BoulderRecruiter Since 2001
the smart solution for Boulder jobs

DevSecOps Engineer

Company: Strata Identity
Location: Boulder
Posted on: January 15, 2022

Job Description:

DevSecOps Engineer

The Company
Strata is venture-backed and the #1 Cyber-Security startup for 2021. We are building the next generation of distributed identity management for the multi-cloud world. Led by a visionary team of serial entrepreneurs (with multiple exits) who made the first generation of Web identity management, the first IDaaS solution, co-authored SAML, and now are creating the Identity Orchestration market.

This is a ground-floor opportunity for an engineer that wants to have a hand in building the future of multi-cloud identity. Strata is that opportunity applied to the hottest, exponentially growing security market.

The Team
At Strata, we build software using a highly collaborative Agile model, leveraging small stories and test-driven development in a highly collaborative (and fun) environment. Our engineering team is a hybrid model with a development team in Vancouver and engineers across the US. We build Maverics using GoLang, and we practice build/run with DevSecOps.

The Product
Strata's platform - Maverics - is an abstraction layer that makes delivering identity to apps simple, all without requiring any rewriting of applications. By creating an Identity Fabric, customers can seamlessly integrate with multiple identity infrastructures enabling next-level agility and cloud-scale.
Strata works closely with our partners at Microsoft Azure, Okta, AWS, GCP, and VMware to ensure interoperability through deep, native integrations. Strata's Maverics Identity Orchestration software runs natively in the cloud or on-premises either as a native service or containerized on Kubernetes.

The Role
In this role you will primarily be hands-on, supporting the security of our infrastructure in multiple regions, with a heavy focus on supporting the full stack security of SaaS apps that run on kubernetes.

The hands-off parts will entail supporting compliance initiatives such as SOC2, documenting and presenting security findings, developing VDP and incident response processes, and evangelizing about security internally and externally.

We are a startup, so candidates will work on exciting new product offerings and great cloud technology SaaS services that are in a high growth phase. But you also don't mind helping out with more mundane chores, should the need arise.

Your ability to clearly communicate and collaborate will be key to success in this role. You prefer to work as a team player and you're capable of compromise when required.

Ensure strict security configurations are applied to our multi-tenant SaaS services
Implement automation to prevent and detect security flaws in all our infrastructure environments
Build security testing into the delivery pipeline
Build out a SIEM that is our eyes and ears into our infrastructure
Provide requirements to development teams to correct security findings and to improve overall product security best practices
Define and implement metrics to provide visibility risks and security controls
Identify, integrate, monitor, and improve security controls by understanding business processes and requirements
Lead training and awareness sessions
Define, lead, and influence processes to secure infrastructure and services
Work with product to prioritize security findings
Define and evangelize requirements and guidance for secure by design and secure by default principles
Identify and advocate for new and novel uses our platform and technology
Participate in incident response processes and on-call rotation

Required Skills & Experience
3+ years experience as a hands-on infrastructure security engineer, or as a devsecops type role.
Bachelor's or Master's degree in Computer Science or similar fields, or equivalent experience
Experience developing solutions in AWS is ideal, but other k8s on Google Cloud or Azure is acceptable.
Experience with Terraform, Ansible, Docker, Kubernetes, and similar technologies
Proficiency in threat modeling
Ability to read (and optionally write) Go and or Python
Knowledge of common threats to cloud infrastructure, web applications and their countermeasures
Strong networking knowledge in either cloud or on-prem deployments and experience with designing networks utilizing load balancers and proxies such as nginx, Apache, HAProxy etc

Optional Skills & Experience
Formal experience training others on security topics - secure coding practices, analyzing test results

Keywords: Strata Identity, Boulder , DevSecOps Engineer, Engineering , Boulder, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Boulder RSS job feeds