Information Security Engineer

Invoca


1 week ago

02/06/2020 10:22:57

Hiring from: US only

Category: Software Development


We have proudly been recognized by INC Magazine with the Best Workplaces award two years in a row! Read more about this achievement and what makes us special here: https://www.invoca.com/press/invoca-recognized-as-an-inc-magazine-best-workplace-for-the-second-consecutive-year/

Commitment to our customers, collaboration, and continuous improvement in a positive environment are more than words written on a wall at Invoca, it’s our way of life. We take pride in an inclusive and egoless culture that helps us drive innovation and build value for both our customers and our people. And of course, there’s the competitive pay, great perks, and getting to work on an industry-leading product. If this sounds unlike most tech jobs you’ve had, you’re right. Come join us. We’re building something special.

Job Description

Invoca offers an unusually valuable engineering experience. You will be part of a team of world-class Engineers scaling our Information Security program with our rapidly growing company and SaaS application. Innovating new and creative ways to secure our platform and people. Our remote-first team is committed to upholding high standards via modern methodologies of agile software development, test-driven development, and DevOps.

What you will do: 
  • Work with SRE team to deploy and maintain security tools for the organization
  • Execute web application and network penetration testing
  • Oversee vulnerability assessment platform
  • Innovate and assist in improving our Information Security framework
  • Assist with security awareness training (phishing tests, annual awareness, etc)
What we are looking for:
  • A minimum of three years of experience in an Information Security team
  • A systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.
  • Extensive experience within a production environment performing penetration tests on both systems and web applications
  • Knowledge of Docker, Kubernetes, and the challenges/benefits associated with containerization.
  • Hands-on experience with Configuration Management (e.g. Chef, Ansible, Puppet) and/or Infrastructure as Code (e.g. Terraform, CloudFormation).
  • A desire to create and write elegant, scalable, and maintainable tools and solutions.
 

 

What is the team like?

You’ll join a team where everyone, including you, is striving to constantly improve their knowledge of software development tools, practices, and processes. We are an incredibly supportive team. We swarm when problems arise and give great feedback to help each other grow. Working on our close-knit, cross-functional teams is a great chance to grow your knowledge of different domains from databases to front ends to telephony and everything in between.

 

We are passionate about many things: continuous improvement, working at a brisk but sustainable pace, writing resilient code, maintaining production reliability, paying down technical debt, hiring fantastic teammates; and we love to share these passions with each other.

Learn more about the Invoca development team on our blog and check out our open source projects.

 
Diversity and inclusion statement

“Our company is committed to creating a culture that is not only grounded in continuous learning, teamwork, and customer success, but is fair, equitable, and welcoming for everyone.” Gregg Johnson CEO

And to us, diversity and inclusion means even more than treating current employees well and making them feel welcome. It also means proactively hiring people who bring different insights because of their unique demographics, ways of thinking, and prior experiences.

We intend to continue hiring great people and protecting our culture so everyone can be themselves and speak their minds. That way Invoca will always be a place filled with laughter, energy, hard work, thoughtfulness and respect.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • As a Senior Security Engineer on the SRE Team at Skillshare, you’ll play a key role in helping us continuously improve our security programs to ensure the best experience for our users through the safety of our technology and data. 

    This role spans strategic work of putting in place forward-looking initiatives as well as responding to external threats on an ongoing basis, which means the opportunity for impact across the board.  We’re scaling quickly and are excited to bring someone onboard who can help us proactively tackle challenges – both in the day-to-day operations and anticipated future ones. 

    You’ll collaborate with the other members of the SRE team as well as the product development teams to plan and implement various security initiatives. We’ll look to your strategic expertise, reliable execution, and sound judgment to improve and maintain our security infrastructure, along with creating and improving processes for maintaining a secure product and environment.

    You’ll be joining a team that’s passionate about technology, and helping pave the way for building products together that we’re proud of. We’re excited to meet you.

    What you'll do:

      • Improve, monitor and maintain our information security.

      • Execute security initiatives related to infrastructure, product, and data.

      • Make strategic recommendations and improvements to our security.

      • Work with application developers to improve the security of various product features.

      • Proactively prep and train developers and raise the security awareness of everyone in the organization.

      • Quickly and proactively respond to incoming security threats.

