Sym is seeking a Security and Infrastructure Operations Engineer to help us build a safe and reliable platform that our customers can trust. Security and compliance is critical for every company, but as a security and compliance company ourselves, the bar is even higher. This role involves working closely with our CTO, our business operations team, our external auditors, and our customers to create and manage an effective security and compliance program.
About the team:
We’re a team of developers, engineering leaders, repeat founders, and nerds passionate about security & compliance. We’ve spent our careers helping the teams we support navigate complex regulatory landscapes, and think it’s time to solve this problem for everyone!
We care deeply about building a workforce and culture that is inclusive and equitable for people of all backgrounds and experiences. Because of this, we particularly encourage people from communities that tend to be underrepresented to apply, including women, people of color, and LGBTQ people.
As a team, we’re excited to help companies up their security and privacy game, without getting in their way. If you find this rapidly-growing space important and exciting, we can’t wait to hear from you! We also want you to know that you can be a great candidate even if you don't perfectly fit the mold we describe below… and you can have important skills we haven't even thought of yet. If that's you, don't hesitate to apply and tell us about yourself.
Some things about you that would make this a great role for you:
- You’ve led an organization through an audit before (SOC2, ISO27001) and know how to translate the compliance vocabulary into actions that engineers and ops people can implement.
- You like being front and center with customers during the vendor security review process.
- You are technically hands on. You’re comfortable navigating your way around AWS and can work with infrastructure as code tools to define and manage technical controls.
- You’re interested in improving all phases of the development lifecycle.
- You know the importance of getting some of that thankless compliance work done (entitlement reviews, patch management... that stuff). But you’re also motivated to figure out how to help us dogfood Sym to automate it away!
- The opportunity to help shape company strategy and culture of an early startup is exciting to you.
Things you may be working on in your first six months:
- Meet internal Sym compliance requirements and lead us through our external audits.
- Handle customer security questionnaires and vendor reviews.
- Work with the product team to develop ways to dogfood Sym to implement internal controls and workflows.
- Support tools and automation across the SDLC. Help with developer productivity tooling and tests.
- Venture into SRE work as time permits, in particular around streamlining/managing alerts and monitoring from internal systems.
- Handle corporate IT concerns, like laptop management and GSuite security settings.
- Manage cloud cost spend.
Sym helps engineers create the perfect security and privacy workflows for their teams. We provide the building blocks to roll out controls that match your team’s tools and processes, while ensuring you meet your compliance requirements.
We ship a Terraform provider and Python framework that lets infrastructure teams roll out templated, compliance-friendly security & privacy workflows to their organizations. This can help our customers achieve compliance with standards such as HIPAA and SOC 2.
We’re a venture-backed company with HQs in Boston and San Francisco. Our mission is to empower teams to build the best products in any compliance environment.