DevSecOps Engineer

At Tecton, we are on a mission to bring Machine Learning to every customer and product interaction on the planet. We build an enterprise-grade, world-class Feature Platform – the infrastructure that powers real-time ML applications and systems in production.
Tecton’s founders developed the first Feature Store when they created Uber’s Michelangelo ML platform, and we’re now bringing those same capabilities to every organization in the world.
Tecton is funded by Sequoia Capital, Andreessen Horowitz, and Kleiner Perkins, along with strategic investments from Snowflake and Databricks. We have a fast-growing team that’s distributed around the world, with offices in San Francisco and New York City. Our team has years of experience building and operating business-critical machine learning systems at leading tech companies like Uber, Google, Meta, Airbnb, Lyft, and Twitter.
This role is part of our growing Security team, responsible for securing Tecton’s product and the company as a whole. You'll have the unique opportunity to shape our security practices from the ground up, ensuring our product remains resilient and protected against emerging threats. You will collaborate with cross-functional teams to embed security seamlessly into our products and protect not only Tecton, but also our customers.

Responsibilities

• Work closely with Tecton’s DevOps team to implement security controls to satisfy CIS AWS and Kubernetes benchmarks.
• Define and implement security standards to secure Tecton’s SDLC.
• Assist DevOps team in improving Tecton’s Zero Trust access controls across cloud infrastructure.
• Assist in improving Tecton’s vulnerability management program.
• Triage emerging vulnerabilities and assess their impact on Tecton.
• Triage and manage vulnerability remediation submitted through Tecton’s vulnerability disclosure process.
• Assist Tecton’s DevOps team in creating a secure image pipeline for Tecton deployments.

Qualifications

• 3+ years of experience in a security role.
• 1 - 3 years of experience in a vulnerability management program for a cloud-native, containerized environment.
• Experience with industry security frameworks such as NIST or CIS.
• Experience with infrastructure-as-code tools such as Terraform, Ansible, Puppet
• Experience securing AWS services
• Experience hardening Kubernetes deployments
• Fluent in one or more programming languages, such as Python or Golang
• Strong and effective verbal and written communication skills

Tecton values diversity and is an equal opportunity employer committed to creating an inclusive environment for all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other applicable legally protected characteristics.  If you would like to request any accommodations from the application through to the interview, please contact us at recruitingteam@tecton.ai.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.