We’re an early stage, funded startup focused on helping organizations improve their security posture. We build easy-to-use tools that make it harder for attackers to exploit the people within an organization.
Our flagship product is focused on helping organizations run email phishing campaigns against their own employees. This lets organizations assess their risk levels while also providing insight as to what type of training might be necessary for their organization.
We are a growing company and can promise you the following:
- A diverse organization.
- A safe workplace with zero tolerance for discrimination and harassment of any kind.
- A solid workstation; your choice of a Linux, Mac, or Windows laptop.
- A 100% remote and balanced work life. We actually prefer you don't work for more than 40 hours a week. We don't have VCs or other outside entities to answer to, and we rather our people have a balanced life than no life.
- Flexible scheduling. Early riser? Night owl? No problem. We maintain an overlapping 3-hour window for synchronous work. Other than that, work any hours that work for you!
- We're a tight-knit group and we value each other. Your voice will carry the same weight as anyone else.
- You'll have dedicated time to learn, and a budget to pay for it.
We are looking for a senior infrastructure engineer, with deep AWS experience, who feels comfortable with new project implementation. Prior experience with serverless architectures is ideal.
The ideal candidate has experience with programmatically managing AWS infrastructure. We currently use Serverless Framework and Terraform.
ZibaSec's Core Software Beliefs
- Testing is important: Untested code does not get shipped...but hitting 100% unit test coverage can be detrimental to productivity for no or very little gain; it's about the right balance. We're more fond of integration and end-to-end testing.
- Git activity != actual productivity: Developers need time to debug locally, research, and learn.
- Continuous Deployment: When code is ready, passes tests, it should make it into production within minutes.
- Readability > clever code: Slick code isn't so slick if it's hard to grok.
- Continuous Improvement: Everything can be improved and nobody knows any code, stack, framework perfectly; there is always room to learn and improve. In fact, we'll provide you with a budget that you can spend on learning (conferences, courses, etc).
- Dogma is bad: Some method, technique, etc., may have been the right answer 100 times, but on the 101st time it's possible that another way could be the best path.
Open Source is crucial: As a company, we're very involved with open source, we are active consumers and contributors to multiple projects. We feel so strongly about this that if we find that a particular internal library could be beneficial to the outside world, then we take the time to package it up and open source it as a standalone library (we did exactly this for a Django SAML2 authentication back end).
You must be a US Citizen or permanent resident. Our products serve US government customers and at this time we cannot hire US territory residents, or non-US persons.
- Comfort with proposing technical plans for new projects, and implementing new infrastructure
- Experience in creating, deploying, and maintaining production serverless (or distributed) infrastructures, ideally in an AWS environment
- Strong communication skills
- Strong working knowledge of git and GitHub
- A desire to learn about infosec concepts like social engineering
We are looking for proficiency in Python. Experience with any of the following is an additional asset:
- Working with the AWS SDK
- Infrastructure as Code
- Writing CLIs
- CI/CD architectures including developing CI-server workflows
- Terraform (or something similar like Ansible, etc)
We’d be especially interested in you if you have:
- Contributed to any infrastructure or security automation project in the open source world
- Built systems around observability and tracing
- Knowledge on Chaos engineering concepts and theory
- Fought and won battles against AWS Lambda + AWS API Gateway
- Worked under the constraints of FedRAMP
$180,000 — $180,000