Role overview
- Experience with AWS and many of its services.
- Experience conducting regular threat modeling assessments.
- Experience securing production and development systems.
- Experience operating static and dynamic security analysis tools, e.g., AWS Trusted Advisor, AWS GuardDuty, AWS Inspector, etc.
- Familiarity with fraud detection, intrusion detection, vulnerability/patch management, and the like.
- Familiarity with infrastructure as code (HashiCorp Terraform).
- Working knowledge of Go.
- Solid written and verbal communication skills.
- Imaginative, proactive, and independent; balanced in terms of exploration, implementation, and system-level thinking.
What you'll work on
- Own backend security—end-to-end—and lead key security initiatives.
- Work hands-on, designing, building, maintaining, and upgrading our backend security.
- Design solutions and processes to identify, mitigate, and eventually resolve ever-changing security risks and vulnerabilities.
- Research threats and attack vectors that impact our applications and infrastructure.
- Proactively influence and enable Engineering teams to solve security challenges at scale while balancing usability, stability, and performance through mentoring and sharing application security best practices and standards.
- Provide security guidance on a constant stream of new backend/core infrastructure and technologies, diving deep into architectural details to ensure the perpetual in-depth hardening of our systems.
- Conduct Security architecture reviews, penetration testing, and source code reviews of key services, infrastructure, and underlying technologies.
- Research the latest security tools and techniques.
Tags & focus areas
Used for matching and alerts on DevFound Cloud Dev Security Rust Python Terraform Aws