Senior Security Engineer, Cloud & Network Security
San Francisco, California, United States
The Company You’ll Join
At Carta we create owners and make private markets liquid.
We live in a world where some people live on the equity stack and enjoy exponential wealth growth and preferential tax treatment; others live on the debt stack and may work their entire lives for a company and retire only with the cash they’ve managed to save from their paychecks. Our contribution to solving the wealth inequality problem is moving people from the debt stack (payroll) to the equity stack. By making it as easy to issue equity to employees as it is to put them on payroll, we can create more owners.
At Carta, we are helpful, transparent, fair, and kind. We are relentless executors, unconventional thinkers, and masters of our craft.
To learn more, here is what one of our investors wrote about leading our Series F.
The Company You’ll Join
At Carta we create owners and make private markets liquid.
We live in a world where some people live on the equity stack and enjoy exponential wealth growth and preferential tax treatment; others live on the debt stack and may work their entire lives for a company and retire only with the cash they’ve managed to save from their paychecks. Our contribution to solving the wealth inequality problem is moving people from the debt stack (payroll) to the equity stack. By making it as easy to issue equity to employees as it is to put them on payroll, we can create more owners.
At Carta, we are helpful, transparent, fair, and kind. We are relentless executors, unconventional thinkers, and masters of our craft.
To learn more, here is what one of our investors wrote about leading our Series F.
The Team You’ll Work With
This role is on the Security Platform team within Security. You will be working with the team to take on projects which gather results from many sources, automatically build security into our product, and enable teams to secure themselves. Our risk models put teams in charge of owning risk, making us a trusted partner and reporter. To complete this mission we need people who are passionate about automation and security - half devops and half security professional. We believe in creating teams not rockstars, progress with a path to perfection, and creating an environment that fosters research. We measure success not by how many bugs you find or tasks you complete, but by how much risk you reduce in the organization by enabling teams to do those things and automating the rest.
We get to work in an environment that uses infrastructure-as-code, Kubernetes, role-based access, and with engineers who care about the integrity and security of our data.
The Problems You’ll Solve
Some of the problems you’ll help us solve are:
- How do you build a program that ties application security, container security, and cloud security together instead of treating them as separate specialities?
- How do we change the application framework to make security the easiest path?
- What techniques and games will enable development teams to threat model their products?
- What tools and information can we provide to ensure developers can effectively peer review code themselves?
- How do you encourage developers to continuously think about security using gamification and giving them results where they live - in the pipeline?
The Impact You’ll Have
With the power to change the product, the pipeline, and our developers on-boarding, you’ll be able to not only help us continue our security ownership program, you’ll also have the chance to build something new using your research. We are becoming the partner of engineering releasing quality software and we need curious minds to help us keep paving the way.
About You
Roll-up-your sleeves, “swiss army knife” individual who is able to:
- Find non-standard ways to solve interesting problems
- Speak to risks around application, container, or cloud security vulnerabilities, remediations, and preventions
- Understand Threat Modeling and general software development practices, the associated risks, and the components of a modern product security program
- Work with cloud networking (e.g. AWS VPC, subnetting, etc)
- Create automation in higher level scripting language (Python, Ruby, Javascript, etc), bonus points for using AWS Lambda.
- Secure products built using containerization (specifically, Docker and Kubernetes)
**Role can be based in NYC, SF, Seattle or Remote
Carta is a Series F company and is backed by top-tier VCs like Andreessen Horowitz, Lightspeed Venture Partners, Meritech Capital, and more.
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, connect with us via email at recruiting@carta.com. As a company, we value fairness, helpfulness, transparency, leadership and build our teams around these values. Check out our careers page to get to know us better as you think about your next step at Carta.
Please read about our candidate privacy policy here.
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, connect with us via email at recruiting@carta.com. As a company, we value fairness, helpfulness, transparency, leadership and build our teams around these values. Check out our careers page to get to know us better as you think about your next step at Carta.
Tags: Application security Automation AWS Cloud DevOps Docker JavaScript Kubernetes Lambda Network security Privacy Product security Python Ruby Scripting Vulnerabilities
Perks/benefits: Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs