\nAs a Senior Staff DevSecOps Engineer, you’ll be responsible for protecting and securing Voltron Data. You'll work as a Tech Lead specializing in DevSecOps on the SecOps team and be responsible for corporate security and compliance initiatives within the company. You will be responsible for the research, architecture, development, and delivery of these focus areas and other security initiatives, either working solo or with other members of the SecOps team. Importantly, we are looking for a Security Engineer who does not work in silos and is willing to share knowledge and responsibilities with other team members, collaborating with DevOps, IT, and engineering teams for security initiatives. This includes working directly with project development teams and others to enable successful project implementation by applying the recommended security tools, technologies, and techniques.\n\nNOTE: There will be an expectation of rolling incident response schedule sharing as a part of this role. This will be a shared responsibility with other SecOps and IT members.\nImportant Notes\n\n\n* Due to some client commitments, we require this position to be a US Citizen.\n\n* While the company is remote worldwide, hiring for this position will be focused around the Northeast region (Boston to DC) of the United States, with the aim of hiring in either the NYC or Pittsburgh areas.\n\n* Additionally, you must have previous experience working at startups, with a preference for experience at an early-stage startup. Experience working with engineering teams within a software development firm is strongly preferred.\n\n* There will be an expectation of rolling incident response schedule sharing as a part of this role. This will be a shared responsibility with other SecOps and IT members.\n\n\n\nRole Expectations\n\nAs a DevSecOps-focused Senior Staff Security Engineer, you will be responsible for performing the following:\n\n\n* Security Execution\n\n\n\n* My work demonstrates broad and deep security domain expertise, and I successfully apply it across technology domains (e.g. software, networking, risk management, operating systems, etc.) to realize cross-functional security objectives and drive the maturity of the security team overall.\n\n* I independently and proactively identify areas of security risk and future needs, reach out to the relevant teams, collaboratively design solutions to that risk, and successfully implement them sustainably that “permanently” reduce risk across entire classes of threats.\n\n* I design, deliver, and drive solutions for significantly complex security and risk problems across Voltron Data organizations.\n\n* I split my time into different areas, such as security solution design and/or security architecture, based on where my skills have the greatest impact (or in response to a security problem).\n\n* I deliver solutions resistant to erosion of security controls over time and integrate ongoing testing strategies as part of the foundational design\n\n* I own the response to extraordinary or otherwise sensitive security incidents.\n\n* I adapt my role to the needs of an initiative, the security team, or a cross-functional partner team over time.\n\n* I understand that technology, threats, and responses evolve and drive that evolution to create opportunities to improve security across Voltron Data.\n\n* I motivate security controls that simplify, optimize, and prevent bottlenecks.\n\n\n\n* Technology Fluency\n\n\n\n* I apply a comprehensive understanding of the Voltron Data technology stack and relevant external technologies within my focus. I both maintain awareness and ensure my organization is aware of changes as they occur. I influence partner organizations' design and architecture choices.\n\n* I understand that technology, threats, and responses evolve and use that evolution to identify opportunities to improve security controls accordingly.\n\n\n\n* Threat Fluency\n\n\n\n* I deeply understand attacker tools, techniques, and processes (TTPs) and an extensive array of defenses/mitigations for them.\n\n* I am deeply aware of the kinds of defenses and their efficacy in mitigating attacks relevant to Voltron Data Security.\n\n\n\n\n\nCareer Paths\n\nThis Senior Staff Security Engineer role has two career paths: continuing at this level as a Tech Lead or progressing to the next level (Principal Security Engineer, also as a Tech Lead). At Voltron Data, we want you to know the available career paths so we can find a long-term fit for candidates both today and in the future. Expect to discuss this in our interviews to learn your expectations for this role.\nNecessary Skills\n\n\n* Proficiency with scripting languages Python & Bash, including using GitHub for source control.\n\n* Experience with Terraform or OpenTofu for IaC.\n\n* Linux system administration experience; Ubuntu and Rocky Linux preferred.\n\n* Familiarity with securing containerized infrastructure and Kubernetes in cloud/bare-metal environments.