Staff Software Engineer, Platform Security at Turo

Toronto, Ontario, Canada

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Technology, SecurityIndustries

Requirements

Strong software engineering skills in Python, Go, Java, or similar languages with ability to write production-quality code, design APIs, build CLIs, and maintain services that other engineers depend on
Expert knowledge of AWS security (EC2, EKS, S3, IAM, CloudTrail, Organizations, KMS) with hands-on experience securing multi-account architectures and implementing least-privilege designs
Deep expertise in Kubernetes security including cluster hardening, workload isolation, RBAC, network policies, secrets management, admission controllers, and container runtime security at scale
Proficiency in infrastructure-as-code (Terraform, Helm, Kustomize) and GitOps workflows (ArgoCD, FluxCD) for declarative infrastructure with built-in security controls and policy enforcement
Experience building security tooling that developers actually use (CLIs, GitHub Actions, Slack bots) with focus on delightful developer experience and minimal friction
Strong CI/CD security expertise including supply chain security (dependency scanning, SBOM generation), secret management (OIDC federation, ephemeral credentials), and policy enforcement
Skilled at influencing without authority and the ability to convince engineering teams to adopt security practices through empathy, clear communication, and tools that make their jobs easier
Ability to signal risk effectively

Responsibilities

Write production-grade code to secure cloud infrastructure
Lead security initiatives through spec-driven development (PRDs/RFCs, SPADE framework), designing self-service security solutions using infrastructure-as-code (Terraform), GitOps workflows (ArgoCD, Kustomize), and CI/CD pipelines (GitHub Actions) that create "paved roads" making secure choices the easiest choices
Leverage AI-assisted development (Claude Code, AI agents, spec generation) to accelerate security engineering velocity, rapidly prototype solutions, debug complex systems, and maintain high-quality code
Serve as incident commander for P1/P2 security investigations, conducting forensics analysis, coordinating cross-functional response, and documenting post-mortems with actionable improvements
Partner with Core Platform Engineering and Platform Reliability Engineering teams to establish secure-by-default infrastructure patterns for Kubernetes workloads, container images, and cloud resources
Manage vulnerability remediation programs through zero-downtime deployments, coordinating security upgrades across production Kubernetes clusters while maintaining 100% service availability
Evaluate and integrate security tooling (CSPM, container scanning, SAST) with emphasis on automation and developer experience: building CLI wrappers, GitHub Actions workflows, and Slack integrations
Contribute to Platform Security roadmap through data-driven prioritization, security architecture reviews, threat modeling, and evidence-based investment decisions that balance protection with engineering velocity
Proactively identify opportunities to reduce technical security debt, eliminate manual toil through automation, and implement defense-in-depth strategies
Participate in security on-call rotation with well-documented runbooks, automated alerting (PagerDuty, Slack), and clear escalation workflows

Skills

Kubernetes

Terraform

GitOps

ArgoCD

Kustomize

GitHub Actions

CI/CD

Cloud Infrastructure

Infrastructure as Code

Container Security

Vulnerability Remediation

CSPM

Security Automation

Turo

Peer-to-peer car sharing platform for rentals

About Turo

Turo operates in the peer-to-peer car sharing market, allowing private car owners to rent out their vehicles to others. Car owners can list their vehicles on Turo’s platform, where they set their own rental prices and availability. Renters can browse these listings, select a vehicle that meets their needs, and book it for a specific time. Turo facilitates the transaction by providing insurance coverage and customer support, ensuring a smooth experience for both car owners and renters. The company earns revenue by taking a percentage of the rental fee, which aligns its interests with those of its users. Turo stands out from competitors by offering a diverse range of vehicles, including everyday cars, luxury, and specialty options. The goal of Turo is to provide a flexible and cost-effective alternative to traditional car rental services, leveraging the sharing economy to connect car owners with renters.

San Francisco, CaliforniaHeadquarters

2009Year Founded

$451.3MTotal Funding

POST_IPO_EQUITYCompany Stage

Automotive & Transportation, Consumer GoodsIndustries

1,001-5,000Employees

Risks

Negative incidents involving rented vehicles could damage Turo's reputation.

New competitors like ZEV co-op could capture market share with eco-friendly models.

Market volatility could impact Turo's IPO plans and investor confidence.

Differentiation

Turo offers a wide variety of vehicles, from everyday to luxury models.

The platform provides a cost-effective alternative to traditional car rental services.

Turo's commission-based model aligns its interests with users' successful transactions.

Upsides

Turo's partnership with United Airlines enhances customer acquisition and retention.

Expansion in Australia indicates potential for further international market penetration.

Winning the unitQ Quality Excellence Award highlights Turo's commitment to customer experience.

Land your dream remote job 3x faster with AI

Try Jobo Free