Job Description

What we are looking for

JumpCloud is looking for a Senior Security Engineer on the DevSecOps team focusing on building and maintaining infrastructure, software, and automation to monitor and mitigate attacks and vulnerabilities across JumpCloud products and services. You will be part of a team based in the IST time zone responsible for ensuring JumpCloud products' integrity and keeping JumpCloud users safe. A US-based DevSecOps team is already in place and we are looking to build out a global team as an extension of the current team.

About the team

As a Senior Security Engineer on DevSecOps, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. You will collaborate with SecOps, GRC, and other security functions, gaining exposure to a broad range of security domains.

What you will be doing

Lead the design and maintenance of infrastructure, including custom software and vendor integrations, to meet advanced security needs for Product and Infrastructure Security

Develop and implement policy enforcement automation and comprehensive reporting systems

Set up data ingestion, as needed, for the SIEM or other tooling

Collaborate with DevOps and Developer Enablement teams outside of the US to embed security best practices and establish guardrails for developers

Conduct and oversee threat model reviews of product features and architectures, providing strategic guidance

Mentor and guide service/feature teams in secure software design principles

Necessary skills

5 years of experience in the field of security engineering with an extensive background and experience in software development and architecture

Production experience with AWS or GCP

Comfortable writing Golang code

Some familiarity in Terraform (HCL) and Kubernetes

Experience with CI/CD tools, particularly GitHub Actions

Strong written and oral communication skills, with the ability to convey complex security concepts

You also have some experience in one of the following areas

Red teaming/internal pentesting

Product Security (ProdSec)

Including threat modeling and secure architecture design/review

Authentication protocols (SAML, OAuth, LDAP, etc.)

Mobile application security (iOS and Android)

Bonus points for experience with

Open Policy Agent (OPA)

Open source security tools

Data pipeline tooling

Certificate infrastructure

Distributed systems

Working on core OS (Windows, Mac, Linux) APIs

Personal characteristics we are looking for

Results oriented, self driven, and able to work independently with minimal supervision

High level of integrity with a commitment to accountability

Excellent communication skills, capable of articulating complex ideas clearly

Creative problem-solving abilities with a passion for security

Role requirements

You must overlap and work at least 5 hours within US Central Time business hours (e.g., 9:00 AM - 2:00 PM Central Time)

You must be available for on-call (after hours) duties for any internal tools/services this new team might own

You must be willing to support the Security Operations team during incidents in performing ad-hoc queries, forensics, etc.

Red Cell Partners

Senior DevSecOps Engineer

About Us Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to marke;

engineer
senior
devops

Scribd