      • Continually assess, address and report on the levels of threat and preparedness.

    Why we're excited about you:

      • 7+ years of experience building, supporting and securing cloud-based web infrastructure with AWS.

      • Knowledge of best security practices for building web applications.

      • Experience with security monitoring tools.

      • Experience in compliance with industry standards such as PCI, OWASP, NIST, GDPR etc.

      • Experience with Single Sign-on (SSO) for internal systems.

      • Understanding of and ability to deal with and prevent typical security threats and risks.

      • Deep understanding of web application infrastructure.

      • Working knowledge of software engineering.

      • Strong communication skills – you’re a natural collaborator and can report out to stakeholders of all levels.

      • Tech stack knowledge: Docker (Kubernetes experience is a plus), Linux, DataDog, AWS security products, MySQL.

    Why you're excited about us:

      • Impact: you’ll play a key role in shaping the direction of a comprehensive security approach long-term.

      • Growth: Our team is small, so you’ll have room to wear a lot of hats and take on more responsibility over time. 

      • Our mission: We are building a learning ecosystem for the new economy and changing millions of lives for the better.

      • Our team: We have a passionate, smart team that is a lot of fun to work with.

      • Your life: We take pride in our flexibility. Working remotely is part of how we need to work these days. You’re a professional, and we trust you to do what you need to do.
  • This Software Engineer in Test position for our Secure team is 100% remote.

    A brief overview:

    GitLab is building an open-source, single application for the entire software development lifecycle—from project planning and source code management to CI/CD, monitoring, and security.

    Right now, we’re in a period of growth, we’ve more than doubled the size of the Quality department through 2019, and we’ve increased the number of GitLab employees from 400 to over 1100 this financial year, too.

    At GitLab, we live and breathe open source principles. This means our entire handbook is online, and with a few clicks, you can find the details of future releases, check out our past releases, and see an overview of the product vision you’d contribute to when working here.

    As a Software Engineer in Test at GitLab, you will be embedded in our Secure stage group. You’ll be responsible for baking in a culture of quality across the categories found within our Secure team, expanding on our existing test automation frameworks and test coverage across a range of configurations, and leading our test automation efforts on new features within our Secure categories as part of a dedicated cross-functional team.

    What you can expect in a Software Engineering in Test, Secure role at GitLab:
    • As part of our Secure team you’ll work on test automation issues related to the Quality department, the Secure stage group, and the entire GitLab product. The work you’ll do will be transparent and open to the GitLab community.
    • You’ll develop new tests and tools for our GitLab.com frontend, backend APIs and services, and low-level systems like geo-replication, CI/CD, and load balancing.
    • You’ll identify and drive the adoption of best practices in code health, testing, testability, and maintainability.
    • You’ll work with engineers to define and implement mechanisms to inject testing earlier into the software development process.
    • You’ll configure automated tests to execute reliably and efficiently in our CI/CD environments.
    • You’ll work 1:1 with a Product Manager, and with the wider product and development teams to understand how new features should be tested and to contribute to automated tests for these new features.
    • You’ll work in an environment where we aim to have a 1:10 ratio of Software Engineer in Test to Engineers.
    • As an SET, you'll have the opportunity to become and expert in security testing-related techniques and concerns.
    Projects you might work on in our Secure stage group:

    You’ll spend your time collaborating with a cross-functional team who are embedded in our Secure stage group. You could work on projects where you’ll be tasked with moving our security products from their own standalone QA process to the GitLab QA review application, growing our test coverage across our security products, and implementing security testing processes.

    You should apply if:
    • You’ve got at least a few years of experience developing in Ruby or working on a Ruby on Rails application.
    • You’ve got some experience with security testing or an interest in the security field. To demonstrate this, you could be familiar with SQL injections, cross-site scripting, or URL manipulation. Alternatively, you may have been involved in OWASP or security hacking sessions. This list is by no means exhaustative, it's here to give you an insight into the type of securty-testing experience we can look for.
    • You’ve got a working knowledge of Docker.
    • You’ve worked with industry-standard CI tools like GitLab CI, Jenkins, Bamboo, or Circle CI for example.
    • You’re comfortable with Selenium-based test automation tools like Capybara.
    • You’ve got experience with Git and its command line.
    • You’re interested in growing your knowledge and skills in Test Environment Provisioning and Configuring (Terraform, Ansible, Kubernetes, GCP / AWS).
    • You know about clean code and the test pyramid, and champion these concepts.
    • Our values of collaboration, results, efficiency, diversity, iteration, and transparency resonate with you.
    • You'll thrive in an environment where self-learning and self-service is encouraged and instilled as a part of our culture.

