mastercard, BBC, and others). We also raised an additional $150 million, announced January 21, 2020. With this investment, we have partnered with Stripes, Coatue, Tiger Global, BoldStart, Trend Forward, Amity, and Salesforce Ventures, to build on our 2019 momentum and continue to fuel our developer-first approach to security.
We believe open-source software is a force for good, and we’re building Snyk to make it easier for developers who aren’t security experts to stay secure.