Staff Infrastructure Security Engineer

  • Full-time
  • Department: Infosec

Company Description

Tradeshift is a unicorn in the fintech industry. We are disrupting a typically stagnant environment by connecting companies of all sizes and providing them with the platform and network needed to create value from old processes like procurement, invoicing, payments, and workflow. We recognize that business is both messy and social - two revelations that have driven the development of Tradeshift, a platform for all your business interactions. We work hard and our teams have great freedom and responsibility to choose the best solutions, technologies and approaches to evolve the product to the next level.

We believe that being a global, multicultural company is a tremendous strength and we have people working from 18 different countries with hubs in Bucharest, Copenhagen, Kuala Lumpur, and San Francisco. We believe that if we truly focus on how to work distributed and collaborate across locations and (home) offices, we will not only enjoy work more but also build better products for our customers, and ultimately be a better company.

About the Team
Surprisingly, our infrastructure security team secures our infrastructure - on all levels! We look at all the layers below the application, including AWS, Kubernetes, Docker, the OS (Linux) itself, etc. We develop and maintain security solutions, but also work in close collaboration with various engineering teams, making sure that new services are built with security in mind.

Job Description

Tradeshift is looking for talented and well-reasoned security engineers to strengthen all facets of our security program.

We’re looking for top engineers who thrive in a role contributing to a strong, automation based security program.  You'll work side by side with some of the most talented engineers in the industry to harden our systems and applications to better protect our customers’ data.

With over a half a trillion dollars transacted on the platform, security at Tradeshift is a big deal.  Usage of Tradeshift is growing at an exponential pace which also means we need to build a security program that scales to the speed we are growing.  We are constantly developing more functionality and growing our engineering organization. In other words, you’ll have your plate full of interesting tasks in a very dynamic environment. We are a SaaS platform hosted on AWS using JVM based services and running on Linux via Docker and Kubernetes with automated build, configuration and deployment pipelines in place.

What you will be doing: 

  • Taking the lead role in architecting and building technical security capabilities across all of our cloud based infrastructure

  • Driving security that adapts with the platform using the latest technologies in container orchestration, service meshes and automated provisioning. 

  • Perform design and implementation security reviews for infrastructure projects

  • Assist with security incident response as needed

  • Be a security evangelist across all of engineering

  • Find security flaws hidden in complex systems and ensure they are addressed

  • Design, evangelize and implement security process controls to improve Tradeshift's ability to detect, analyze and prevent malicious activity.

Qualifications

  • Great communication skills to help build a strong security culture
  • BS in Computer Science or equivalent experience. Coming from a developer or SRE background is a huge advantage

  • Automation and tool building as a first class skill and approach to problem solving. 

  • Deep experience with AWS, Linux and Kubernetes orchestration

  • Cloud native thinking with a passion for scaling microservices architectures

  • Solid understanding and experience building security into a full CICD pipeline

  • Experience with infrastructure such as HIDS, WAFs and logging systems

Additional Information

We value diversity at our company. Tradeshift prohibits unlawful discrimination based on race, color, religious or religious creed, sex, sexual orientation, gender, age, marital status, veteran status, disability status or any other consideration made unlawful by applicable federal, state, or local laws. All your information will be kept confidential according to EEO guidelines.

#LI-BP1

#LI-REMOTE

Privacy Policy