Sr. DevSecOps Engineer- Remote
US - Remote
Applications have closed
About the Company
Craft is the leader in supplier intelligence, enabling enterprises to discover, evaluate and continuously monitor their suppliers at scale. Our unique, proprietary data platform tracks real-time signals on millions of companies globally, delivering best in class monitoring and insight into global supply chains. Our proprietary analytics layer delivers proactive alerts and multi-dimensional risk lenses showing supply chain problem areas before they have impact. Our software-as-a-service workflows enable supply chain professionals to execute the critical steps they need in supplier management digitally inside the intuitive, easy to use platform. Craft’s open supplier profiles appear in over 100 million organic search results each month, driving over 2 million monthly active users on Craft’s website: craft.co, with zero marketing spend. Our customers include Fortune 500 companies, government agencies, SMEs, global service platforms, and others. We have distribution partnerships with some of the largest integrator and software platforms in the world.
We are a high-growth technology company, backed by top tier venture capital investors in Silicon Valley and Europe, including Greycroft, High Alpha, Uncork Capital, Sam Palmisano, Frederic Kerrest and others. The Craft team is headquartered in San Francisco with office hubs in Seattle and London. We fully support remote / hybrid, and have team members across the United States, Canada, and Europe. We are looking for innovative and driven people who are passionate about building the future of Enterprise Intelligence to join our rapidly growing team.
A Note to Candidates
We are an equal opportunity employer who values and encourages diversity, equity and belonging at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
About the role:
Craft is growing! And we're looking for a motivated engineer to help us deliver safer software sooner. The ideal candidate is a self-starter, loves their craft, and puts security and ease-of-use at the center of all decision-making.
As a Sr. DevSecOps Engineer at an earlier-stage startup, you will have an opportunity to make a substantial impact on the maturation of Craft’s Cybersecurity program. You will collaborate on planning, requirements, research, and design of security solutions with the rest of the engineering team.
In this role you will:
- Partner with engineering teams to integrate and automate security at every level of the software development lifecycle.
- Perform threat modeling, risk assessment, and code reviews to assess cybersecurity implications.
- Lead infrastructure best practices on building and securing highly scalable systems.
- Extensively improve the existing secure coding practices, lead threat modeling efforts, and implement secure software lifecycle processes and automation
What we’re looking for:
- 5+ years of experience in DevOps or DevSecOps, or similar experience (preferably with Linux systems)
- Deep knowledge of Amazon Web Services (AWS) Infrastructure and best practices
- Knowledge of JavaScript, Python, Go, shell scripting (Bash, etc) or other programming language knowledge for writing tools and utilities
- Familiarity with standards such as SOC2, FedRamp, and/or ISO 27001 as it relates to Cloud and Infrastructure is desirable but not required.
We'd love to hear from you if:
- You're a strong team player, a great listener, and able to facilitate discussion and move diverse opinions towards clear decisions
- Have an extreme ownership of your product, and a can-do, get-it-done attitude
- Are detailed-oriented and are always striving to uncover and fix cybersecurity gaps
- Have a "shipping" mentality, and an ability to get things done
- Advocate for modern engineering and cybersecurity best practices
- Show curiosity through asking questions, digging into to new technologies, and always trying to grow
What We Offer:
- Competitive Salary + Equity at a well-funded, fast-growing startup
- Unlimited Vacation time so you can take what you need, when you need it
- Option to work 100% Remote or out of our San Francisco Office
- 99% Covered Health + Dental + Vision insurance for employees and dependents
- 401K through Human Interest with options to invest how you want it
- $200 Monthly Wellness/Learning stipend (Gym memberships, meals, snacks, books, classes, conferences, etc.)
- $1,000 Workstation Allowance (standing desk, chair, monitor, etc)
Tags: Analytics Automation AWS Bash Cloud DevOps DevSecOps FedRAMP ISO 27001 JavaScript Linux Monitoring Python Risk assessment Scripting SOC 2
Perks/benefits: Career development Competitive pay Conferences Equity Fitness / gym Flex vacation Health care Insurance Snacks / Drinks Startup environment Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs