DevOps and Security Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Security & Compliance Engineer for Cloud Product and Internal Systems
At Vouched, we are building an identity verification platform for developers. Companies use Vouched to verify identity while onboarding and authenticating users. We make identity verification easy with a combination of machine learning and data checks. Our customers leverage our APIs, integrations, and no-code solution to onboard customers to their systems. At Vouched, your work provides people with frictionless and fair access to healthcare, financial services, and work opportunities.
What We Do
We automate identity verification at scale and are growing fast
We service early-stage startups, unicorns, and large enterprises, with a focus on the developer experience. Check out our docs here to learn how our customers use our platform
We run on a modern cloud infrastructure powered by automated integration and unit testing, provisioning, deployments, monitoring, and notifications
We prioritize our work using light weight methodologies and collaborative communications
What You'll Do
We need someone who can drive security & compliance engineering across the organization. This includes ensuring our Google Cloud Platform (GCP) infrastructure, applications and IT processes are secure and compliant with ISO 27001 and SOC 2 Type II and are following best security practices.
We already have a great foundation - we’re compliant with ISO 27001 and SOC 2 Type II and we have Vanta, Rippling in place and integrated with our systems to ensure policies and controls are implemented. We need someone to manage this and continue to automate and implement it as we scale our product infrastructure.
Work closely with our engineering team ensures we’re building and operating the product in a secure and compliant way
Perform and automate security and compliance processes (managed via Vanta)
Facilitate annual audits with proof that our controls are in place for audits both for internal process reviews and for auditors
Help our customer-support team answer questions related to security and privacy questionnaires
Help our engineering team automate everything from commit to production such that things are tested, reliable, and secure and moving fast
Ensure that our cloud applications from Google Workspaces/GSuite to Salesforce to Slack to Snowflake are all integrated with our SSO
Handle provisioning or deprovisioning employees or contractors through our systems (all managed via Rippling)
Assist engineering debugging and troubleshooting issues in our production infrastructure
Participate in infrastructure on-call rotations
Requirements
Infrastructure and/or DevOps engineering experience, including security
Experience automating ISO 27001 and SOC 2 Type 2 (or similar) technical requirements
Experience managing the lifecycle of compliance processes
Experience with scripting languages (e.g., Python, Bash) and infrastructure as code (IaC) principles
Expertise in cloud infrastructure (e.g., AWS, Azure, GCP) and automation tools (e.g., Terraform, Ansible)
Experience with deploying and supporting containerize applications (e.g., Kubernetes, ECS)
CI/CD processes on production cloud infrastructure, i.e. AWS or GCP
Understanding of asynchronous and distributed microservices architectures
Benefits
Flexible paid time off
Healthcare
Vision
Equity compensation
Flexible remote, work-from-home arrangements
Parental leave
$150,000 to $200,000 OTE
This is a remote role - however, you must be based in the US (US work authorization required)