\n\n* Hands-on experience with security tools (Datadog, Crowdstrike, or equivalents) and command-line tools for audits, pen testing, and investigations.\n\n* Understanding of GitHub Advanced Security or equivalent SAST/vulnerability tooling stack.\n\n* Prior experience with Zero Trust systems and workflows.\n\n\n\nPrevious Experience \n\n\n* History as a Tech Lead in SecOps, preferably in a DevSecOps role.\n\n* Experience with software engineering teams to develop plans for application security and ensure a secure environment.\n\n* Performs business case analysis and feasibility, including the examination of costs, benefits, and risks associated with the proposed investment or project. Recommends alternatives for solutions and highlights strategic implications.\n\n* Architects, designs, implements, supports, and evaluates secure, infrastructure-focused tools and services.\n\n* Ability to clearly articulate and write requests, needs, requirements, and documentation \n\n* Experience with navigating and earning certifications such as SOC II, ISO 27001, NIST CSF, etc.; in addition to GDPR, US Data Privacy, and other legal frameworks.\n\n* Deployment of vulnerability remediation systems and workflows.\n\n* Familiarity with cloud services (AWS, Azure, GCP, and/or others) and remote infrastructure in a colocation environment, implementing tailored security controls in each environment.\n\n* Experience working for a remote company and hands-on exposure with a global remote user base.\n\n\n\n\n \nUS Compensation\n\nThe salary range for this role is between $150,000 and $220,000. We have a global market-based pay structure that varies by location. Please note that the base pay range is a guideline, and for candidates who receive an offer, the exact base pay will vary based on factors such as the candidate's actual work location, skills, and experience. This position is also eligible for additional incentives such as equity awards. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, Python, Cloud, Senior and Engineer jobs that are similar:\n\n $50,000 — $100,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n

\nAs a Senior Staff DevSecOps Engineer, you’ll be responsible for protecting and securing Voltron Data. You'll work as a Tech Lead specializing in DevSecOps on the SecOps team and be responsible for corporate security and compliance initiatives within the company. You will be responsible for the research, architecture, development, and delivery of these focus areas and other security initiatives, either working solo or with other members of the SecOps team. Importantly, we are looking for a Security Engineer who does not work in silos and is willing to share knowledge and responsibilities with other team members, collaborating with DevOps, IT, and engineering teams for security initiatives. This includes working directly with project development teams and others to enable successful project implementation by applying the recommended security tools, technologies, and techniques.\n\nNOTE: There will be an expectation of rolling incident response schedule sharing as a part of this role. This will be a shared responsibility with other SecOps and IT members.\nImportant Notes\n\n\n* Due to some client commitments, we require this position to be a US Citizen.\n\n* While the company is remote worldwide, hiring for this position will be focused around the Northeast region (Boston to DC) of the United States, with the aim of hiring in either the NYC or Pittsburgh areas.\n\n* Additionally, you must have previous experience working at startups, with a preference for experience at an early-stage startup. Experience working with engineering teams within a software development firm is strongly preferred.\n\n* There will be an expectation of rolling incident response schedule sharing as a part of this role. This will be a shared responsibility with other SecOps and IT members.\n\n\n\nRole Expectations\n\nAs a DevSecOps-focused Senior Staff Security Engineer, you will be responsible for performing the following:\n\n\n* Security Execution\n\n\n\n* My work demonstrates broad and deep security domain expertise, and I successfully apply it across technology domains (e.g. software, networking, risk management, operating systems, etc.) to realize cross-functional security objectives and drive the maturity of the security team overall.\n\n* I independently and proactively identify areas of security risk and future needs, reach out to the relevant teams, collaboratively design solutions to that risk, and successfully implement them sustainably that “permanently” reduce risk across entire classes of threats.\n\n* I design, deliver, and drive solutions for significantly complex security and risk problems across Voltron Data organizations.\n\n* I split my time into different areas, such as security solution design and/or security architecture, based on where my skills have the greatest impact (or in response to a security problem).