Infrastructure Security Engineer
Ibotta is looking for an Infrastructure Security Engineer to come build something great with us! As part of the engineering team, you will work on the systems and tools that power the platform behind the Ibotta app, which is used by millions of consumers. We are looking for a self-motivated engineer who has a passion for evangelizing DevSecOps culture and building out secure cloud infrastructure. Every engineer has input into our product process and will have a real impact as part of a small, nimble team.
What you’ll be doing:
- As a member of the Engineering Security team, drive DevSecOps culture across the entire technology organization, including Infrastructure, Product Development, and Data
- Implement security infrastructure using AWS, Terraform, Python, and Go
- Provide security expertise, guidance, and education to product development teams
- Establish security best practices for the use of AWS products such as EC2, S3, SQS, SNS, DynamoDB, RDS, and Lambda
- Consult and collaborate with Architecture, IT, CI/CD, Cloud Platform, Corporate Security, and Data Security teams to continuously evaluate and strengthen Ibotta’s security posture
What we’re looking for:
- Excellent verbal and written communication skills
- Working knowledge of *nix, bash/zsh scripting, Git, Go, Python, etc.
- Working knowledge of a cloud platform such as AWS, GCP, or Azure
- Working knowledge of role-based access control such as AWS IAM
- Experience with Infrastructure as Code such as Terraform, CloudFormation, Chef, etc.
- 3+ years of professional experience in cloud infrastructure and software development
- Bachelor’s degree (or equivalent experience) in Computer Science, Engineering or a related field
These are nice to have, but not required:
- Familiarity with AWS Organizations, Transit Gateway, WAF, and network security policy
- Experience with microservices and container orchestration, particularly Docker and Kubernetes
- Experience with platform development languages such as Ruby, Java, Node.js, etc.
- Knowledge of software design and architecture principles
- Scrum/Agile development experience
- Experience with security automation tools such as AWS Config, Twistlock, Clair, Prisma Cloud (RedLock)
What we value from great engineers:
You…
- Love to teach and learn from your co-workers
- Elevate teammates through kindness, empathy, and honesty
- Pursue continuous growth personally and professionally
- Understand that communication is an important part of engineering work
- Value pragmatism, incremental development, automation, and quality
- Respect diverse perspectives and enjoy collaborating with other engineers to solve problems
- Trust your teammates, and embrace healthy conflict and debate
About Us:
Headquartered in Denver, CO, Ibotta (“I bought a...“) is a free app that's transforming the shopping experience by making every purchase rewarding. The company partners with leading brands and retailers to offer real cash back on groceries, travel, electronics, clothing, gifts, home and office supplies, dining out, and much more. Ibotta is the ultimate starting point for savings, and having paid out more than $500 million in cash rewards to its Savers, it's no surprise why Ibotta is one of the most downloaded shopping apps in the United States
Learn more about Ibotta here: https://liferewarded.ibotta.com/press-and-media/
To learn more about what our Tech teams are doing day to day, visit Building Ibotta on Medium.com.
Additional Details:
- This position is located in Denver, CO and includes competitive pay, benefits package (including medical, dental, vision), 401k, commuter stipend, and equity.
- Ibotta provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, and genetics.
- Applicants must be currently authorized to work in the United States on a full-time basis.
- For the security of our employees and the business, all employees are responsible for the secure handling of data in accordance with our security policies, identifying and reporting phishing attempts, as well as reporting security incidents to the proper channels.