As the leading workforce management solution for the skilled trades, Workrise makes it easier for skilled laborers to find work, and for companies to find in-demand workers. Workrise currently operates in wind, solar, construction, oil and gas, and defense industries. We’re growing, and we’d love to learn what you can add to our team!
Workrise is hiring a Security Engineer that will be responsible for security for our distributed environments and secure development practices. Our ideal candidate for this role will be someone who has experience and deep understanding of modern cloud application environments, the role of application security in the SDLC, and a keen sense of risk and threat assessment that helps drive secure applications and development practices.
Why Join us? Our SecurityEngineering team at Workrise is helping to build a modern and scalable platform for the future of the skilled labor workforce. You will be owning a large portion of the security technical practices that focuses on securing our cloud infrastructure through SAST/DAST analysis tools, secure code practices, threat modeling, and analysis. Ideal candidates will support several product and platform teams.What you'll be doing:
- Partnering and collaborating with our engineering organization to foster modern security practices and culture.
- Automate security testing within our continuous integration and delivery pipelines.
- Automate system and service configuration management capabilities by enabling repeatable and standardized playbooks.
- Centralize user identity, audit, and access control services to provide holistic visibility.
- Build tools, services, and data sources to support security infrastructure and research.
- Contributing to open source projects, and help to review open source contributions from Workrise engineering
- Work with 3rd parties, legal, and privacy teams during audits, governance activities, and examinations.
- Bachelor’s degree in Computer Science, Engineering or related field or equivalent experience
- Minimum of 5 years technical professional experience in a security or software Engineering Discipline
- 2+ years of experience in cloud security, secure application design, bug bounties,, and secure coding practices.
- 2+ years working in a cloud environment (AWS, GCP, or Azure)
- 2+ years working with container orchestration services (ECS, K8’s, Cloud Run)
- 2+ years experience working container orchestration overlay networks such as Isito and facilitating policy frameworks such as Open Policy Agent (OPA).
- Demonstrated experience within the security community on open source projects, bug bounty submissions, or similar contributions
- Experience leveraging SAST/DAST tools
- Experience with CI/CD tools such as CircleCI, Jenkins, Github webhooks
- Solid understanding of CVSS or other threat modeling frameworks
- Experience with the OWASP Top 10 and common application exploits, and techniques.
- Experience with RBAC and IAM access control techniques
- Exposure to security and compliance, and privacy frameworks such as GDPR, CCPA, ISO27001, NIST CSF
At Workrise you can feel good about your work and furthering our mission to serve those who do the hard work. We recognize that making an impact matters to you and we believe in providing an environment that fosters that ambition. We welcome you to develop relationships with coworkers by displaying our company values: Own the Mission, Learn and Grow, Solutions Over Ego, and Raise the Bar. In appreciation for your contributions, we support you with various health insurance plan options (including medical, dental, vision), flexible paid time off, and competitive 401k matching.
As a world-class employer, Workrise is committed to providing an environment where any and all people feel welcome, respected, and free to be their authentic selves. We welcome applicants of all gender identities, sexual orientation, educational background, religion, ethnicities, veteran status, and citizenships. We’d love to learn what you can add to our team!
In 2014, we set out to create a better way to get work done in the oil & gas industry. The goal — to build the most reliable and cost-effective workforce solution, using technology to make it easier to manage and deploy workers at scale. And while our commitment hasn’t changed, our business has. What started in oil & gas has grown to include construction, wind, solar, and defense. So we believe it’s time our company’s name reflects that evolution. We’re excited to announce that RigUp is now Workrise— a full-stack workforce provider, powered by technology specifically built for the diverse industries we serve.