Security Architect

Sevilla, Spain
Engineering
Full-time

This job is listed in Seville, but candidates who wish to work from our San Francisco office or remotely will be considered, as well.

Bitnami's missions is to bring awesome software to everyone. Every month, 1MM + developers come to our site to download and launch their favorite language run times and applications. We are looking for a Security Architect to amplify our already stellar reputation for security, as well as simplify software deployment across all major public clouds and container platforms, including AWS, Google, Azure, VMWare and Docker.

Our ideal candidate has extensive experience leading the maintenance of Open Source software packages focused on CVEs and other security patches. We're looking for someone who is passionate about ensuring that end-users are using software that is configured to be secure by default and are always running the most secure versions, and configurations, of their software packages. This is a leadership role focused on setting strategy, architecture, processes and company culture for all things security.

Responsibilities

    • Own security strategies for all Bitnami projects, code, images and websites
    • Design and lead the process for ensuring the industry's fastest response to security updates, in all Bitnami images and assets (essentially, keep Bitnami's users up to date with the latest security patches)
    • Consult with all engineering teams at Bitnami to ensure that all plans and architectures are pursued with a security-focused mindset
    • Engineer, implement and monitor security measures for the protection of computer systems, networks and information
    • Identify and define system security requirements
    • Respond to enterprise customers' security questions and represent Bitnami to partners and customers regarding the security of our products and security-related methodologies
    • Play a key leadership role in Bitnami's policies regarding data governance, integrity and privacy
    • Coordinate with the SRE team, making sure that best practices are implemented and followed for both corporate tooling and hosted end sites
    • Prepare and document standard operating procedures and protocols
    • Develop technical solutions and new security tools to mitigate security vulnerabilities and automate repeatable tasks
    • Determine security requirements by evaluating business strategies and requirements (researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, preparing cost estimates)
    • Maintain security by monitoring and ensuring compliance to standards, policies and procedures (conducing incident analyses, developing and conducting training programs)
    • Drive compliance and perform gap analysis with regulatory and industry standards required by enterprise customers and prospects
    • Plan security certifications, penetration tests and other third party validations of Bitnami's security stance
    • Keep the company and team up to date on security incidents; they should know as much as possible, as quick as possible

Requirements

    • Proven track record of maintaining multiple open source packages and keeping them up to date with the latest security fixes
    • Substantial experience supporting users who are using said software packages in live production environments
    • Good understanding of software development processes
    • Strong, proven leadership skills
    • Proficient in English (verbal and written)

We are bootstrapped, profitable and growing.  We have offices in San Francisco and Seville, along with a diverse remote team. We were part of Y Combinator's Winter 2013 batch.

Learn more about our team and what it's like to work at Bitnami by visiting the About Us and Careers pages on our website.

Bitnami is an equal opportunity employer.