Security Engineer (Cloud Infrastructure) - Distributed US, Canada
Remote US and Canada
Applications have closed
CockroachDB
CockroachDB is a distributed database with standard SQL for cloud applications. CockroachDB powers companies like Comcast, Lush, and Bose.Databases are the beating heart of every business in the world.
Cockroach Labs is the team behind CockroachDB, an open source, distributed SQL database. In addition to the open source version of the DB we are proud to offer our self-service, fully managed cloud offerings of CockroachDB with Dedicated and Serverless options. We aim to build infrastructure that keeps pace with the world, so developers can focus on what matters most: building the best products. Join us on our mission to enable every developer to build world-changing applications.
About the Role
Cockroach Labs is looking for passionate individuals to support our cloud security efforts. This is a hands-on role where you’ll be working with different teams across the company on a variety of technical projects related to the security of our infrastructure and cloud solution. We are looking for creative individuals, capable of combining software and systems engineering to design, develop, and automate fault-tolerant security solutions. A successful candidate will combine the technical know-how with an empathetic and compassionate approach to engaging with the product and engineering teams across Cockroach Labs.
In this role, you’ll join a small but growing platform infrastructure security team, using your experience and skills to significantly influence the culture and practices for security engineering at Cockroach Labs.
You Will
- Plan and lead security projects that impact and interact with a number of teams across the company.
- Bring subject matter expertise to the team to help develop the breadth and depth of the security engineering team at Cockroach Labs
- Act as a subject matter expert on security best practices.
- Evangelize security practices within engineering teams.
- Support the ongoing process to mature the Cockroach Labs security posture, tooling, process, and overall capabilities, focusing on highly scalable and resilient security systems.
- Provide expertise in the field of cloud security in relation to AWS, GCP, and Azure cloud domains.
- Participate in on-call rotation for security engineering incident response process.
- Support Cockroach Labs engineering infrastructure security through:
- CI/CD pipeline design support and code review.
- Application integration security reviews for production systems and interfaces.
You Have
The qualifications below are ideal, but not all required. We strongly encourage candidates who do not have all the qualifications listed below to apply.
- Previous experience (5+ years) in security engineering, application security, systems engineering, or site reliability engineering (SRE).
- 3+ years of experience in a software development role OR in a production operations role.
- Hands-on experience with AWS, Azure, or GCP, ideally with a focus on securing public cloud environments.
- Knowledge of Kubernetes, HashiCorp suite of tools, or alternate cloud or CI/CD platform tooling.
- A solid understanding of networking concepts and cloud security best practices.
- Knowledge of application security and common application security vulnerabilities such as OWASP Top 10.
- Experience with information security related compliance frameworks (PCI, SOC, FedRamp, ISO, GDPR, etc.).
- The desire and capability to take a structured approach to solving large scale, complex problems.
- The ability to take a caring and empathetic approach to relationship building and problem solving.
- Threat modeling or system analysis thinking experience as a bonus.
The Expectations
In your first 30 days, you will become an integrated member of our engineering team. You’ll become familiar with our production systems, software development workflow, and application architecture for CockroachDB and CockroachCloud. We believe that it's essential for you to take this first month to become familiar with our technology and our company.
In your second month, you’ll focus on gaining familiarity with our security challenges, focusing on security challenges in our dev tools and dev pipeline. You’ll contribute to our engineering team security culture by preparing a security-focused presentation to the engineering team.
In your third month, you’ll become a point person for a major security feature, providing code reviews for one or more significant CockroachDB features under development that have a security impact.
The Team
In addition to your reporting director, you will get to work closely with the senior leadership.
Reporting to Mike Geehan - Director of Engineering
Mike Geehan is responsible for the safety and security of CockroachDB Cloud and surrounding infrastructure. Mike joined Cockroach Labs from a DC based start-up, and prior to that spent time in larger tech companies in a wide range of roles. Mike is focused on team development. Enabling and growing his team is paramount to the success of the team, and hence the business as a whole. Mike is based in Houston, Texas, and outside of work is focused on his family, his bikes, and in getting a cycling related non-profit organization off the ground.
Isaac Wong - VP of Engineering
Isaac is responsible for the health of the engineering organization at Cockroach Labs. He partners closely with teams to ensure we have a balanced culture that promotes quality and innovation in pursuit of our goals. Before joining Cockroach Labs Isaac was in life sciences for 16 years with Medidata Solutions where he had a front row seat on the exciting ride from a 30 person startup to more than 2000 people worldwide. But the lure of distributed, resilient, and consistent SQL databases, along with the amazing technology and culture at Cockroach Labs proved too much. When not working he likes to draw, play the piano, and search NYC for cannoli's with his wife and kids.
Our Benefits
- Competitive health insurance coverage (for you and your dependents!)
- Paid parental leave (with baby bucks)
- Flex Fridays
- Flexible time off & flexible hours
- Education reimbursement
- Relocation support or home office support if you’re remote
Cockroach Labs is proud to be an Equal Opportunity Employer building a diverse and inclusive workforce. If you need additional accommodations to feel comfortable during your interview process, please email us at accessibility@cockroachlabs.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure CI/CD Cloud Compliance FedRAMP GCP GDPR Incident response Kubernetes Open Source OWASP SOC SQL Vulnerabilities
Perks/benefits: Flex hours Flex vacation Health care Parental leave Relocation support Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs