Senior DevOps Engineer (Security) - remote

Thinkific
Posted 3 years ago
We’d love to put your mind at ease while looking for a new opportunity during a pandemic.
Read about
how we’re supporting #TeamThinkific during COVID-19 and how we’ve transitioned to working remotely.

**This role is for someone living in Canada who wants to join our fast-growing engineering team but does not wish to relocate. We are looking to expand the Thinkific team beyond Vancouver to reach awesome candidates across Canada. Please only apply if you are legally able to work in Canada and are comfortable working remotely.**

Are you passionate about security? Do you understand the importance of securing customer data, applications, and infrastructure from growing cybersecurity threats?  For you, it’s not just about the immediate security threats, but also about staying up-to-date in your field and planning for threats on the horizon. You’re looking for a big challenge that holds big opportunities—and you’ll find that at Thinkific!

As a Senior DevOps Engineer (Security) at Thinkific, you will play an important role in the delivery of an exceptional customer experience all around the world, while keeping security top of mind. You’ll leverage your experience within the security space to work closely with our Trust, Product, and Engineering teams to assess and remediate risk, as well as design and support new security-related processes within our SDLC. You will maintain an understanding of and defend against latest threats. Everyone here does work—you’ll not only be responsible for coming up with the high-level strategy—you'll also help execute.

In this role, you will:
  • Work directly with our Security, IT, Product, and Engineering teams to implement security best practices across our infrastructure and applications
  • Secure our infrastructure and applications in Amazon Web Services (AWS), while leveraging automation and best practices
  • Secure our Software Development Life Cycle by participating in and continuously improving security-related phases of the cycle based on feedback
  • Maintain an understanding of the latest cybersecurity threats and implement best practices for protection
  • Support and contribute to our internal security policies and processes to ensure company and employee data is secure
  • Be a subject matter expert, contributing to company compliance efforts with regards to meeting security objectives (i.e. reporting, dashboarding, participating in audits, etc.)
  • Act as a first responder for security-related incidents

To be successful in this role, you must:
  • Have 2+ years of experience as a DevSecOps Engineer working in AWS, Google, or Azure
  • Have 5+ years of experience in a security engineering position
  • Possess strong experience securing infrastructure in AWS (IAM, VPC, Route 53, ELB, EC2, Lambda, RDS, Redshift, Elasticache, S3, Cloudtrail, GuardDuty, Kubernetes, etc.) via automation (Terraform, Ansible, Lambda, etc.)  or direct equivalent services  in other PaaS providers
  • Be experienced in  securing web applications (OWASP)
  • Have experience writing security-focused tests in languages such as CodeQL, writing and maintaining policy-as-code practices
  • Be an expert in administering linux-based systems, and have firm knowledge of threat modelling and risk assessment techniques within the shared responsibility mode
  • Have previously implemented security monitoring, logging, and alerting, as well as have working knowledge of containerized environments (i.e. Docker)
  • Independently work as part of a distributed team, managing your own time in a remote-first environment

You might be the person we’re looking for if you:
  • Are eager to learn and grow—you’ve likely had some post-secondary education, continue to seek opportunities to level up your skills, or have equivalent professional experience in a similar role
  • Have 7+ years of experience in an IT team
  • Possess knowledge of Continuous Integration (CI) tools
  • Are experienced in securing critical production environments which contain hundreds of servers
  • Have previous experience in running and automating vulnerability scanning systems like Qualys, Tenable (Nessus), Rapid7 (Nexpose), etc. 

Bonus points if you:
  • Are experienced in working in a PCI compliant software development environment
  • Possess security-related certifications (AWS Certified Security - Specialty, CISSP, CSSLP, CCSP, CCSK, etc)
  • Have participated in security-related roles within the SDLC, and have supported compliance efforts
  • Have experience in securing REST and GraphQL APIs, as well as programming knowledge in in Ruby, Golang, or Javascript
  • Are familiar with Atlassian products (JIRA, Confluence)

About us:

We’re about the results of online learning and the people along the way! Thinkific is a software platform that enables entrepreneurs to create, market, sell, and deliver their own online courses.

Our mission is no less than to revolutionize the way people learn and earn online by giving them the tools they need to turn their expertise into a sustainable business that impacts both them and their audience. We believe in meaningful, innovative work: we're building and expanding an incredible product that empowers course creators around the globe while working collaboratively to learn and succeed together. Together, we’ve served over 40,000 course creators and more than 10 million students, and these numbers are growing each day! 


Why we think you’ll like working with us:
  • Read What to Expect when Applying at Thinkific to learn about our hiring process (and how we put candidates first!)
  • Be part of a team of incredibly talented, passionate, and driven people focused on building and innovating on a best-in-class learning platform
  • Make an impact with your work—each person has an equal opportunity to contribute to our goals and every day, we get to see how Thinkific is empowering both course creators and their students
  • Join one of the fastest-growing companies in Vancouver and find opportunities to grow in your own career—offering advancement opportunities for our team members is important to us!
  • Contribute to Thinkific’s award-winning culture—we’re one of Canada’s Most Admired Corporate Culturesand a certified Great Place to Work!
  • We offer competitive salaries, a comprehensive benefits package including health, dental, and vision coverage, and an Employee and Family Assistance Program to support the wellbeing of you and your family
  • Get additional health and wellness support through a lifestyle or health spending account to put your dollars where you need it most
  • Enjoy our open vacation policy and flexible work environment, because we know the importance of having a great work-life balance (and sometimes, you do your best work in slippers)
  • Learn and Grow is one of our values and we take it seriously, providing opportunities through lunch and learns, training, workshops, mentorship, and our $1500 education allowance
  • Our team spends time together outside of work, too—we have board game nights, have gone rock climbing, hosted family BBQs, a weekly cookie club (that’s right!), and each year, we host an annual retreat on Gambier Island
  • Grow your career AND your family at Thinkific—you’ll be taken care of with our parental leave top-ups as you add to your family
  • Our office is close to major transit routes, bike-friendly, and centrally located at the intersection of some of Vancouver’s coolest neighborhoods 
  • Stay fuelled with healthy snacks, free coffee and tea, kombucha, and the occasional Friday beer and cider
  • Hang out with the @dogsofthinkific (and yes, they’re as cute and cuddly as they look)
  • Work with the hardware you’re most comfortable with, and upgrade or replace your system when you need to with our technology bonus 
  • Stay fit with subsidized gym access or by joining one of Thinkific’s sports teams
  • Be confident bringing your whole self to work—we’re proud to be an inclusive company with a diverse team and values grounded in ethics and equality
  • Thinkific welcomes all applicants regardless of race, gender, orientation, sexual identity, economic class, ability, disability, age, religious beliefs or disbeliefs, or status. We believe that different perspectives and backgrounds are what make a company flourish and we welcome you!

This is an incredible role for the right candidate. We can’t wait to meet you!