Senior DevSecOps Engineer
Upgrade is a fintech company that provides affordable and responsible credit, mobile banking, and payment products to everyday consumers. We were the fastest growing company in the Americas last year according to the Financial Times and Upgrade Card was the fastest growing credit card in America. We have delivered over $21 billion in affordable and responsible credit over the last 5 years. The company is backed by some of the most prominent technology investors and was recently valued at $6.3B.
We have built an energizing, collaborative and inclusive culture where team members help each other, learn and innovate to move the company and its customers in the right direction, and own the outcome of their efforts.
Upgrade has been named a “Best Place to Work in the Bay Area” three years in a row, “Top Companies to work for in Arizona” and one of the "Best Engineering Department" awarded annually by Comparably. We've also received recognition for being a best company for Diversity, Women, Culture, and Veterans.
We are looking for new team members who get excited about designing and delivering new and better products to join a team of 1500 talented and dedicated professionals. Come join us if you like to tackle big problems and make a meaningful difference in people's lives.
What You’ll Do:
- Collaborate on the security strategy governing cloud-based platform infrastructure, PaaS/SaaS solutions, and internal applications and tooling.
- Collaborate with other infrastructure, DevOps, InfoSec/application engineers, and compliance to understand the product, technology and business needs.
- Engage our managed Security Operations Center team to improve queries, detection, playbooks, etc.
- Define and own guidance, alerts and security as code deployments to provide protection from malicious traffic, vulnerabilities and other attack vectors.
- Oversee building and maintaining an AWS cloud infrastructure architecture aligning security, compliance, performance and resilience.
- Architect security over PaaS/SaaS environments and ensure they are being properly monitored and configured.
- Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs.
- Build security utilities and tools for internal use that enable the DevSecOps team to operate at high speed and wide scale.
- Create and maintain documentation for security systems.
- Participate in an on-call rotation for 24x7 support of security operations.
What We Look For:
- At least 5+ years of relevant experience in a modern security environment.
- Experience with cloud-based security management/IDS/IPS/SIEM tools (WAF, Inspector, GuardDuty, Twistlock, Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, Sumologic, Imperva etc).
- Experience parsing security data from SIEM solutions, audit logs.
- Experience developing use cases for identifying potential threats from log sources.
- Understanding of security best practices for client-server product architectures for cloud-based deployments.
- In-depth knowledge of AWS services and hands-on experience.
- Experience in DevOps environments and deploying using CI/CD processes.
- Experience developing infrastructure as code (Terraform, Ansible).
- Knowledge of network based, system level, and application layer attacks and mitigation methods.
- Strong programming/scripting knowledge - Go, Python, Bash, etc.
Nice to Have:
- Experience with Kubernetes and containerized applications.
- Experience in OOP, TDD, design patterns, data structures and software security.
- Experience in performing security vulnerability assessments,
- Familiarity with PCI, SOC2 and SOX.
- Knowledge of SSO methodologies (SAML, OIDC).
- Experience with Sumologic and its SIEM service
- Experience designing processes around DevSecOps tools.
- Experience with other IaaS platforms (GCP, Azure, etc.).
- One or more recognized security and cloud specific certifications (e.g. CCSP, SSCP, CISSP, CCSK, GWAP, AWS Solutions Architect).
What We Offer You:
- Competitive salary and stock option plan
- 100% paid coverage of medical, dental and vision insurance
- Flexible PTO
- Opportunities for professional growth and development
- Paid parental leave
- Health & wellness initiatives
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.