Senior Software Engineer, Security

The Team You’ll Work With

This role is on the Security Engineering team within Security. You will be working with the team to take on projects which gather results from many sources, automatically build security into our product, and enable teams to secure themselves. Our risk models put teams in charge of owning risk, making us a trusted partner and reporter. To complete this mission we need people who are passionate about software development and automation - security minded full stack software engineers. We believe in creating teams not rockstars, progress with a path to perfection, and create an environment that fosters research. We measure success not by how many bugs you find or tasks you complete, but by how much risk you reduce in the organization and how you work to improve the security of those around you.

We get to work in an environment that uses infrastructure-as-code, Kubernetes, role-based access, and with engineers who care about the integrity and security of our data.

The Problems You’ll Solve

Some of the problems you’ll help us solve are: 

1. Help improve the existing security staff tools ranges from organizational risk management, to audit and permission system that aims to better protect consumer data access 
2. Design, develop and integrate custom SDL tools to improve the usability of security  
3. Work across the full technology stack (e.g., AWS, Kubernetes, Docker, Helm, CircleCI, Jenkins, Datadog and gRPC, etc.) to solve security, privacy, and compliance issues
4. How do you encourage developers to continuously think about security using gamification and giving them results where they live - in the pipeline?
5. How do we change the application framework to make security the easiest path?

The Impact You'll Have

You will play a meaningful role in building Carta’s next-gen security development program, leading the technical conversation, making design decisions and building large-scale, complex software. You will work with different groups across the company to address a set of ambiguous security challenges by collecting and analyzing data, proposing solutions in the form of engineering designs based on the findings and own the delivery. Your work will span across technologies, stacks, and languages, and you’ll help ensure a safe and secure workplace for all Cartans.

About You

Roll-up-your sleeves, “swiss army knife” individual who is able to:

• Find non-standard ways to solve interesting problems
• Grow the skills and careers of software engineers on the security team
• Have knowledge of current security threats, trends, and mitigations
• Act as a force multiplier when driving projects in a collaborative environment
• Have interests in security and thinking about how things can go wrong
• Influence stakeholders across teams to get buy-in for your solution
• Break down complex projects into components or milestones that can easily be completed by other engineers
• Cross train others, including guiding and mentoring other developers
• Building new products from scratch and having the breadth and depth of skills to actually make it happen.
• Partner cross-functionally with teams that support rapid identification, incident response and mitigation of threats
• Have strong software engineering skills in languages such as Python, Java, Javascript, and Go
• Work with cloud-native architectures
• Create automation in higher level scripting languages (Python, Ruby, Javascript, etc.), bonus points for using AWS Lambda.
• Secure products built using containerization (specifically, Docker and Kubernetes)

 **Role can be based in NYC, SF, Seattle, Santa Clara or Remote