Insurance... sounds slow, old-fashioned, and unexciting. Exactly. Insurance is broken, and it's failing fast-moving, innovative startups.
Vouch is a new, technology-first insurance company backed with $160M in funding from world-class investors. Like Stripe for payments or Brex for credit cards, Vouch is creating the go-to business insurance for high-growth companies.
We're doing this by making insurance fast, responsive, and focused on our customers -high growth and innovative companies. Instead of printed PDF applications and week-long waits, Vouch is building new technology to solve real problems, writing policies that actually cover relevant startup scenarios, and designing simple experiences in an otherwise frustrating industry.
What does a work environment look like at Vouch?
Vouch is looking for a DevSecOps Engineer to add to our growing Security team. In this role, you will be the primary advisor to software developers at Vouch regarding secure development practices for infrastructure and software applications. You will provide security reviews for new feature proposals, project manage the remediation of vulnerabilities, and provide technical input during the software development lifecycle for Vouch applications.
- Define security requirements and improved to be included in the Vouch software development lifecycle
- Review software components for security issues and manage corrective actions
- Recommend product security features for Vouch applications
- Provide threat modeling for vouch applications and services
- Ensure that Security Design Principles are applied throughout the Software Development Lifecycle
- Develop documentation related to implementation of security tooling throughout the software development lifecycle
- Implement and manage new Static Application Software Testing for use by Developers
- Implement and manage Dynamic Application Software Testing for use by Developers
- Project manage external Penetration Testing engagements for Vouch applications
- Manage configurations for Security infrastructure (such as Web Application Firewalls, and/or Runtime Applications Self-Protection)
- Implement and improve application and infrastructure monitoring and logging
- Assist with Incident Response processes as needed
- 3+ years of experience working as Developer Operations (DevOps), Application Security (AppSec), or Digital Forensics and Incident Response (DFIR)
- 3+ years of secure software development or infrastructure security w/ emphasis on infrastructure as code and provisioning/updating automation in AWS (preferably w/ Terraform)
- Experience working in Vulnerability Management, Secure Configuration Management, Continuous Security Monitoring, Security Automation and Automated Response or similar technical security operations
- Proficient w/ Linux systems administration, network configuration, and shell scripting.
- Experience working with regulatory frameworks such as PCI DSS, CCPA, GDPR, SOX, FedRam or similar
- Experienced in communicating across technical and non-technical audiences
Nice to have:
- B.S. or higher in computer science, engineering, or related technical field of study
- Experience working in a financial services or insurance business
- SANS, CISSP, GSDC or similar security and privacy certifications
- Experience working directly with Legal, or Compliance teams
Vouch provides a number of benefits to help you bring your best self to work:
- Competitive compensation and equity packages
- Health, dental, and vision insurance
- Parental leave
- Flexible vacation time (Unlimited PTO)
- Wellness allowance ($80/month)
- Technology allowance ($100/month)
- Monthly Doordash credits ($80/month)
Vouch believes in putting our people first and building a diverse team is at the front of everything that we do. We welcome people from different backgrounds, experiences, and perspectives. We are an equal opportunity employer and celebrate the diversity of our growing team.
If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to email@example.com. #LI-Remote