Security Engineer (DevSecOps) - Remote - Latin America

Arequipa, Peru
Engineering – Software Development /
Full Time /
FullStack is the fastest-growing software consultancy in the Americas. We help organizations like Uber, GoDaddy, MGM, Siemens, and Stanford University build distributed software development teams, and deliver transformational digital solutions. As an employee-first company, we focus on hiring the most talented software designers and developers in the western hemisphere, by creating a positive, respectful, and supportive work environment where they can achieve their greatest potential.

We’re most proud of:
*Offering life-changing career opportunities to talented software professionals across the Americas.
*Building highly-skilled software development teams for hundreds of the world’s greatest companies.
*Having delivered hundreds of successful custom software solutions, which have positively impacted the lives and careers of millions of users.
*Our 4.5-star rating on GlassDoor.
*Our client Net Promoter Score of 68, twice the industry average.

The Position:

      We're looking to hire several mid-level and senior DevSecOps engineers to join our team. As a Security Engineer at FullStack Labs you will:
    • Be a proactive member of the security team that drives complex security efforts for internal projects and external customers.
    • Own security decisions across client projects including identifying, planning, and applying security advance concepts and principles.
    • Advocate for security as a subject matter expert across multiple organizations, holding discussions on security topics and drive automation where required.
    • Design, build and review security-related services and functionality of web applications, mobile applications, and desktop applications.
    • Provide client engineering teams with well-researched security advice to demonstrate vulnerabilities, collaborate with all teams to provide secure development guidance.
    • Triage vulnerabilities that are found internally or reported through client bug bounty programs.
    • Serve as an escalation point of contact.
    • Conduct threat modeling, penetration testing, data security, DevSecOps, vulnerability management, and security metrics.
    • Work across Ruby on Rails, Apache, Nginx, PostgreSQL, AWS tech stacks.
    • You'll work with our incredible clients in one of two ways:
    • Team Augmentation / Staffing: You will integrate yourself directly into our client's team and work alongside their existing designers and engineers on a daily basis.
    • Design & Build: You will work on a FullStack Labs product team to build and deliver a product to our clients.

What We're Looking For:

    • 4+ years of combined experience as a DevSecOps, with coding experience in an object-oriented language in a SaaS multi-tenant environment.
    • Advance English is required.
    • Knowledge in OWASP practices.
    • Degree in Computer Science or equivalent practical experience, MS in Computer Science preferred.
    • Experience with:
    • Leading small initiatives with the ability to course-correct as needed.
    • Conducting threat assessments and creating remediation plans based on the results of threat assessments.
    • Penetration testing, threat modeling, open-source, and commercial security tools.
    • AWS and tools (GuardDuty, Tenable, Cloudconfirmity, Macie, Snyk, Cloudfront).
    • Infrastructure/cloud automation tooling (e.g. CloudFormation, Terraform, Packer).
    • Service Mesh/Discovery Tooling (e.g. Consul, Envoy, Istio, etc).
    • Continuous Integration (e.g. Circle CI, Jenkins).
    • Containers and Container Management (Docker, Kubernetes, Helm, Spinnaker).
    • Configuration and Security Management (e.g. SSL Certs, Puppet, Ansible, Salt, Vault, KMS).
    • Security tools: (scanners, Interactive security testing tools, Burp Suite). Technical Certifications are a plus (GIAC, OCSP, CISSP, OSCP).
    • Working on large, complex systems.
    • Working on Agile / Scrum teams.
    • Ability to consistently work 40 hours per week.

Benefits:

    • Competitive pay in US dollars.
    • 100% remote work, now and post COVID.
    • The ability to work with leading startups and Fortune 500 companies.
    • English Classes.
    • Virtual company events each month.
    • Ample opportunity for career advancement.
    • Continuing education opportunities.
FullStack is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form, which can be provided upon request during our hiring and interview process.

 Learn more about our Applicants Privacy Notice.