About the Company:
Craft is a supplier intelligence company helping organizations accelerate data-informed business decisions. Our unique, proprietary data platform tracks thousands of real-time signals across millions of companies globally, delivering best in class monitoring and insight into global supply chains, among other company cohorts. Our clients, including Fortune 100 companies, government and military agencies, SMEs, asset management groups, and others, use our technology for supply chain intelligence, market intelligence and related use cases. Through our modular, secure, customizable portal, our clients can monitor any company they are working with and drive critical actions in real-time.
We are a well-funded technology company with leading investors from Silicon Valley and elsewhere, but are not your typical data or SaaS startup. Our CEO is a seasoned entrepreneur and Juilliard-trained cellist. The Craft team is globally distributed with headquarters in San Francisco and London, UK. We fully support and encourage remote workers, and have team members across North America, Canada, and Europe. We are looking for innovative and driven people who are passionate about building delightful software to join our rapidly growing team.
In recent years, the global supply chain has experienced unparalleled disruption and unpredictability. This includes a global chip shortage, blockages in the Suez Canal, and cyberattacks closing down the largest refined oil pipeline system in the US. Over $4 trillion in revenue was lost in 2020 alone due to supply chain disruption. As a result, companies are working to improve their understanding and monitoring of their suppliers so they can proactively identify and prevent risk.
A note to candidates:
We are an equal opportunity employer who values and encourages diversity, equity and belonging at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
About the role:
Craft is growing! And we're looking for a motivated engineer to help us deliver safer software sooner. The ideal candidate is a self-starter, loves their craft, and puts security and ease-of-use at the center of all decision-making.
As a SecOps Engineer at an earlier-stage startup, you will have an opportunity to make a substantial impact on the maturation of Craft's Cybersecurity program. You will collaborate on planning, requirements, research, and design of security solutions with the rest of the engineering team.
In this role you will:

• Partner with engineering teams to integrate and automate security at every level of the software development lifecycle.
• Perform threat modeling, risk assessment, and code reviews to assess cybersecurity implications.
• Work with other engineers to establish the correct security and governance practices, and conduct audits.
• Extensively improve the existing secure coding practices, lead threat modeling efforts, and implement secure software lifecycle processes and automation

What we're looking for:

• A bachelors degree (Major or Minor) in a Cybersecurity Engineering, Computer Science, (or closely related field); or 4+ years of experience as a SecOps or DevSecOps Engineer
• Knowledge of JavaScript, Python, Go, shell scripting (Bash, etc) or other programming language knowledge for writing tools and utilities
• Experience working in a Security Operations Centers or demonstrable knowledge of configuring and maintaining SIEM/SOAR systems.
• Familiarity with standards such as SOC2, FedRamp, and/or ISO 27001 as it relates to Cloud and Infrastructure is desirable but not required.

We'd love to hear from you if:

• You're a strong team player, a great listener, and able to facilitate discussion and move diverse opinions towards clear decisions
• Have an extreme ownership of your product, and a can-do, get-it-done attitude
• Are detailed-oriented and are always striving to uncover and fix cybersecurity gaps
• Have a "shipping" mentality, and an ability to get things done
• Advocate for modern engineering and cybersecurity best practices
• Show curiosity through asking questions, digging into to new technologies, and always trying to grow

Benefits:

• Competitive salary + equity at a well-funded, fast-growing startup
• Unlimited vacation time
• Option to work 100% remotely or out of San Francisco office
• Covered vision, dental, and health insurance
• 401K
• Monthly Wellness/Learning stipend
• Apple laptop
• Workstation allowance (standing desk, chair, monitor, etc)
• Collaborative, high-paced, supportive culture