Location: Remote - US

Employment Type: Full-Time

Team: Technology Operations

Upgrade is a fintech unicorn founded in 2017. We are the fastest-growing company in the Americas (Financial Times). Our innovative Upgrade Card is the fastest-growing credit card in America (Nilson Report). Upgrade has been named a “Best Place to Work in the Bay Area” and received “Best Engineering Team", "Best Company for Women” and “Best Company for Diversity” awards from Comparably. Come join us if you like to tackle big problems and make a meaningful difference in people's lives.

This is a remote position based in the United States.

What You'll Do:

• Drive the security strategy governing the applications and cloud-based platform infrastructure.
• Collaborate with other infrastructure, DevOps, InfoSec and application engineers to understand the product, technology and business needs.
• Define and own guidance, alerts and security as code deployments to provide protection from malicious traffic, vulnerabilities and other attack vectors.
• Oversee building and maintaining an AWS cloud infrastructure architecture aligning security, compliance, performance and resilience.
• Own the management and remediation of identified security flaws within our development platforms.
• Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs.
• Architect procedures to automate security tasks which seamlessly integrate into code builds and deployments.
• Build security utilities and tools for internal use that enable the DevSecOps team to operate at high speed and wide scale.
• Develop security and compliance capabilities in support of DevOps processes.
• Create and maintain documentation for security systems.
• Participate in an on-call rotation for 24x7 support of security operations.
• Research security industry trends and best practices to share with the organization through presentations and training sessions.

What We Look For:

• At least 5+ years of relevant experience in modern Security DevOps space.
• Expert level understanding of security best practices for client-server product architectures for cloud-based deployments.
• In-depth knowledge of AWS services and hands-on experience.
• Experience in performing security vulnerability assessments, good familiarity with PCI and SOX.
• Knowledge of SSO methodologies (SAML, LDAPS, AD).
• Experience in DevOps environments and maintaining security in CI/CD processes.
• Experience in HashiCorp Vault.
• Experience with Kubernetes and containerized applications.
• Experience developing infrastructure as code (Terraform, Ansible).
• Experience designing processes around DevSecOps tools.
• Experience with cloud-based security management/IDS/IPS/SIEM tools (WAF, Inspector, GuardDuty, Twistlock, Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, Sumologic, Imperva etc).
• Knowledge of network based, system level, and application layer attacks and mitigation methods.
• Experience extracting security data from SIEM solutions, audit logs.
• Strong programming/scripting knowledge - Go, Python, Bash, etc.

Strong Plus:

• Experience in OOP, TDD, design patterns, data structures and software security.
• Experience with other IaaT platforms.
• One or more recognized security and cloud specific certifications (e.g. CCSP, SSCP, CISSP, CCSK, GWAP, AWS Solutions Architect).
• Strong experience with OWASP Top 10, NIST, Nessus, and Burp Suite

What We Offer You:

• Competitive salary and stock option plan.
• 100% paid coverage of medical, dental and vision insurance.
• Unlimited vacation.
• Learning stipend for personal growth and development.
• Paid parental leave.
• Health and wellness initiatives.

Interested in joining Upgrade but don't think this role is for you? Check out our careers page!

Interested in joining Upgrade but don't think this role is for you? Check out our careers page!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.