DevSecOps Engineer (Remote)

Overview:

The DevSecOps Engineer is a hands-on technical position responsible for designing, building, and operating a diverse set of cloud security controls and process automations.  In addition to internal security tasks, this role will work directly with the DevOps and SRE teams to improve security posture and tooling on the CI/CD pipeline, as well as cloud environments. While this role is in the Information Security organization, prior security experience is not required, however an interest or some experience in security concepts is a plus. 

The impact you'll make:

  • Design and build greenfield automations and solutions for the security team.
  • Assess infrastructure and application vulnerabilities, and take remediation actions as appropriate.
  • Ensure policies and standards are being properly applied throughout the entire organization.
  • Build pipelines supporting Continuous Delivery, SDLC Security tools.
  • Experience with SOAR platforms a plus
  • Collaborate with information security, SRE and engineering teams to identify Platform needs and issues with respect to security.
  • Container-based delivery (Docker) and serverless workflows (Lambda, Step-Functions). 
  • Operate and manage AWS IAM permissions based on defined roles and responsibilities.
  • Ensure tight security for an e-commerce platform including data encryption, security groups, environment scanning, etc. 
  • AWS resource provisioning and management (based on immutable compute resources) 
  • Micro-service support (service registry, service-to-service authentication, authorization, and auditing) 
  • Author Agile stories, estimate story points, assist with sprint planning and retrospectives 
  • Perform advanced security technical troubleshooting for cloud environments 
  • Participate in incident response exercises and continue documenting security and incident response procedures.

What you've accomplished:

  • 3 years combined experience in Software Engineering, DevOps, and/or Information Security.
  • Literacy in Python and/or other programming or scripting languages.
  • Knowledge of PCI, HIPPA. GDPR, CCPA, and other security-related standards and requirements is a plus but not required
  • Collaboration, drive, and open communication internally and across teams.
  • A passion for building innovative greenfield projects, with a focus on security.
  • Strong problem-solving skills, and the ability to apply it to foreign systems.
  • The ability to take an idea from concept to completion.
  • Knowledge and experience with typical DevOps and DevSecOps tooling (CI/CD tools, github, k8s, docker, linux, etc)
  • Experience deploying immutable infrastructure (terraform preferred)
  • Operationally savvy, experience with monitoring, alerting, and analyzing system metrics to identify problems and understanding system behavior specific to security concerns.
  • Production experience with public cloud (AWS preferred). 
  • Ability to work in a fast-paced, rapidly scaling environment.
  • Strong communication and collaboration skills. 
  • Security certifications such as CISSP, CCSP, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH) are a plus.

The base range for this position is $120,000.00- $130,000.00

2023 Benefits for Full Time, Regular Employees:

  • Medical, Dental & Vision benefits (effective Day 1):
    • Employee - employer paid premium 100%
    • For plans that offer coverage to your dependents, you pay a small contribution
  • Basic Life & AD&D - employer paid 1x salary up to $250,000
  • 401(k) Retirement Plan (with employer contribution)
  • PTO (3 weeks accrued); 5 sick days
  • Supplemental, voluntary benefits
    • Family planning/fertility -  including up to $10,000 towards cash-pay services
    • Student Loan Repayment/529 Education Savings - including a company contribution of up to $1,000/year
    • FSA (Medical, Dependent, Transit and Parking)
    • Voluntary Life Insurance
    • Critical Illness Insurance
    • Accident Insurance
    • Short- and long-term disability Insurance
    • Pet Insurance 
    • Company-paid identity theft protection
    • Legal services platform
  • Paid parental leave

Why Weedmaps?

  • You get an opportunity to shape the future of the cannabis industry
  • You get to play a meaningful role that impacts the wellbeing of others
  • Casual work environment, no fancy clothes required, but you are free to dress to the nines!
  • Generous PTO and company holidays
  • Numerous opportunities to learn and grow your professional skills
  • Endless opportunities to network and connect with other Weedmappers through speaker series, Employee Resource Groups, happy hours, team celebrations, game nights, and much more!

Weedmaps is an equal opportunity employer and makes employment decisions on the basis of merit. The Company prohibits unlawful discrimination against employees or applicants based on race (including traits historically associated with race, such as hair texture and protective hairstyles), religion and religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, military status, veteran status, uniformed service member status, sexual orientation, transgender identity, citizenship status, pregnancy, or any other consideration made unlawful by federal, state, or local laws. The Company also prohibits unlawful discrimination based on the perception that anyone has any of those characteristics, or is associated with a person who has or is perceived as having any of those characteristics. Our company uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify.

Applicants  are entitled to reasonable accommodations under the terms of the Americans with Disabilities Act and applicable state/local laws, unless the accommodation presents undue hardship. Please email us at peopleoperations at weedmaps.com if you would like to confidentially discuss a potential accommodation during the interview process.

About Weedmaps:

WM Technology, Inc.’s (Nasdaq: MAPS) mission is to power a transparent and inclusive global cannabis economy. Now in its second decade, WM Technology has been a driving force behind much of the legislative change we’ve seen in the past 10 years.

Founded in 2008, WM Technology, is a leading technology and software infrastructure provider to the cannabis industry, comprising a B2C platform, Weedmaps, and B2B software, WM Business. The cloud-based SaaS solutions from WM Business provide an end-to-end operating system for cannabis retailers. WM Business’ tools support compliance with the complex, disparate, and constantly evolving regulations applicable to the cannabis industry. Through its website and mobile apps, WM Technology provides consumers with the latest information about cannabis retailers, brands, and products, facilitating product discovery and driving engagement with our retail and brand customers.

WM Technology holds a strong belief in the power of cannabis and the importance of enabling safe, legal access to consumers worldwide. Since inception, WM Technology has worked tirelessly, not only to become the most comprehensive platform for consumers, but to build the software solutions that power businesses compliantly in the space, to advocate for legalization, social equity, and licensing in many jurisdictions, and to facilitate further learning through partnering with subject matter experts on providing detailed, accurate information about the plant.

Headquartered in Irvine, California, WM Technology supports remote work for all eligible employees. Visit us at www.weedmaps.com.

Notice to prospective Weedmaps job applicants:

Our team has been made aware of incidents involving LinkedIn, Telegram, and Facebook accounts impersonating Weedmaps recruiters. These individuals are attempting to use our company name to solicit payment from prospective candidates interested in applying for jobs at our company. Our team is actively working to combat these attempts, but in the meantime, please be mindful of the following:

  • Our recruiters will always communicate with candidates through an @weedmaps.com email address.
  • CORRECT: jlebowski@weedmaps.com
  • INCORRECT: jlebowski@gmail.com
  • Our recruiters will NEVER ask for or attempt to solicit payment from applicants in order to apply, interview, or work for Weedmaps.
  • If you are interested in a role at Weedmaps, please apply through our established channels.

If you are unsure if a communication is legitimate, please contact our recruitment team at talentops@weedmaps.com and they will happily confirm for you. Thank you for your vigilance and we appreciate your interest in working with us!  

#LI-REMOTE #WMFromAnywhere

Apply for this Job

* Required
resume chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Weedmaps’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Please reach out to our support team via our help center.