2 months ago
Job type: Full-time
Hiring from: USA Only
Category: DevOps / Sysadmin
Cockroach Labs is the team behind CockroachDB, an open source, distributed SQL database. We aim to build infrastructure that keeps pace with the world, so developers can focus on what matters most: building the best products. Join us on our mission to Make Data Easy. Are you ready to aim high and build to last?
Cockroach Labs is looking for a passionate and experienced individual to our cloud security efforts. This is a hands-on and multi-functional role where you’ll be working with different teams across the company on a variety of projects related to security. The position is a mix of technical application and infrastructure security, working with our database engineering teams and improving the security of CockroachDB and CockroachCloud products.
In this role, you’ll also have an opportunity to make a significant impact by helping establish the culture and practices for security engineering at Cockroach Labs.
- Work closely with the CockroachDB engineering teams to:
- Provide security reviews of application architecture and interfaces
- Identify and own projects to improve the overall security of CockroachDB
- Act as a subject matter expert on system and application security best practices
- Evangelize security practices within engineering teams
- Design and run a scalable and effective application security review process
- Assist with design and architecture for security-related features
- Support Incident Response for Cockroach Labs and customers
- Work with backend engineers to triage security issues in the codebase
- Support Cockroach Labs engineering infrastructure security through:
- CI/CD pipeline design support and reviews
- Application integration security reviews for production systems and interfaces
In your first 30 days, you will become an integrated member of our engineering team. You’ll become familiar with our production systems, software development workflow, and application architecture for CockroachDB and CockroachCloud. We believe that it's essential for you to take this first month to become familiar with our technology and our company.
In your second month, you’ll focus on gaining familiarity with our security challenges, focusing on security challenges in our dev tools and dev pipeline. You’ll contribute to our engineering team security culture by preparing a security-focused presentation to the engineering team.
In your third month, you’ll become a point person for a major security feature, providing code reviews for one or more significant CockroachDB features under development that have a security impact.
- Significant previous experience (5+ years) in an application or systems security role
- 3+ years of experience in a software development role OR in a production operations role
- 3+ years of hands-on experience with AWS or GCP
- Deep understanding of networking concepts and cloud security best practices
- Expert knowledge of application security and common application security vulnerabilities such as OWASP Top 10
Reporting to Ken Liu - Engineering Manager
Ken Liu is an experienced engineering leader, having managed engineering teams at several high-growth startups in NYC over the past 5 years. Prior, he worked in various industries as a software engineer including Novartis Pharmaceuticals, IEEE, and BMW. In his free time, he spends most of his energy keeping up with his two kids but occasionally likes to relive the 90s by rollerblading.
- 100% health insurance coverage (for you and your dependents!)
- Paid parental leave (with baby bucks)
- Flex Fridays
- Flexible time off & flexible hours
- Education reimbursement
- Relocation support
Cockroach Labs is proud to be an Equal Opportunity Employer building a diverse and inclusive workforce. If you need additional accommodations to feel comfortable during your interview process, please email us at firstname.lastname@example.org.
Before you apply, please check if any restrictions apply in terms of time zone or country.
This job has a geo-restriction in place: USA Only.
Please mention that you come from Remotive when applying for this job.
Does this job need an edit? 🙈