    We're aware the confidence gap exists so we want to encourage you to apply even if you do not match all of the requirements exactly. The above list is intended to show the kinds of experience and qualities we're looking for. It is not a complete list of pre-required skills.

    The culture here at GitLab is something we’re incredibly proud of. Because GitLabbers are currently located in over 51 different countries, you’ll spend your time collaborating with kind, talented, and motivated colleagues from across the globe.

    Some of the benefits you’ll be entitled to vary by the region or country you’re in. However, all GitLabbers are fully remote and receive a "no ask, must tell" paid-time-off policy, where we don’t count the number of days you take off annually. You can work incredibly flexible hours, enabled by our asynchronous approach to communication. We’ll also help you set up your home office environment, pay for your membership to a co-working space and contribute to the travel costs associated with meeting other GitLab team members across the world. Also, every year or so, we’ll invite you to our Contribute event.

    Hiring Process and compensation:

    Our hiring process for this Software Engineer in Test position typically follows six stages. The details of this process and the compensation for this role can be found at the bottom of our job family page.

    Remote-EMEA
  • Articulate (US only)
    1 week ago
    Articulate is looking for a Platform Engineer to join our team. 

    We’re makers. We build delightful systems and tools that empower our engineering teams to move quickly, safely, and reliably. Join us in building scalable e-learning for millions of learners across Rise.com and Articulate 360.

    We need a special person who thrives in an environment of freedom. You might be our person if you can work largely self-directed from home and have hands-on experience building SaaS infrastructure on Kubernetes (or relevant experience).

    Responsibilities:
    • Configure systems and infrastructure as code using Terraform.
    • Work on critical infrastructure projects and make informed decisions that move Articulate forward.
    • Modernize legacy app infrastructure on EKS.
    • Build disaster recovery infrastructure and continuously improve uptime and availability.
    • Provide easy to use monitoring capabilities to our engineers and stakeholders (we use Datadog and other tools).
    • Work closely with our infosec team to address infrastructure level security concerns and maintain regulatory compliance.
    • Integrate all aspects of infrastructure authentication with our company’s identity provider (we use Okta).

    Qualifications:
    • Highly proficient with commonly used AWS services (or comparable experience with another cloud provider).
    • Skilled at risk analysis and can make critical decisions that impact your team and our customers.
    • Experience managing apps in Docker at scale.
    • Previous experience building Dockerized apps is a plus.
    • Networking experience, generally or specific to Docker.
    • Kubernetes and Helm experience is a plus.
    • Experience building monitoring apps at scale.

    About Articulate

    Articulate is a highly successful, fully remote software company that’s changing the way the world learns. Our award-winning e-learning tools are used by 98,000+ organizations across the globe to create engaging online and mobile courses. Our customers include 93 of the Fortune 100 and 19 of the top 20 U.S. universities. And our online community of 800,000+ members is the largest, fastest-growing community in the industry.
     
    We empower employees to thrive by fostering a culture of autonomy, productivity, and respect. We’re all free to exercise our crafts the best way we know how to reach our goals as individuals and teams. Each and every one of us is focused on producing results that directly impact the company’s success. And we all strive to do what’s right by people, both internally and externally, instead of taking the shortest route to the highest profits.
     
    We honor people’s humanity in all of our disparate experiences and social locations, accepting each person as an individual with a story worth listening to and honoring. We believe that honoring everyone’s humanity means being committed to equity and justice. We welcome different voices and viewpoints and do not discriminate on the basis of race, religion, color, national origin, ancestry, physical and/or mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, transgender status, age, sexual orientation, and military or veteran status, or any other basis protected by law. We are an equal opportunity employer and invite applicants to voluntarily disclose their race and gender on our application form to help us create a diverse company. This voluntarily disclosed information will not be shared with any hiring manager and will be kept in confidence by the Articulate human resources department and executives who are not hiring for this position.

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!