Apply📍 Canada
🧭 Full-Time
🔍 Software Development
🏢 Company: Docker👥 251-500💰 $105,000,000 Series C almost 3 years agoDeveloper ToolsDeveloper PlatformInformation TechnologySoftware
- 5+ years of experience security engineering roles, with a focus on product security, infrastructure security, ideally in a cloud-first environment
- 3+ years of experience developing in Python or Golang
- Knowledge of secure coding principles and experience with security testing tools (SAST, DAST) within CI/CD pipelines
- Understand, authentication, authorization, including technologies like OAuth, SAML, OIDC, MFA, cryptography applications and Zero Trust principals.
- Strong cloud expertise with hands-on experience in cloud ecosystems (e.g: AWS, GCP, or Azure)
- Knowledge on securing containerized environments: (Docker, Kubernetes) and implementing runtime security tools
- Previous experience evolving and enforcing policies to assist co-workers in maintaining corporate and cloud security
- Familiar with data privacy and compliance regulations (e.g, SOC 2, ISO 27xxx, GDPR, CCPA, FIPS) aligning security initiatives
- Embed security best practices within the Software Development Lifecycle (SDLC), including secure coding, code review, and application security testing
- Partner closely with engineering to drive security architecture and processes that implement security controls across our software and systems
- Design and enforce security configurations in cloud environments (e.g. AWS), including IAM roles, security groups, and VPC segmentation
- Establish automated monitoring and alerting to detect anomalies or potential breaches across cloud infrastructure
- Maintain cloud and infrastructure security: AWS Security Hub, AWS IAM, AWS Key Management (KMS), OPA for Terraform
- Take ownership, define strategy, and drive improvement for part so our security program such as threat modeling, secrets management, or container security
- Plan and perform product security assessments including architecture review, threat modeling, code review, pen testing and general security consulting to proactively build security controls
- Partner with detection and response to create new capabilities or respond to security events
- Work with leadership to align security initiatives with business goals, ensuring that security is a core component of product and infrastructure
- Serve as a security subject matter expert for software security and architecture
- Educate and collaborate with cross-functional teams (e.g., engineering, product) to promote security practices
- Have the ability to participate in our incident response team on-call rotation
AWSDockerPythonSoftware DevelopmentCloud ComputingCybersecurityKubernetesOAuthGoCI/CDRESTful APIsLinuxDevOpsTerraformCompliance
Posted 1 day ago
Apply