Software Engineer, Security

| Greater Denver Area
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Software Engineer, Security at JumpCloud
Louisville, CO and Denver, CO and Remote

JumpCloud is seeking a progressive, cloud-focused, and experienced engineer who is passionate about security and truly understands how to design solutions to protect both JumpCloud’s infrastructure as well as our customers. The ideal candidate will have a passion for cybersecurity, threat analysis and detection, and developing/automating creative solutions. Additionally, we are looking for someone who can provide advice and expertise to our engineering team at large in order to maintain the highest level of security in our application from top to bottom. 
In this role, you'll be on the front lines of security audits, risk analysis, and vulnerability testing in all areas of JumpCloud with the number one priority of customer protection. Additionally, you will provide our feature development and devops teams with strategies and analysis on code-level security practices. We expect you to have a mindset of being methodically paranoid and curious, and continue to hone your skills to align the security risk management with business objectives.
You'll be backed by JumpCloud's Director of Security and CTO, the company’s leadership team, and a cross-functional team of skilled engineers from a variety of perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how JumpCloud functions on a technical and process level and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in helping keep JumpCloud secure and compliant, bringing security compliance findings to these teams and contributing to raising the security bar across the company.
  • Perform technical security assessments, code audits, and design reviews.
  • Develop technical solutions to help mitigate security vulnerabilities.
  • Advocate for security and secure practices throughout JumpCloud.
  • Conduct research to identify new attack vectors against JumpCloud's products and services.
  • Be involved in offensive security exercises.
  • Implement automation of vulnerability scanning and detection
  • Build and deploy automation for monitoring our infrastructure, application, and network
  • Assist in the development and enforcement of security policies and best practices
  • Mentor the entire JumpCloud team on security best practices
  • Evaluate and recommend new and emerging security products and technologies
  • Mitigate abusive activities such as botnets, DDoS, and spamming
  • Live and breathe all things security and be an advocate for customer trust and privacy protection
  • Instill a secure-by-design culture throughout the entire company by educating security best practices using effective principle-based persuasion techniques.
  • Design and create an automated security testing suite
  • Work with cross functional teams to build and vet threat models for each part of our product
  • Dogfood our product to enhance both internal security and the security of our customers
  • Maintain and ensure a robust PKI system across both internal operations and the product
  • Design and maintain threat detection capabilities and response
  • Develop training and education materials to help scale and deepen security knowledge within the organization
  • Build a CTF to engage JC developers on security and teach common exploit patterns
What you’ll be doing...
  • Ensure our applications are aligned with security requirements and designs
  • Proactively support work with the Engineering and Product Teams to help them understand security requirements and best practices
  • Ensure the Security Development Lifecycle parallels the Software Development Lifecycle
  • Assist and train Engineering in secure coding as they develop or modify their application code
  • Enhancing our current automated CI/CD pipeline testing
  • Conduct application risk assessments and audits using tools, technologies and methods
  • Performs application vulnerability testing for weaknesses and recommend corrections or remediate
  • Administer security tools such as baseline and attack surface analyzers, health checks, etc.
  • Runs internal red team exercises with other team members
  • Build out and monitor threat detection and analysis

We’re looking for a majority of any of the following…
  • Bachelor's Degree in Computer Science, Mathematics, or equivalent
  • 3+ years of professional experience in a security engineering role
  • Experience shipping production or customer facing code
  • Solid understanding of software design principles, cloud architecture, and secure web application design
  • Comprehensive understanding of secure coding practices, OWASP Top 10, common attack vectors and threat models for both on premise and cloud based applications
  • Understands application identity management fundamentals
  • Experience with static and dynamic vulnerability analysis, fuzzing, and tools like Metasploit
  • Experience using cloud platforms and their associated tooling is important (we are an AWS shop)
  • Knowledge of database security is a plus
  • Cryptography experience or knowledge a plus
  • Desire to advance and push the boundaries of application security
  • CSSLP, CISSP, OSCP, CEH, or other industry InfoSec certification(s) a plus
  • Knowledgeable in compliance frameworks and best practices a plus (ISO 27001, SOC 2, NIST, HIPAA, etc.)
  • Experience with version control; specifically Git and GitHub
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. 
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • PowerShellLanguages
    • Node.jsFrameworks
    • VueFrameworks
    • MongoDBDatabases
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • WordpressCMS
    • SalesforceCRM
    • MarketoLead Gen


We are located in the business park adjacent to the Home Depot off of McCaslin Boulevard in Louisville!

An Insider's view of JumpCloud

What’s the vibe like in the office?

A key trait for us is having an open, positive mind. We believe that taking the road less travelled - or at least exercising that path - will create new, different, and interesting ideas. We ask our teams to always consider the outside-of-the-box solution to a problem and encourage them to try those creative ideas.


VP of People

How do you collaborate with other teams in the company?

I work with multiple teams across the organization to highlight and recruit for openings at JumpCloud. We like to have a diverse group of people in our interview process. Hiring at pace is a huge goal for JumpCloud so it's essential for us to build connections with all of our stakeholders.


Manager, Talent Acquisition

What makes someone successful on your team?

My team members feel empowered to create, design and execute with a lot of freedom at JumpCloud. This enables them to take an active role in their career development and the development of other team members at JumpCloud.


Manager, Learning and Development

How do you make yourself accessible to the rest of the team?

I'm available pretty much anytime via email, Slack, phone, in person. More than the communication vehicles and time, I really like to dig in on projects with our teams. By working on important issues together as just another voice or hand to help, I think that helps the team feel that I'm accessible to them and there to help.



How do you make yourself accessible to the rest of the team?

One of the core roles in our engineering group is called pathfinder. They are constantly looking at different areas of our product and future plans and coming up with innovative new ways to achieve these. These engineers lead sessions with cross-functional teams on how to leverage their innovations for competitive advantage in the marketplace.



What are JumpCloud Perks + Benefits

JumpCloud Benefits Overview

JumpCloud offers

Friends outside of work
Eat lunch together
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Someone's primary function is managing the company’s diversity and inclusion initiatives
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
JumpCloud employees can contribute up to $2750.00 annually to their FSA.
Disability Insurance
Disability insurance covers 50% of annual salary up to $10000 monthly maximum payout.
Dental Benefits
Vision Benefits
Health Insurance Benefits
JumpCloud's health insurance policy covers up to ___% of out of pocket expenses.
Life Insurance
Life insurance is equal to 1 times an employee's annual salary.
Wellness Programs
Retirement & Stock Options Benefits
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
JumpCloud provides employees with a flexible work schedule that includes ___.
Family Medical Leave
Employees who have been with the company for 12 months are eligible for 12 weeks of family medical leave.
Return-to-work program post parental leave
Company sponsored family events
JumpCloud sponsors family oriented events Annually.
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
JumpCloud offers an unlimited PTO program to our team members.
Paid Holidays
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
JumpCloud hosts company outings Monthly.
Happy Hours
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Promote from within
More Jobs at JumpCloud14 open jobs
All Jobs
Data + Analytics
Dev + Engineer
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView JumpCloud's full profileSee more JumpCloud jobs