Staff Product Security Engineer, Cloud Infrastructure - Worldwide
We created Upside to help communities thrive! Our retail technology uses the sophistication of online retail—profit measurement, attribution, and incrementality—to provide users with more value on their everyday purchases and brick and mortar businesses with new, profitable customers. We’ve helped millions of users earn 2 to 3 times more cash back than any other product, and tens of thousands of brick and mortar businesses earn measurable profit. Billions of dollars in commerce run through the Upside platform every year, and that value goes directly back to our local retailers, the consumers they serve, and towards important sustainability initiatives.
Upside was named on Deloitte's 2021 2022 list of Fastest Growing 500 Tech Companies and #308 in Inc.’s America’s fastest growing private companies of 2022. Upside’s Series D funding round was led by General Catalyst with a $1.5 billion valuation in March 2022. Other notable investors include Bessemer Ventures and Formation8.
Our mission, values, and commitment to inclusivity guide our team of more than 350 people worldwide, and the quality of our culture is reflected in the impact we’ve had on communities nationwide. But don’t just take our word for it! In 2023, Upside was included as a Top Workplace in the USA, received six Best Places to Work awards from Built In, and was named a Top Workplace for Perks Culture by The Muse.
Meet the Information Security team:
The Upside InfoSec team is a tight-knit group that has successfully implemented security standards across the company. We anticipate growth for the company and that means growth for us! We believe partnership and teamwork are the best paths to building awareness and scaling security concerns across the entire organization.
About the job:
The Senior Software Engineer II, Infrastructure Security will build relationships with technology stakeholders and leverage CloudSec tools to identify and remediate cloud vulnerabilities. This is an individual contributor role that will increase our cloud security posture and enable our engineers to code safely.
What you’ll do:
- Deliver CloudSec solutions that mitigate AWS infrastructure vulnerabilities
- Engage technology teams to review, document and communicate risks
- Provide technical guidance and mentorship to other security engineers
- Run IAC security scans and partner with engineers to fix unsafe code
- Ensure compliance with relevant security regulations and standards
- Interact with the security community and keep aware of trends
What you need:
- 6+ years of cloud security inclusive of fixing code in Terraform, Python or Java
- Knowledge of Lambda and DynamoDB security architecture and AWS IAM
- Bachelor’s degree in Computer Science or Engineering highly preferred
- Willingness to learn, adapt, fail and grow (professional growth mindset)
- Background in DevSecOps and Network Engineering preferred
- Advanced customer service and people skills
Our technology stack:
- AWS Lambda
- Python and Java
- Terraform (HCL)
- Github Advanced Security
- Github Actions
The fine print:
- Location: This is a fully-remote role that may sit anywhere in the United States. You're welcome to work from our DC, Austin, Chicago or New York office if you're in-region!
- Notice to recruiters and placement agencies: This is an in-house search with a dedicated recruiter. Please do not submit resumes to any person or email address at Upside. Upside is not liable for, and will not pay, placement fees for candidates submitted by any party or agency other than its approved recruitment partners.
At Upside, we believe that diversity drives innovation. Our differences are what makes us stronger. We‘re passionate about building a workplace that represents a variety of backgrounds, skills, and perspectives and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Everyone is welcome here. Come join us!
Originally posted on Himalayas