\n\n* I deliver solutions resistant to erosion of security controls over time and integrate ongoing testing strategies as part of the foundational design\n\n* I own the response to extraordinary or otherwise sensitive security incidents.\n\n* I adapt my role to the needs of an initiative, the security team, or a cross-functional partner team over time.\n\n* I understand that technology, threats, and responses evolve and drive that evolution to create opportunities to improve security across Voltron Data.\n\n* I motivate security controls that simplify, optimize, and prevent bottlenecks.\n\n\n\n* Technology Fluency\n\n\n\n* I apply a comprehensive understanding of the Voltron Data technology stack and relevant external technologies within my focus. I both maintain awareness and ensure my organization is aware of changes as they occur. I influence partner organizations' design and architecture choices.\n\n* I understand that technology, threats, and responses evolve and use that evolution to identify opportunities to improve security controls accordingly.\n\n\n\n* Threat Fluency\n\n\n\n* I deeply understand attacker tools, techniques, and processes (TTPs) and an extensive array of defenses/mitigations for them.\n\n* I am deeply aware of the kinds of defenses and their efficacy in mitigating attacks relevant to Voltron Data Security.\n\n\n\n\n\nCareer Paths\n\nThis Senior Staff Security Engineer role has two career paths: continuing at this level as a Tech Lead or progressing to the next level (Principal Security Engineer, also as a Tech Lead). At Voltron Data, we want you to know the available career paths so we can find a long-term fit for candidates both today and in the future. Expect to discuss this in our interviews to learn your expectations for this role.\nNecessary Skills\n\n\n* Proficiency with scripting languages Python & Bash, including using GitHub for source control.\n\n* Experience with Terraform or OpenTofu for IaC.\n\n* Linux system administration experience; Ubuntu and Rocky Linux preferred.\n\n* Familiarity with securing containerized infrastructure and Kubernetes in cloud/bare-metal environments.\n\n* Hands-on experience with security tools (Datadog, Crowdstrike, or equivalents) and command-line tools for audits, pen testing, and investigations.\n\n* Understanding of GitHub Advanced Security or equivalent SAST/vulnerability tooling stack.\n\n* Prior experience with Zero Trust systems and workflows.\n\n\n\nPrevious Experience \n\n\n* History as a Tech Lead in SecOps, preferably in a DevSecOps role.\n\n* Experience with software engineering teams to develop plans for application security and ensure a secure environment.\n\n* Performs business case analysis and feasibility, including the examination of costs, benefits, and risks associated with the proposed investment or project. Recommends alternatives for solutions and highlights strategic implications.\n\n* Architects, designs, implements, supports, and evaluates secure, infrastructure-focused tools and services.\n\n* Ability to clearly articulate and write requests, needs, requirements, and documentation \n\n* Experience with navigating and earning certifications such as SOC II, ISO 27001, NIST CSF, etc.; in addition to GDPR, US Data Privacy, and other legal frameworks.\n\n* Deployment of vulnerability remediation systems and workflows.\n\n* Familiarity with cloud services (AWS, Azure, GCP, and/or others) and remote infrastructure in a colocation environment, implementing tailored security controls in each environment.\n\n* Experience working for a remote company and hands-on exposure with a global remote user base.\n\n\n\n\n \nUS Compensation\n\nThe salary range for this role is between $150,000 and $220,000. We have a global market-based pay structure that varies by location. Please note that the base pay range is a guideline, and for candidates who receive an offer, the exact base pay will vary based on factors such as the candidate's actual work location, skills, and experience. This position is also eligible for additional incentives such as equity awards. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, Python, Cloud, Senior and Engineer jobs that are similar:\n\n $50,000 — $100,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n

