OVERVIEW  

As a Cloud Dev/Sec/Ops engineer at Automox, you'll research, design, and implement automation and Cybersecurity solutions to protect our client's most sensitive information in AWS, Azure, and GCP using secure systems development practices. You'll coordinate with Engineering, ITops, SecOps, and Executive teams, to identify the right mix of tools and techniques to bolster and harden Automox's current cloud and software security posture. You'll work as a team through a critical approach to design, providing alternatives and customizing solutions to maintain a balance of security and mission requirements. This is a chance to truly make a difference in the security of both our customers and Auotmox's critical systems. Your technical expertise will be instrumental as you help Automox overcome our most difficult challenges by integrating secure systems development practices like infrastructure as code, automated compliance, security testing, immutable containers, and end-to-end automated deployments.  The ideal candidate will have a strong background in Cloud security, Secure SDLC, and Web application pen-testing testing and remediation. 

THE FUN STUFF

• Truly Make a Difference
  • Collaborate with Engineering, SecOps, and Product teams to positively impact all functions within Automox, including securing our cloud infrastructure, enhancing our SDLC processes, finding and remediating security bugs, or proposing a new product feature that will genuinely help secure ourselves and our customers.
• Move at the Speed of Light
  • Time is of the essence, work with a highly talented, focused, and driven engineering team to implement scalable cloud security controls. Leave the barriers behind and enjoy the speed and fluidity that comes with being part of a startup.     

SKILLS AND ATTRIBUTES:

• Successfully established and implemented a scalable and secure cloud architecture strategy, specifically on AWS.
• Demonstrated experience in strategic planning, organization design and development.
• Hands-on experience writing tools that can integrate with the CI/CD pipeline and user-facing tools with good user experience.
• Have delivered high signal, low noise security tools that accurately identify security issues early in the SDLC.
• Have experience with security testing at scale by building and implementing static and dynamic analysis tools, open-source scanning tools, and integrating security into a CI/CD workflow.
• Have hands-on experience with the tools and technologies used throughout secure SDLC
• Expertise in software development using Python, JavaScript, or Golang.
• Expertise in application development frameworks, build systems, and the ability to integrate tools into the CI infrastructure.
• Proficiency in reading, writing, and auditing compiled languages like C++ and interpreted languages like Python or Javascript.
• Experience with continuous integration tools such as Gitlab CI, Jenkins, and build tools like CMake.
• Familiarity with SAST, DAST, and OSS scanning tools.
• Solid understanding of common software and web application security vulnerabilities.
• Knowledge of crypto primitives, authentication protocols, and authorization standards (Eg: SSL/TLS, SAML, OAuth, JWT tokens).
• Awareness of current and emerging DevSecOps technologies and practices.
• Awareness of regulatory/statutory compliance e.g. PCI, GDPR,CCPA,ISO 27001 & NIST 800-53, info-security.
• Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the company.

Minimum Qualifications

• 10+ years of experience in IT and business applications, systems, services.
• 5+ years experience of Agile leadership responsibilities cross-functional teams influencing senior-level management and key stakeholders.
• 5+ years experience managing and scaling services in cloud environments, specifically AWS.

WHY AUTOMOX

• At the top of the list is simply that you will have a voice and an impact on the success of Automox and on the security of customers like NASA, Xerox, Dollar Shave Club, TripAdvisor, GE Healthcare, and many more
• A strong proven leadership team backed by founders of Tenable, Carbon Black, RSA, AlienVault, Internet Security Systems, ThreatGrid, and Phantom Cyber along with world-class venture capital  
• Great downtown Boulder location - (walk to lunch!)
• Downtown Parking
• Free Eco Bus Pass - (office is right across the street from the Boulder bus station)
• Health/Dental/Vision/Insurance Benefits
• Participation in Automox Incentive Stock Option Plan
• Open vacation policy - (take what you need to stay energized)
• Standup desks, quiet spaces, and snacks and yes… coffee
• Rooftop deck and amazing views (we celebrate victories both big and small)
• Monthly team-building rituals (hikes, ice cream breaks, lunch and learns, cross-team opportunities)

WHAT WE NEED FROM YOU TO APPLY

• Current resume
• Cover letter/summary expressing:
• Why you are interested in working at Automox
• The skills, strengths, and expertise you will contribute to our diverse team