DevSecOps Engineer
Remote
Applications have closed
Vouch, Inc.
Vouch is a new kind of digital insurer that protects startups from mistakes, litigation and attack.About Vouch:
Insurance... sounds slow, old-fashioned, and unexciting. Exactly. Insurance is broken, and it's failing fast-moving, innovative startups.
Vouch is a new, technology-first insurance company backed with $160M in funding from world-class investors. Like Stripe for payments or Brex for credit cards, Vouch is creating the go-to business insurance for high-growth companies.
We're doing this by making insurance fast, responsive, and focused on our customers -high growth and innovative companies. Instead of printed PDF applications and week-long waits, Vouch is building new technology to solve real problems, writing policies that actually cover relevant startup scenarios, and designing simple experiences in an otherwise frustrating industry.
What does a work environment look like at Vouch?
Vouch is a Virtual First Workplace with office locations in SF, Chicago, and NYC . This role can be based anywhere in the U.S as long as you can work our Vouch core collaboration hours (8:30 am-2:30 pm Pacific Time.)
Role Responsibilities:
Vouch is looking for a DevSecOps Engineer to add to our growing Security team. In this role, you will be the primary advisor to software developers at Vouch regarding secure development practices for infrastructure and software applications. You will provide security reviews for new feature proposals, project manage the remediation of vulnerabilities, and provide technical input during the software development lifecycle for Vouch applications.
Job Duties:
- Define security requirements and improved to be included in the Vouch software development lifecycle
- Review software components for security issues and manage corrective actions
- Recommend product security features for Vouch applications
- Provide threat modeling for vouch applications and services
- Ensure that Security Design Principles are applied throughout the Software Development Lifecycle
- Develop documentation related to implementation of security tooling throughout the software development lifecycle
- Implement and manage new Static Application Software Testing for use by Developers
- Implement and manage Dynamic Application Software Testing for use by Developers
- Project manage external Penetration Testing engagements for Vouch applications
- Manage configurations for Security infrastructure (such as Web Application Firewalls, and/or Runtime Applications Self-Protection)
- Implement and improve application and infrastructure monitoring and logging
- Assist with Incident Response processes as needed
About you:
- 3+ years of experience working as Developer Operations (DevOps), Application Security (AppSec), or Digital Forensics and Incident Response (DFIR)
- 3+ years of secure software development or infrastructure security w/ emphasis on infrastructure as code and provisioning/updating automation in AWS (preferably w/ Terraform)
- Experience working in Vulnerability Management, Secure Configuration Management, Continuous Security Monitoring, Security Automation and Automated Response or similar technical security operations
- Proficient w/ Linux systems administration, network configuration, and shell scripting.
- Experience working with regulatory frameworks such as PCI DSS, CCPA, GDPR, SOX, FedRam or similar
- Experienced in communicating across technical and non-technical audiences
Nice to have:
- B.S. or higher in computer science, engineering, or related technical field of study
- Experience working in a financial services or insurance business
- SANS, CISSP, GSDC or similar security and privacy certifications
- Experience working directly with Legal, or Compliance teams
Vouch provides a number of benefits to help you bring your best self to work:
- Competitive compensation and equity packages
- Health, dental, and vision insurance
- Parental leave
- Flexible vacation time (Unlimited PTO)
- Wellness allowance ($80/month)
- Technology allowance ($100/month)
- Monthly Doordash credits ($80/month)
Vouch believes in putting our people first and building a diverse team is at the front of everything that we do. We welcome people from different backgrounds, experiences, and perspectives. We are an equal opportunity employer and celebrate the diversity of our growing team.
If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to recruiting@vouch.us. #LI-Remote
Tags: Application security Automation AWS CCPA CISSP Compliance Computer Science DevOps DevSecOps DFIR Firewalls Forensics GDPR Incident response Linux Monitoring PCI DSS Pentesting Privacy Product security SANS Scripting Terraform Vulnerabilities Vulnerability management
Perks/benefits: Competitive pay Equity Flex hours Flex vacation Health care Parental leave Startup environment Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs