about 13 hours ago
Responsibilities
- Own company-wide compliance and drive the compliance program end-to-end.
- Lead secure system design with a focus on secure-by-default architecture.
- Secure the software supply chain through dependency scanning and vulnerability response.
- Re-architect core infrastructure for enhanced security and isolation.
- Run the external security program, including penetration tests and compliance audits.
- Embed security practices within the engineering team to accelerate shipping.
Requirements
- Deep experience securing cloud-native infrastructure on AWS.
- Strong track record with Kubernetes, Terraform, and securing CI/CD pipelines.
- Hands-on experience with compliance frameworks like SOC 2 and related tooling.
- A genuine defense-in-depth mindset with knowledge of threat modeling and secrets management.
- Ability to ramp quickly and work independently in a fast-paced environment.