[Remote] Staff Security Engineer, DevSecOps - United States at JumpCloud

Atlanta, Georgia, United States

Apply Now

Not SpecifiedCompensation

Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Cloud Security, DevSecOps, Identity and Access ManagementIndustries

Requirements

Candidates must have 7-10 years of experience in security engineering, with a strong background in software development and architecture. Extensive production experience with AWS or GCP, including networking, workload security, and IAM management, is required. Proficiency in Golang, Terraform (HCL), Kubernetes, and CI/CD tools like GitHub Actions is essential. Exceptional written and oral communication skills, with the ability to lead cross-functional projects, are necessary. Expertise in Product Security (ProdSec), threat modeling, secure architecture design/review, or authentication protocols is also required. Experience with Open Policy Agent (OPA), open-source security tools, data pipeline tooling, certificate infrastructure, distributed systems, or core OS APIs is a plus. Availability for on-call duties and willingness to support the Security Operations team during incidents are mandatory.

Responsibilities

The Staff Security Engineer will lead the design and maintenance of infrastructure, including custom software and vendor integrations, to meet advanced security needs for Product and Infrastructure Security. They will develop and implement policy enforcement automation and comprehensive reporting systems, and set up data ingestion for SIEM or other tooling. Collaboration with DevOps and Developer Enablement teams globally to embed security best practices and establish guardrails for developers is expected. Conducting and overseeing threat model reviews of product features and architectures, and providing strategic guidance are key duties. Mentoring and guiding service/feature teams in secure software design principles is also part of the role.

Skills

DevSecOps

Infrastructure

Automation

Security Monitoring

Vulnerability Management

Cloud Security

Policy Enforcement

SIEM

Threat Modeling

Secure Software Design

Python

CI/CD

AWS

GCP

Azure

JumpCloud

Cloud-based identity and access management services

About JumpCloud

JumpCloud offers cloud-based directory services that help businesses manage user identities and access to IT resources like applications, networks, and devices from a single platform. It serves a variety of clients, including small and medium-sized businesses and larger enterprises, particularly in sectors that require strong IT security. The company operates on a subscription model with different service tiers, allowing clients to choose features that fit their needs and budgets. JumpCloud's goal is to simplify identity management and access control, enhancing security and operational efficiency for its users.

Louisville, ColoradoHeadquarters

2012Year Founded

$371.3MTotal Funding

SERIES_FCompany Stage

Enterprise Software, CybersecurityIndustries

501-1,000Employees