How You’ll Make an Impact
- Design and build automation that operates and enforces security controls—integrating cloud, infrastructure, and identity systems so controls run, and where possible self-remediate, without manual intervention.
- Build tooling and integrations across cloud APIs, identity providers (e.g., SCIM provisioning), vulnerability scanners, and ticketing systems into a coherent, automated system.
- Automate how we collect, validate, and report compliance evidence continuously across our cloud and corporate environments.
- Build dashboards and pipelines that give real-time visibility into control status, gaps, and audit readiness.
- As part of Security and GRC, translate framework requirements into practical, testable, code-driven controls.
- Improve how we monitor, prioritize, patch, and respond to vulnerabilities across our cloud footprint.
- Over time, design and build internal security systems end to end (e.g., vulnerability risk management, web application firewalls), review RFCs, and partner with engineering teams on architecturally significant, security-relevant decisions.
- Participate in the security team's on-call rotation.
What Makes You a Good Fit
- 3+ years of experience in a software, security, infrastructure, or platform engineering role.
- Strong coding ability, with experience building and maintaining tooling in languages such as Python or Go.
- Experience automating workflows and integrating systems via APIs.
- Working knowledge of cloud environments (ideally AWS), including how security and identity controls are implemented.
- Interest in engineering solutions to security and compliance problems rather than managing them manually.
- Comfort operating across both design and hands-on implementation, with an eagerness to grow into broader security engineering work over time.
Nice to Have
- Experience building or automating tooling for security platforms—SIEM, IAM/IdP, vulnerability management, EDR, and cloud security tools.
- Experience with compliance automation or GRC tooling (e.g., evidence collection, continuous control monitoring).
- Experience working in or automating for FedRAMP, SOC 2, ISO 27001, Texas RAMP, or CJIS-aligned environments.
- Experience with Kubernetes debugging, operations, or automation.
- Background supporting government, defense, or other highly regulated customers.
Compensation
The annual base salary range for this position is $160,000 - 210,000. Compensation will vary based on factors, including skill level, proficiencies, transferable knowledge, and experience. Regular, full-time employees are eligible for equity in the form of stock options, comprehensive benefits including health insurance, paid vacation time, sick leave, holiday pay, and 401K savings plan. Relocation assistance may also be provided for eligible roles.