Spire is hiring a Staff Security Engineer to implement foundational state of the art security best practices, tooling, automation, and infrastructure to achieve comprehensive logging, monitoring, and alerting. You will be implementing modern identity and access management models, building security by default into our CI/CD pipelines, and serving as a subject matter expert (read: leet at Googling things) across our diverse engineering organization.
Ideally you’ll be co-located in Glasgow with the bulk of our platform-as-a-service (PaaS) team, and act as an expert resource in containerization and orchestration to our software PaaS and applications teams, ultimately helping to shape and implement the Spire Security Program. Spire is amenable to filling this role in San Francisco, CA or remotely within the United States.
Our team’s approach is centered around managing risk and achieving compliance through automation rather than procedures, and through DevSecOps tooling rather than by security decrees. You’ll navigate and actualize the Spire Security Controls considering both security and engineering velocity, and help guide teams through software architecture and implementation, operational concerns, and documentation.
We are looking for someone who’s excited about security, data, space, and likes to move fast, iterate quickly, and work with small, global autonomous teams of highly capable people that care deeply about what they do.
Responsibilities of your role:
- Integrate security technologies and best practices into everything we build, from infrastructure and automation to containers and ground stations
- Shape a high-speed security strategy based on velocity and efficiency-oriented DevSecOps
- Partner with the PaaS team to help shape and implement their roadmap for CI/CD, Kubernetes, secrets management, networking; all of which producing actionable security telemetry
- Partner with developers that use the software platform to help shape and implement their application roadmaps, ensuring that security is baked in from the start
- Act as hands on expert resource throughout design, code review, and implementation of security systems across the engineering organization, including satellites in orbit right now
- Design and implement security controls and user-friendly enforcement and guardrails
- 5+ years working experience in software engineering
- Computer science degree or equivalent work
- Experience with the cloud, including networking, zero-trust, secrets management, IAM, containerization and orchestration, and encryption (at rest and in transit)
Preferred Qualifications / Experience:
- Excellent communication skills
- Demonstrated history and willingness to solve security problems hands-on at the code level
- Deep understanding of cloud infrastructure and security, both conceptually and hands-on
- Deep knowledge of cloud and infrastructure-as-code tooling such as Kubernetes, Terraform, Vault, etcd, Istio, Ansible, Chef
- Hands-on experience with container security including profiling containers and implementing AppArmor, Falco, and similar tooling
- Proven experience implementing security controls in a previous role
- Development in Go, Java, and Python
- Highly detailed-oriented and completeness driven
- Comfortable with iterating and re-evaluating projects and plans as needs evolve
- Drive to teach yourself and explore the cutting edge in security and incorporating it into your work; see the big picture, understand where the world is heading, and instinctively know the right way to do things in support of the business we are building together
- Ability to enact change gracefully by default; inspiring people to want to contribute to and collaborate on security through teaching and individual contributions, rather than by hitting people over the head