As the leading workforce management solution for the skilled trades, Workrise makes it easier for skilled laborers to find work, and for companies to find in-demand workers. Workrise currently operates in wind, solar, construction, oil and gas, and defense industries. We’re growing, and we’d love to learn what you can add to our team!
Workrise is hiring a Security Engineer with a focus on security operations that will be responsible for automating the security functions for our distributed environments. Our ideal candidate for this role will be someone who has experience working in multiple cloud environments, collecting telemetry from an engineering function, and building internal data sources that support the needs of the security backend. This role maintains the integrity of our cloud environments by leveraging infrastructure as code, automated workflows, and custom services that protect against both internal and external threats.
Why Join us? Our Security Engineering team at Workrise is helping to build a modern and scalable platform for the future of the skilled labor workforce. You will be owning a large portion of the security technical practices that focuses on securing our cloud infrastructure through SAST/DAST analysis tools, secure code practices, threat modeling, and detailed analysis. Ideal candidates will support several product and platform teams.
What you’ll be doing:
- Partnering and collaborating with our engineering organization to foster modern security practices and culture.
- Automate security testing within our continuous integration and delivery pipelines.
- Automate system and service configuration management capabilities by enabling repeatable and standardized playbooks.
- Centralize user identity, audit, and access control services to provide holistic visibility.
- Build tools, services, and data sources to support security infrastructure and research.
- Contributing to open source projects, and help to review open source contributions from Workrise engineering
- Work with 3rd parties, legal, and privacy teams during audits, governance activities, and examinations.
- Secrets management centralization and enforcement.
What you should have:
- Bachelor’s degree in Computer Science, Engineering or related field or equivalent experience
- Minimum of 5 years technical professional experience in a security or software Engineering Discipline
- 2+ years of experience in cloud security, secure application design, bug bounties,, and secure coding practices.
- 2+ years working in a cloud environment (AWS, GCP, or Azure)
- 2+ years working with container orchestration services (ECS, K8’s, Cloud Run)
- 2+ years experience working container orchestration overlay networks such as Isito and facilitating policy frameworks such as Open Policy Agent (OPA).
- Demonstrated experience within the security community on open source projects, bug bounty submissions, or similar contributions
- Experience leveraging SAST/DAST tools
- Experience with virtualization & container security practices
- Experience with CI/CD tools such as CircleCI, Jenkins, Github webhooks
- Solid understanding of CVSS or other threat modeling frameworks
- Experience with the OWASP Top 10 and common application exploits, and techniques.
- Experience with RBAC and IAM access control techniques
- Exposure to security and compliance, and privacy frameworks such as GDPR, CCPA, ISO27001, NIST CSF
More than a job:
At Workrise you can feel good about your work and furthering our mission to serve those who do the hard work. We recognize that making an impact matters to you and we believe in providing an environment that fosters that ambition. We welcome you to develop relationships with coworkers by displaying our company values: Own the Mission, Learn and Grow, Solutions Over Ego, and Raise the Bar. In appreciation for your contributions, we support you with various health insurance plan options (including medical, dental, vision), flexible paid time off, and competitive 401k matching.
As a world-class employer, Workrise is committed to providing an environment where any and all people feel welcome, respected, and free to be their authentic selves. We welcome applicants of all gender identities, sexual orientation, educational background, religion, ethnicities, veteran status, and citizenships. We’d love to learn what you can add to our team!
Who we are:
In 2014, we set out to create a better way to get work done in the Oil & Gas industry. The goal — to build the most reliable and cost-effective workforce solution, using technology to make it easier to manage and deploy workers at scale. Over time, we’ve grown to serve construction, wind, solar, and defense.
We’re a Series E startup, backed by industry-leading investors Founders Fund, Bedrock Capital, Andreesen Horowitz, Baillie Gifford. To date, we’ve placed over 26,000 skilled tradespeople with over 500 businesses and are poised to grow exponentially over the coming months and years.
We’d love to share more through the interview process!