infosec-jobs.com
DevSecOps Engineer
Boston, MA
Applications have closed
- Remote-first
- @starburstdata
- Website
Starburst
Our data lakehouse platform combines the best of data lakes, data warehouses and data virtualization. The Data Platform for AI & MLAbout Starburst
At Starburst, we are working to dismantle the status quo of data silos and vendor lock-in every single day. For decades, database companies have held their customers hostage and we believe that’s just plain wrong. Starburst offers a full-featured data lake analytics platform, built on open source Trino. Our platform includes all the capabilities needed to discover, organize, and consume data without the need for time-consuming and costly migration projects. Today more than 300 leading organizations trust us to make better decisions faster.
Though Starburst has raised $414M in venture funding from top investors, we were founded in a rather unusual way as we bootstrapped the business with customers and revenue from the very beginning! We are a remote-first company with employees all over the world and are proud to be named a Best Place to Work. Come join our team of All-Stars!
About the role
As a DevSecOps Engineer on the Starburst Security team, you’ll work with Starburst Galaxy Engineering to design and protect cloud and data environments to meet our customers’ security needs for our growing fully-managed data lake analytics platform, Starburst Galaxy.
The DevSecOps Engineer will be responsible for integrating security practices and principles into the software development and operations processes, with the goal of ensuring that components and infrastructure within Galaxy are secure, compliant, and resilient.
Daily tasks will include embedding security into the development process by reviewing code, identifying vulnerabilities, and implementing security measures.
As a DevSecOps Engineer at Starburst you will:
- Collaborate closely with our development and infrastructure teams to integrate security into every phase of the software development lifecycle
- Infrastructure as Code (IaC): Develop and maintain infrastructure as code scripts and templates to enable automated provisioning and management of infrastructure components, using Pulumi
- Integrate security practices into the development and operations process to ensure continuous delivery of secure and resilient software
- Identify and remediate security vulnerabilities in applications and infrastructure components, using Wiz and cloud native tools
- Build and implement security solutions across the product lifecycle by completing architecture review requests
- Implement code signing and mature our secrets management program
- Improve perimeter security by managing our Cloudflare WAF
- Make suggestions, and guide discussions on how to improve security posture in AWS/Azure/GCP
Some of the things we look for:
- Demonstrated experience with securing cloud environments (Familiarity with Amazon AWS policy, configuration, and security management tools)
- Azure and GCP cloud experience preferred
- Programming experience (Preference for Java, Python, Typescript)
- Experience managing infrastructure as code templates and scripts (e.g., Terraform, Pulumi) to provision and configure infrastructure components securely
- Demonstrated experience with secure development, coding, and engineering practices. Comfortable suggesting and making developer-led security improvements
- Demonstrated ownership and grit: these are core values we take seriously at Starburst
- Ability to execute - an ideal candidate can set clear plans of action and see complex security projects through to completion, especially while working at the pace of a startup
- Strong ability to work with multiple stakeholders to understand the best way to secure software for intricate and complex features. A willingness to collaborate with cross-functional engineering teams is essential
Where could this role be based?
- We are looking for someone located on the East Coast.
Why build your career at Starburst?
We live by our three core company values: Character, Competence, and Ownership and are a team of top performers. We are each in the driver’s seat, shaping our organization and working together towards our common mission. We are solving exceptionally complex and meaningful challenges here and as we innovate, we each have the opportunity to build our careers alongside Starbursts’s growth.
We take care of our global workforce by making sure employees enjoy competitive salaries and attractive stock grants, remote-friendly work options, flexible paid time off, and more!
Starburst Data is a diverse, equitable, and inclusive place to work. Everyone is welcome at the Starburst table and we have several employee resource groups such as Womxn At Starburst, Starburst Military, and Starburst Pride. We know that the more diverse perspectives we have at the table will only serve us to make a better team and company.
Starburst provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
#BI-Remote #LI-Remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
28
8
0
Categories:
DevSecOps Jobs
Security Engineering Jobs
Tags: Analytics AWS Azure Business Intelligence Cloud Cloudflare DevSecOps GCP Java Open Source Python SDLC Terraform TypeScript Vulnerabilities
Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Startup environment
Regions:
Remote/Anywhere
North America
Country:
United States
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Manager Pentest H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open TS/SCI-related jobs