Sr. DevSecOps Engineer- Remote

US - Remote

Applications have closed

About the Company

Craft is the leader in supplier intelligence, enabling enterprises to discover, evaluate and continuously monitor their suppliers at scale. Our unique, proprietary data platform tracks real-time signals on millions of companies globally, delivering best in class monitoring and insight into global supply chains. Our proprietary analytics layer delivers proactive alerts and multi-dimensional risk lenses showing supply chain problem areas before they have impact. Our software-as-a-service workflows enable supply chain professionals to execute the critical steps they need in supplier management digitally inside the intuitive, easy to use platform. Craft’s open supplier profiles appear in over 100 million organic search results each month, driving over 2 million monthly active users on Craft’s website: craft.co, with zero marketing spend. Our customers include Fortune 500 companies, government agencies, SMEs, global service platforms, and others.  We have distribution partnerships with some of the largest integrator and software platforms in the world.

We are a high-growth technology company, backed by top tier venture capital investors in Silicon Valley and Europe, including Greycroft, High Alpha, Uncork Capital, Sam Palmisano, Frederic Kerrest and others. The Craft team is headquartered in San Francisco with office hubs in Seattle and London. We fully support remote / hybrid, and have team members across the United States, Canada, and Europe. We are looking for innovative and driven people who are passionate about building the future of Enterprise Intelligence to join our rapidly growing team.

A Note to Candidates

We are an equal opportunity employer who values and encourages diversity, equity and belonging at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

About the role:

Craft is growing! And we're looking for a motivated engineer to help us deliver safer software sooner. The ideal candidate is a self-starter, loves their craft, and puts security and ease-of-use at the center of all decision-making.

As a Sr. DevSecOps Engineer at an earlier-stage startup, you will have an opportunity to make a substantial impact on the maturation of Craft’s Cybersecurity program. You will collaborate on planning, requirements, research, and design of security solutions with the rest of the engineering team.

In this role you will:

  • Partner with engineering teams to integrate and automate security at every level of the software development lifecycle.
  • Perform threat modeling, risk assessment, and code reviews to assess cybersecurity implications.
  • Lead infrastructure best practices on building and securing highly scalable systems.
  • Extensively improve the existing secure coding practices, lead threat modeling efforts, and implement secure software lifecycle processes and automation

What we’re looking for:

  • 5+ years of experience in DevOps or DevSecOps, or similar experience (preferably with Linux systems)
  • Deep knowledge of Amazon Web Services (AWS) Infrastructure and best practices
  • Knowledge of JavaScript, Python, Go, shell scripting (Bash, etc) or other programming language knowledge for writing tools and utilities
  • Familiarity with standards such as SOC2, FedRamp, and/or ISO 27001 as it relates to Cloud and Infrastructure is desirable but not required.

We'd love to hear from you if:

  • You're a strong team player, a great listener, and able to facilitate discussion and move diverse opinions towards clear decisions
  • Have an extreme ownership of your product, and a can-do, get-it-done attitude
  • Are detailed-oriented and are always striving to uncover and fix cybersecurity gaps
  • Have a "shipping" mentality, and an ability to get things done
  • Advocate for modern engineering and cybersecurity best practices
  • Show curiosity through asking questions, digging into to new technologies, and always trying to grow

What We Offer:

  • Competitive Salary + Equity at a well-funded, fast-growing startup
  • Unlimited Vacation time so you can take what you need, when you need it
  • Option to work 100% Remote or out of our San Francisco Office
  • 99% Covered Health + Dental + Vision insurance for employees and dependents
  • 401K through Human Interest with options to invest how you want it
  • $200 Monthly Wellness/Learning stipend (Gym memberships, meals, snacks, books, classes, conferences, etc.)
  • $1,000 Workstation Allowance (standing desk, chair, monitor, etc)

Tags: Analytics Automation AWS Bash Cloud DevOps DevSecOps FedRAMP ISO 27001 JavaScript Linux Monitoring Python Risk assessment Scripting SOC 2

Perks/benefits: Career development Competitive pay Conferences Equity Fitness / gym Flex vacation Health care Insurance Snacks / Drinks Startup environment Unlimited paid time off Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  17  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.