What if you could use your technology skills to develop a product that impacts the way communities’ hospitals, homes, sports stadiums, and schools across the world are built? Construction impacts the lives of nearly everyone in the world, and yet it’s also one of the world’s least digitized industries, not to mention one of the most dangerous. That’s why we’re looking for an experienced Staff DevSecOps Engineer to join Procore’s journey to revolutionize a historically underserved industry.
As a Staff DevSecOps Engineer, on our Security Engineering team, you’re given the unique opportunity to drive the next generation of our application platform initiatives in a global SaaS infrastructure. Working side-by-side with our Product, SRE, and Development teams, You’ll build elegant and transparent security measures into automated and standardized service platforms for product code. Backed by the might of our teams, we’ll provide you with the tools and resources needed to achieve extraordinary results that render a significant impact extending beyond the boundaries of traditional engineering roles.
These positions will report to the Director of Security Operations and have the opportunity to be located in our Carpinteria, CA headquarters, New York City, or Austin, TX office. Remote candidates will be considered based on the level of experience and with the expectation of occasional travel to these offices. We’re looking for people to join our team immediately.
What you’ll do:
- Drive deployment excellence and product quality through a software-defined approach to securing operations and infrastructure
- Review security of open source products being evaluated by SRE; both features and code quality (e.g. vulnerability rate)
- Serve as a champion for secure infrastructure-as-code by supporting SRE in end-to-end configuration, technical dependencies, and overall success of the SaaS environment
- Ensure services are designed and delivered to be mission critical with focus on security within broader goals of resiliency, scale, and performance
- Promote security practices to teams pursuing orchestration and automation
- Serve as the voice of security during reviews of site reliability processes such as testing, CI/CD, and release management. Provide unwavering support and collaboration for the software/QA engineers on projects
- Ensure that automated deployment and remote execution-based remediation scripts are securely written
- Lead the improvement of security testing for application or infrastructure changes
- Mentor and coach junior site reliability engineers, and be a driver for change through secure DevOps adoption across the broader organization
What we're looking for:
- BS degree in Computer Science or equivalent practical experience, MS in Computer Science preferred
- 8+ years of combined experience in Security, Software Engineering, and DevOps, with coding experience in an object-oriented language in a SaaS multi-tenant environment
- Experience leading small and large initiatives with the ability to course-correct as needed
- Experience working with teams, providing mentorship and guidance to improve the overall security of the ecosystem
- Substantial experience with the following technologies is preferred:
- AWS and tools (GuardDuty, Tenable, Cloudconfirmity, Macie, Snyk, Cloudfront)
- Infrastructure/cloud automation tooling (e.g. CloudFormation, Terraform, Packer)
- Service Mesh/Discovery Tooling (e.g. Consul, Envoy, Istio, etc)
- Continuous Integration (e.g. Circle CI, Jenkins )
- Containers and Container Management (Docker, Kubernetes, Helm, Spinnaker)
- Configuration and Security Management (e.g. SSL Certs, Puppet, Ansible, Salt, Vault, KMS)
- Security Tools: (Scanners, Interactive security testing tools, Burp Suite)
Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore.
We are an equal opportunity employer and welcome builders of all backgrounds. We thrive in a diverse, dynamic and inclusive environment. We do not tolerate discrimination against employees on the basis of age, color, disability, gender, gender identity or expression, marital status, national origin, political affiliation, race, religion, sexual orientation, veteran status, or any other classification protected by law.
Perks & Benefits
You are a person with dreams, goals, and ambitions—both personally and professionally. That's why we believe in providing benefits that not only match our Procore values (Openness, Optimism, and Ownership) but enhance the lives of our team members. Here are just a few of our benefit offerings: competitive health care plans, unlimited paid vacation, stock options, employee enrichment and development programs, and friends & family events.