Software Security Engineer, Security Development
As the leading workforce management solution for the skilled trades, Workrise makes it easier for skilled laborers to find work, and for companies to find in-demand workers. Workrise currently operates in wind, solar, construction, oil and gas, and defense industries. We’re growing, and we’d love to learn what you can add to our team!
Workrise is hiring a Software Security Engineer with a focus on developing security focused applications and services that will be responsible for the unified view into all security functions. Our ideal candidate for this role will be someone who has experience and deep understanding of modern cloud application environments, full stack development, the role of application security in the SDLC, and a keen sense of risk and threat assessment. This role involves building a full stack holistic view into core security functions, intelligence streams, and both internal and external data sources. Requires deep understanding of modern software development practices, external threats, and security workflows.
Why Join us? Our Security Engineering team at Workrise is helping to build a modern and scalable platform for the future of the skilled labor workforce. You will be owning a large portion of the security technical practices that focuses on providing a unified view into all security functions.
What you'll be doing:
- Partnering and collaborating with our engineering organization to foster modern security practices and culture.
- Automating data sources both internal and external that enables data collection into a unified backend.
- Creating a frontend that standardizes security workflows and functions that can provide a holistic view into threats and risks.
- Creating libraries to support the needs of Engineering, Privacy and Trust, and Research.
- Contributing to open source projects, and help to review open source contributions from Workrise engineering
What you should have:
- Bachelor’s degree in Computer Science, Engineering or related field or equivalent experience.
- Minimum of 5 years technical professional experience in a security or software engineering discipline.
- 2+ years of experience in cloud security, architecture, and secure coding practices.
- 2+ years working in a cloud environment (AWS, GCP, or Azure).
- 2+ years working with container orchestration services (ECS, K8’s, Cloud Run).
- Demonstrated experience within the security community on open source projects, bug bounty submissions, or similar contributions.
- Deep knowledge of both loosely and strongly typed languages.
- Ability to work with engineering focused teams to promote safe development practices.
- Experience with CI/CD tools such as CircleCI, Jenkins, Github webhooks.
- Solid understanding of CVSS or other threat modeling frameworks.
- Demonstrated experience in at least one programming language such as Python, Java, Go, JavaScript, or Rust.
- Experience with the OWASP Top 10 and common application exploits, and techniques.
- Experience with RBAC and IAM access control techniques.
- Exposure to security and compliance, and privacy frameworks such as GDPR, CCPA, ISO27001, NIST CSF.
- Experience with full stack applications bridging the gap between frontend and backends.
- Experience with automating internal and external data sources.
More than a job:
At Workrise you can feel good about your work and furthering our mission to serve those who do the hard work. We recognize that making an impact matters to you and we believe in providing an environment that fosters that ambition. We welcome you to develop relationships with coworkers by displaying our company values: Own the Mission, Learn and Grow, Solutions Over Ego, and Raise the Bar. In appreciation for your contributions, we support you with various health insurance plan options (including medical, dental, vision), flexible paid time off, and competitive 401k matching.
As a world-class employer, Workrise is committed to providing an environment where any and all people feel welcome, respected, and free to be their authentic selves. We welcome applicants of all gender identities, sexual orientation, educational background, religion, ethnicities, veteran status, and citizenships. We’d love to learn what you can add to our team!
In 2014, we set out to create a better way to get work done in the Oil & Gas industry. The goal — to build the most reliable and cost-effective workforce solution, using technology to make it easier to manage and deploy workers at scale. Over time, we’ve grown to serve construction, wind, solar, and defense.
We’re a Series E startup, backed by industry-leading investors Founders Fund, Bedrock Capital, Andreesen Horowitz, Baillie Gifford. To date, we’ve placed over 26,000 skilled tradespeople with over 500 businesses and are poised to grow exponentially over the coming months and years.
We’d love to share more through the interview process!