DevSecOps Engineer

Remote

Vouch, Inc.

Vouch is a new kind of digital insurer that protects startups from mistakes, litigation and attack.

View company page

About Vouch:

Insurance... sounds slow, old-fashioned, and unexciting. Exactly. Insurance is broken, and it's failing fast-moving, innovative startups.

Vouch is a new, technology-first insurance company backed with $160M in funding from world-class investors. Like Stripe for payments or Brex for credit cards, Vouch is creating the go-to business insurance for high-growth companies.

We're doing this by making insurance fast, responsive, and focused on our customers -high growth and innovative companies. Instead of printed PDF applications and week-long waits, Vouch is building new technology to solve real problems, writing policies that actually cover relevant startup scenarios, and designing simple experiences in an otherwise frustrating industry.

 

What does a work environment look like at Vouch?

Vouch is a Virtual First Workplace with office locations in SF, Chicago, and NYC . This role can be based anywhere in the U.S as long as you can work our Vouch core collaboration hours (8:30 am-2:30 pm Pacific Time.)

 

Role Responsibilities: 

Vouch is looking for a DevSecOps Engineer to add to our growing Security team. In this role, you will be the primary advisor to software developers at Vouch regarding secure development practices for infrastructure and software applications.  You will provide security reviews for new feature proposals, project manage the remediation of vulnerabilities, and provide technical input during the software development lifecycle for Vouch applications.

 

Job Duties: 

  • Define security requirements and improved to be included in the Vouch software development lifecycle
  • Review software components for security issues and manage corrective actions
  • Recommend product security features for Vouch applications
  • Provide threat modeling for vouch applications and services
  • Ensure that Security Design Principles are applied throughout the Software Development Lifecycle
  • Develop documentation related to implementation of security tooling throughout the software development lifecycle
  • Implement and manage new Static Application Software Testing for use by Developers
  • Implement and manage Dynamic Application Software Testing for use by Developers
  • Project manage external Penetration Testing engagements for Vouch applications
  • Manage configurations for Security infrastructure (such as Web Application Firewalls, and/or Runtime Applications Self-Protection)
  • Implement and improve application and infrastructure monitoring and logging
  • Assist with Incident Response processes as needed

 

About you:

  • 3+ years of experience working as Developer Operations (DevOps), Application Security (AppSec), or Digital Forensics and Incident Response (DFIR)
  • 3+ years of secure software development or infrastructure security w/ emphasis on infrastructure as code and provisioning/updating automation in AWS (preferably w/ Terraform)
  • Experience working in Vulnerability Management, Secure Configuration Management, Continuous Security Monitoring, Security Automation and Automated Response or similar technical security operations
  • Proficient w/ Linux systems administration, network configuration, and shell scripting.
  • Experience working with regulatory frameworks such as PCI DSS, CCPA, GDPR, SOX, FedRam or similar
  • Experienced in communicating across technical and non-technical audiences

 

Nice to have:

  • B.S. or higher in computer science, engineering, or related technical field of study
  • Experience working in a financial services or insurance business
  • SANS, CISSP, GSDC or similar security and privacy certifications
  • Experience working directly with Legal, or Compliance teams

 

Vouch provides a number of benefits to help you bring your best self to work:

  • Competitive compensation and equity packages
  • Health, dental, and vision insurance
  • Parental leave
  • Flexible vacation time (Unlimited PTO)
  • Wellness allowance ($80/month)
  • Technology allowance ($100/month)
  • Monthly Doordash credits ($80/month)

 

Vouch believes in putting our people first and building a diverse team is at the front of everything that we do. We welcome people from different backgrounds, experiences, and perspectives. We are an equal opportunity employer and celebrate the diversity of our growing team. 

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to recruiting@vouch.us. #LI-Remote

 

Tags: Application security Automation AWS CCPA CISSP Compliance Computer Science DevOps DevSecOps DFIR Firewalls Forensics GDPR Incident response Linux Monitoring PCI DSS Pentesting Privacy Product security SANS Scripting Terraform Vulnerabilities Vulnerability management

Perks/benefits: Competitive pay Equity Flex hours Flex vacation Health care Parental leave Startup environment Unlimited paid time off Wellness

Region: Remote/Anywhere
Job stats:  20  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.