Senior Security Engineer - DevSecOps
All roles at JumpCloud are Remote unless otherwise specified in the Job Description.
About JumpCloud
JumpCloud’s mission is to Make Work Happen®, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply conditional access controls based on Zero Trust principals. Since launching in 2012, our global user base has grown to more than 150,000 organizations, with more than 5,000 paying customers including Cars.com, GoFundMe, Grab, ClassPass, Uplight and Peloton. JumpCloud has raised over $400M from world-class investors including Sapphire Ventures, General Atlantic, Sands Capital, Atlassian, and CrowdStrike. Our teams are growing fast, too, and we're looking for talent across engineering, sales, customer success, marketing, product management, and more. Join our team of dedicated, passionate, and creative people who are eager to change the IT industry forever.
JumpCloud is looking for a Senior Security Engineer focusing on Cloud architecture, deployment, and automation to monitor and mitigate attacks across JumpCloud products and services DevOps style.
You'll be someone JumpCloudians across the company depend on and trust to respond quickly and effectively in a crunch. The outstanding communication and collaboration skills needed to work in partnership with diverse stakeholders.
Most importantly, you will become a critical member of the team responsible for ensuring JumpCloud products' integrity and keeping JumpCloud users safe.
About the Role: As a DevOps Senior Engineer in the Security Engineering Team, you will be responsible for designing and developing innovative security solutions for protecting data deployed into the cloud. You'll lead and sustain the security vision and strategy for our deployments across infrastructure and software, leveraging JumpCloud products where applicable.
Furthermore, you will be both hands-on technical, collaborative and influential. You will be expected to communicate with cross-functional teams in Product Management, Development, Platform Engineering and DevOps/SRE to drive security throughout the entire product directly.
The company's leadership team, and a cross-functional team of skilled engineers from various perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how JumpCloud functions on a technical and process level and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in keeping JumpCloud secure and compliant, bringing security to our company's forefront.
Responsibilities and Duties
- Build tools and automation to implement "security as code" using cloud services and CI/CD pipeline
- Identify gaps in existing cloud security architecture and design and recommend changes or enhancements
- Work on critical areas to develop security baseline for cloud, container, and application and integrate it into the CI/CD pipeline
- Partner with engineering and operation teams to integrate security controls into continuous integration, delivery, and deployment processes
- Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements
- Provide guidance and subject matter expertise in cloud infrastructure, application & data security to engineering and operation teams across the company
- Apply a risk-based approach to make the right security decisions and priorities
- Build strong relationships with JumpCloud's cross-functional teams and cultivate a culture of security awareness and ownership
- Focus on securing the SDLC from repo to release using automation as a coverage model for scale.
- Hardening and benchmarking using automation across the infrastructure in collaboration with platform operations
Qualifications and Skills
- Hands-on experience and in-depth technical knowledge in cloud security, computer and network security, authentication and security protocols (TLS, SAML, Oauth, etc.)Understanding of software security architecture and design, SDLC, and the ability to articulate best practices for application security
- Hands-on experience working with microservices and container-based deployments and orchestration tools (e.g., Kubernetes, Docker Swarm, EKS, GKE, Rancher, Nomad).Hands-on experience with the development, deployment, and automation of security solutions with CI/CD in an AWS environment (CircleCI, TravisCI, Jenkins, etc.)Expertise in cloud automation tools such as Terraform, Cloud Formation, Ansible, etc.
- In-depth knowledge of network-based, system-level, and application layer attacks and mitigation methods
- Hands-on experience with a broad range of AWS and non-AWS security technologies, including VPC, IAM, AWS WAF, KMS, etc. Proficiency in solving platform concerns using a programming language such as Ruby, JavaScript, Python, and Go is required.
- Strong experience partnering with development teams, driving to improve the platform to provide an excellent user experience.
- Strong applied cryptography and implementation are a plus (asymmetric and symmetric key encryption, key management, etc.)Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business
- Superb communication and leadership capacity; ability to partner effectively with diverse company stakeholders.
- Experience deploying certificate-based authentication, secrets management, and lifecycle management.
- Amazon certifications such as AWS Operations, AWS DevOps Engineer, AWS Developer, or AWS Solutions Architect are a plus.
Personal Charateristics
- Views security as an enabler, not an inhibitor to innovation.
- Ownership and Accountability
- Autonomy
- High Level of Integrity
- Clear Communication
- Creative Problem Solver
- Passionate about Security
In accordance with the Colorado Equal Pay for Equal Work Act, the approximate annual compensation range for this role, depending on individual candidate level and experience, is $150,000 to $175,000, including base salary and any related bonuses or commissions. JumpCloud provides a comprehensive benefits package, with several medical plans to choose from including a high deductible HSA plan with employer contribution, two dental plans, vision insurance, flexible spending account (FSA), employee assistance program (EAP), short- and long-term disability, life insurance and a 401k savings plan with match. We have an unlimited vacation policy.
#LI-JW1
Where you’ll be working/Location:
JumpCloud is committed to being Remote First. If a role requires you to be in a certain location or country, that will be clearly stated in the job description. All roles posted in United States locations do require that you be located within one of the 50 U.S. States.
Our Headquarters is in the Denver/Boulder, CO area. Once we reopen our offices you will have the opportunity to remain fully remote, work from one of our office locations (CO only currently) or flex your time.
Why JumpCloud?
If you thrive working in a fast, SaaS-based environment and you are passionate about solving challenging technical problems, we look forward to hearing from you! JumpCloud is an incredible place to share and grow your expertise! You’ll work with amazing talent across each department who are passionate about our mission. We’re out of the box thinkers, so your unique ideas and approaches for conceiving a product and/or feature will be welcome. You’ll have a voice in the organization as you work with a seasoned executive team, a supportive board and in a proven market that our customers are excited about.
Please submit your résumé and brief explanation about yourself and why you would be a good fit for JumpCloud. Please note JumpCloud is not accepting third party resumes at this time.
JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
#LI-Remote