Software Engineer, Cloud Security

About Caribou 

At Caribou, we’re on a mission to help drivers save money and take control of their car payments. Caribou does this by using technology to unlock low rates, and people to make the process easy and enjoyable. We offer a fully online application and a dedicated team to walk you through the process. We put Drivers in control.

In the last year alone, we grew revenue by 5x and raised a $50M Series B. We’re built by leaders from the technology, automotive, and finance industries, and we’re proud to be backed by a great team of venture capital investors, including QED Investors, Goldman Sachs, Moderne Ventures, Accomplice, Link Ventures, Motley Fool Ventures and others.

About the Role

Caribou is looking for a Software Engineer, Cloud Security who can help us build a DevOps Culture where security is something everyone in the organization thinks about every day.  We need help expertly balance solving today’s challenges to enable feature development with investing in forward thinking platform technologies and techniques. In other words we need someone who can implement security tools and best practices in a cloud native environment that are essentially integrated into our internal DevOps/Platform as a Service offering.  While also having a pragmatic approach that balances security with business efficiency. The Software Engineer, Cloud Security will:

• Define deployment architectures for key platform components.
• Assist with technical and architectural reviews with an eye toward security.
• Design and integrate static code scanning and security tooing in CI/CD pipelines.
• Utilize ELK SIEM to develop and implement intrusion detection protocols.
• Implement GCP security best practices, and methods to monitor the GCP platform including organizational policies, guardrails, and least-privileged IAM policies.
• Evaluate and implement security strategies for Kubernetes including user management, container policies (ie: Open Policy Agent) and network policies.
• Codify security best practices in tooling that Software Engineers can utilize.
• Overall, responsible for designing and implementing the security tooling that will grow with the business.
• Be a developer partner that helps teach how security isn’t burdensome, but actually fun and exciting (disclosure: Two people who are security nerds are writing this job description, so we may be biased).

This role can be based out of Caribou offices in Washington, DC; Denver, CO; Austin, TX. Alternatively, the Software Engineer, Cloud Security may work remotely from a state where Caribou does business. However, this role will require attendance at occasional in-person team meetings. As a result, candidates must be fully vaccinated against COVID-19 to be eligible for this position.

About You

You expertly balance solving challenges to enable feature development with investing in forward thinking platform technologies and techniques.  This means bringing equal parts technical mastery and creative collaboration to the role. You most likely identify with many of these qualities:

• 2+ years of work experience working in the domain and tech described above.
• Passionate software or cloud engineer with high standards of craftsmanship
• Get excited by Kubernetes, containers and the cool architecture they enable.
• Pragmatic approach to security, always looking for ways to automate security.
• Developer background who wants to codify security best practices in code.
• Has a goal to make as much of security as invisible as possible and yet being at the forefront of everyone's mind.
• Continual learner who can make recommendations and demonstrate leadership for security tool selection and implementation.
• Enjoys being in the middle of things and balances with staying focused.
• Systems thinker who understands the value DevSecOps is creating a culture of developer-ownership through automation and infrastructure as code
• Mentor who can get others enthusiastic about security.
• Person who cares deeply that your work realizes positive outcomes for our world.
• You mess up because you're learning, and can help us learn to not make the same mistakes.
• Team oriented, succeed as a team

How we will take care of you

Everyone at Caribou is a valued team member, and we always strive to live up to our value Take Care of Each Other. Our compensation and benefits package includes: 

• Competitive compensation: $130-$150k annual salary
• Equity in a high-growth company
• 401k savings program with 3% company contribution
• Generous paid time off including: 20 days accrued PTO per year, 14 annual company holidays, 16-weeks paid parental leave, bereavement leave, and volunteer day
• Robust wellness benefits including company-paid plans for health, dental, vision, mental health, disability and basic life insurance
• Optional benefits to suit your individual circumstances such as HSAs, FSAs, supplemental life and medical insurance, and pet insurance
• Up to $1,000 per year for eligible professional development expenses

Our Core Values

We come from all walks of life and are joined together by our shared values, which guide our work. This helps us improve life for our customers, our communities and our team members.

• See people as people
• Take care of each other
• Commit to the mission
• Move quickly and bravely
• Get better every day
• Seek truth

Our Tech stack is not limited to this list but gives you a general flavor of our ecosystem: Rails, Kong, Airflow, Python, Node (NestJS), Typescript, GraphQL, Postgres, Google Cloud Platform, Argo CD & Workflows, Terraform, Kubernetes, Open Policy Agent, Sonatype Nexus, ELK stack, Prometheus, Grafana

Caribou is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, pregnancy status, marital status, military or protected veteran status, genetics, or any other characteristic protected by law. This position is not restricted solely to the responsibilities listed above, and the scope and responsibilities are subject to change. A pre-employment background check is required as a condition of employment.

#ZR