InfoSec Specialist (Fully Remote)

Posted 3 years ago
Stack Overflow

Documo builds document software solutions that help businesses streamline document processes. We make working with documents easy, more secure, and friendly towards our planet. We want to help drive mass adoption of paperless document technologies. We believe the way to do this is to build amazing products that solve and improve every aspect of document workflow. We couple that with our passion for customer success and our meticulous attention to design and user experience. We build solutions that are secure, easy to use, and improve business efficiency.

Overview

We are looking for a InfoSec Specialist that has experience with an early stage cyber security team and experience with Google cloud - Someone with Devops experience is preferred. The InfoSec Specialist will ensure that all products and services developed by our company follow best practices while assisting in the development process of new products. This role ensures we follow architectural procedures and application design throughout the SDLC and in cross-functional environments.

Responsibilities

  • Oversee and influence architectural procedures and application design throughout the SDLC and in cross-functional environments.
  • Maintenance responsibilities include but are not limited to container clusters, servers, databases, and directory access.
  • Maintain privilege separation between different user roles and will regularly audit and perform security tests for company resources.
  • Work to remediate any areas that are found to be outside of security policy.
  • Interface with DevOps Engineers to ensure the protection of our infrastructure, manage credentials services, and build and maintain a centralized directory service.
  • Interface and manage external security services vendors.
  • Manage our response to customer security assessments, interfacing with customer security teams as needed to address questions, and discuss our security programs.
  • Lead or participate in other assigned projects as needed.

Requirements

  • 5+ years server administration experience in Linux/Unix, RDBMS, cloud environments, and directory services.
  • 4+ years experience with security auditing tools and reporting.
  • 2+ years experience implementing SSO solutions for maintaining consistent and secure credential management.
  • 2+ years experience managing security for Kubernetes/ECS/Docker Swarm clusters.
  • Expert knowledge in HIPPA, GDPR, PCI, FERPA, other compliance, and governance.
  • Experience managing Cloud resources in AWS, Google Cloud and Azure.

*Note: As a fully distributed company, we are open to hiring anywhere, however, the work hours for this position are during USA business hours

What you'll get

  • Competitive salary and benefits (medical, dental, vision, 401k with match) *must reside in USA to receive benefits
  • Work with a small distributed team that love what they do
  • The ability to work from wherever makes you happy
  • Work for a fast-growing technology company with a supportive, inclusive, and fun culture

We encourage you to apply!

At Documo, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of ancestry, race, place of origin, political belief, religion, marital status, family status, physical or mental disability, sex, sexual orientation, gender identity or expression, age, or any other characteristic protected by law. Documo is an equal opportunity employer.

Documo is on a mission to help businesses digitize their document workflow. We're a fast-growing B2B SaaS company that places a high value on culture and delighting our customers. We make working with documents easy, more secure, and friendly towards our planet. We're looking to add a Director of Sales to our fast-growing, fully distributed team.