\nSite Reliability Engineer - to help us build a decentralised, blockchain-based legal agreements network.\n\nWe are looking for someone to assist with the evolution and maturation of our platform’s operability.\n\nMonax were pioneers of permissioned blockchains and smart contracts and we are building our Agreements Network to allow new and more efficient forms of legal transacting.\n\nExploiting the benefits of various decentralised, distributed, and masterless technologies - chiefly Hyperledger Burrow, which Monax built from scratch and is based on the Tendermint consensus engine.\n\nWith this we need to move past theoretically proven fault tolerance to practical scalability. The unique DevOps problem we can offer is not just running at significant scale in terms of number of nodes but at scale in terms of number of authorities. How do you administer a network with no administrator?\n\nYou will have the chance to work on a system that has distributed consensus and trust-less validation at its heart and offers very interesting challenges, these could be:\n\n\n* How do you build a monitoring and alerting system for a decentralised platform?\n\n* What governance mechanism converge towards a stable system useful for its members?\n\n* How do you address security vulnerabilities of bugs with no single authority?\n\n\n\n\nBlockchains and decentralised storage systems are closely related to existing distributed databases and object stores and we are looking to blend the best of both worlds.\n\nWorking closely with our CTO and CEO your focus will be around our Kubernetes-based deployment, blending blockchain-land with more traditional (and battle-tested) DevOps and cloud tooling. We see integration between these worlds as critical to our success and themes such as message queuing, API management, caching, logging, and metrics are all key to that goal.\n\nYour role will give you the chance to work across all teams in the business and it will also give you the opportunity to write core code for the platform in support of your role.\n\nYou will join a business building a genuinely novel system, that in part intends to create an entirely new market by enabling legal products that challenge existing legal services.\n\nThis role would suit a talented Software Engineering graduate, with around 1-2 years work experience and some knowledge of Kubernetes, or a more experience software engineer who would like to transition to a more DevOps focused role.\n\nWho do we need? Someone who:\n\n\n* Can read Go, Javascript (NodeJS and frontend), Solidity (EVM code), and shell scripts within the first few weeks.\n\n* Has some understanding of cloud native tooling such as Kubernetes, Helm, Elasticsearch, and Prometheus.\n\n* Has a basic working knowledge of AWS and GCE.\n\n* Has some experience of multi-server non-trivial cloud deployments - ideally with containers.\n\n\n\n\nIt is crucial that you are able to take part in forceful yet respectful technical discussions with colleagues and that you are able to change your mind about something if required, and also are able to change other’s minds.\n\nReal things you might work on:\n\n\n* Figure out how to deploy new validator pools to existing blockchain networks\n\n* Deploy and run IPFS nodes with pinning\n\n* Implement our key signing interface against a cloud based hardware security model\n\n* Secure cross-blockchain communication with elliptic curve diffie-hellman and cryptographic proofs of state\n\n* Develop in cluster monitoring and automatic failover for blockchain nodes which have fallen out of consensus or are no longer connected into their peers.\n\n\n\n\nWhat can Monax offer you?\n\n\n* Extremely marketable blockchain and cryptocurrency skills.\n\n* The chance to make blockchain systems live up to their hype by making them highly operable, our network will be operated peer-to-peer by many parties and this needs to be as painless as possible.\n\n* Experience in blending distributed, decentralised, and centralised systems. To spend time working on something foundational at the level of a network architecture.\n\n* The chance to spend time thinking ‘around the software’; about law, economics, and game theory.\n\n* You will have a high level of autonomy. The business has just enough hierarchy, consensus and individual project responsibility (c.f. design-by-committee) favoured over diktats.\n\n* Flexible working - the successful candidate will be based in our London work space primarily, there is scope for flexible working and choosing your own hours and place of work when established. \n\n\n\n\nRelocation assistance is available and this role could also be based in our office in Edinburgh City Centre.\n\nWho will you be working with?\n\nAround ten people in our passionate cross functional team, including time with:\n\n\n* Our CTO, who would be your primary contact and coding peer while helping to guide the broader design of the system.\n\n* Our CEO in Edinburgh, who has taken the lead in developing our cloud deployment so far and with whom you will have a close working relationship.\n\n* Our product and legal engineering teams, based in New York, that you will enable by building a network that can incorporate a diverse range of legal stakeholders.\n\n\n\n\nAbout Monax\n\nMonax would like to build a better system for contracting for the good of humanity and other forms of life. To learn more please visit:\n\nMonax Website\n\nAgreements Network\n\nHyperledger Burrow \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Admin, Engineer, Sys Admin, DevOps, JavaScript, Cloud, API and Legal jobs that are similar:\n\n $70,000 — $120,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n