Ideal start timeline: August 2026
Role status: Exempt
Compensation: Our target hiring range is $180,000-$198,000 plus participation in our Annual Bonus Program with eligibility for $12,000 bonus. Actual compensation will be commensurate with experience and skills.
Campminder’s Flexible Working Location: Our employees have the option to work 100% remotely within the United States or their choice of days at home and at our office in Boulder, Colorado. We host a variety of all-company hybrid meetings and social events. We require anybody working remotely to have a very reliable, high-speed internet connection.
We know the best people can choose to work anywhere.
Here’s a few reasons why 100+ of them choose Campminder:
- With 20+ years experience of serving the industry through its digital transformation, we’re stable, profitable, and have developed a loyal customer base (that continues to grow).
- We build software for summer camps, an industry that enables meaningful experiences for kids.
- We work on interesting, ambitious projects that create real value for our clients.
- We know our team members feel their work has an impact on the organization’s purpose.
- At the same time, we are genuinely committed to work/life balance. Our team members feel they have the flexibility to take time off when needed and feel supported in making use of flexible working arrangements.
- We invest in emerging technology and cutting-edge leadership and are proud to take an "AI-Enabled" approach in our solutions.
- We’ve been listed on Outside Magazine’s 50 Best Places to Work for 8 consecutive years for our values-led culture and employee experience.
This role’s mission & overview:
Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: architecting and hardening our security infrastructure, carrying our PCI and SOC2 programs through every audit, and setting the roadmap that keeps us ahead of real threats. You'll be the person the engineering org comes to on security and the one who defines what good looks like at Campminder.
As a Senior Cybersecurity Engineer on our Engineering team, you will:
- Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps
- Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production
- Configure, tune, and harden WAF rules across our web applications
- Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints
- Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts
- Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation
- Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration
- Coordinate pen testing engagements and drive remediation against SLA timelines
- Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring
We think a successful candidate will bring:
- 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security
- Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access
- Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code
- A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning
- Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work
- Familiarity administering SIEM/XDR and EDR/DLP tooling
- The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly
- Experience running or supporting security awareness and training programs
- Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development
Our Interview Process:
- 45 min - interview with People & Culture
- 60 min - interview with Hiring Manager
- 60 min - interview with future colleagues on the Technology Team
A few of the benefits we are proud to offer:
- Robust medical, dental, and vision coverage options with generous employer contributions, plus a $500 employer HSA contribution for HSA-compatible plans
- Ability to choose where you work - remotely, in the office, or a mix!
- A variety of resources to support mental health and emotional well-being
- 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care
- 401(k) with 4% company matching
- Trust-Based (flexible) PTO (and yes, we use it!)
- $900/year wellness allowance
- Company-paid subscriptions, training, and support for using AI professionally and personally. We have a team dedicated to enabling our AI capabilities for our team members and our customers!
We encourage people of all backgrounds to apply:
We're actively taking steps to make sure our culture is inclusive and that our processes and practices promote equity for all, including people of color, people from working-class backgrounds, women, and members of the LGBTQ+ community. We welcome and encourage applications from people with these identities or members of other historically marginalized groups.
Research shows that women and people of color tend not to apply to jobs unless they believe they are 100% qualified and apply to fewer senior-level positions. With that in mind, we encourage you to apply if you're not sure whether you meet our qualifications. We'd love to have the opportunity to consider you!
We encourage applications from parents, parents-to-be, and those responsible for the caretaking of others. We offer paid parental leave for birthing and non-birthing parents (including for adoption, surrogacy, and foster care placement) and paid loss leave to recover from miscarriage or stillbirth. The company's HSA and wellness allowance contributions may be used toward childcare, eldercare, adoption fees, and fertility treatments like IVF, among other expenses.
Skills Required
- 5+ years in security engineering or DevSecOps with hands-on pipeline and infrastructure security ownership.
- Experience configuring IAM and SSO platforms (Okta, Auth0) and Azure Conditional Access.
- Embedding security into CI/CD workflows: SAST, DAST, SCA tooling, secrets management, and policy-as-code.
- Track record hardening containerized and cloud-native environments, including Kubernetes and image scanning.
- Experience executing PCI technical controls (SAQ completion, quarterly ASV scans, evidence preparation).
- Familiarity administering SIEM/XDR and EDR/DLP tooling across servers and endpoints.
- Experience with vulnerability scanning and remediation tools (e.g., Mondoo, SecurityMetrics) and remediation workflows.
- Ability to coordinate and drive remediation from pen testing engagements against SLA timelines.
- Experience running or supporting security awareness and training programs (KnowBe4, Security Journey).
- Exposure to AI tooling governance, including code-gen governance and supply-chain monitoring for AI-assisted development.
Campminder Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Campminder and has not been reviewed or approved by Campminder.
-
Fair & Transparent Compensation — Pay bands with defined minimum/midpoint/maximum and annual market benchmarking are explained, clarifying expectations and how growth is determined. Posted role ranges and bonus eligibility further set clear compensation parameters.
-
Retirement Support — An immediately vested 401(k) company match is highlighted. This provides dependable long‑term value within total rewards.
-
Leave & Time Off Breadth — Trust‑based (uncapped) PTO, observed company holidays, and a year‑end company shutdown expand time‑off flexibility. Hybrid/remote options support practical use of time away.
Campminder Insights
What We Do
At Campminder, we build web and mobile enterprise SaaS products that help summer camps streamline their business operations. We support our clients with empathy, humility, and heart. With our values-based decision-making framework, we foster a powerful and fulfilling experience for employees and clients alike. Our #1 priority is employee engagement. Our ‘Minders will tell you their work is fulfilling because of the incredible impact it has on the camps, parents, and campers we serve. We solve complex challenges everyday, connect with and learn from great people, and navigate the journey with our core values as our guide.
Why Work With Us
If you were to ask any ‘Minder, their answer would include some variation of ‘the smart/caring/authentic/fun people I get to work with.’ Many of our team members spent some time attending/working at camps, their experience enables them to empathize with our clients and bring the spirit of camp into the workplace. We also have a LOT OF FUN together.
Gallery
.png)


.png)





