This job post is closed and the position is probably filled. Please do not apply. Work for Platform.sh and want to re-open this job? Use the edit link in the email when you posted the job!
\nMission\n\nTo reinforce our commitment to customers’ privacy and security, for its PaaS solution, Platform.sh is looking for a Security & Compliance Engineer with a taste for Python and Go, excellent Linux system understanding, outstanding written English skills, experience working on PCI and/or SOC compliance, and a real hunger for the challenges of building compliant distributed systems. If you’re looking for an exciting, high-growth opportunity with an award-winning, cutting-edge company, this could be the job for you.\n\nThis position is well suited for engineers wanting to transition into a heavy security and compliance role. We are targeting developers/sys admins that like writing documentation and can function in a high performing, multithreaded environment.\n\nSecurity, privacy, and compliance controls are at the heart of what we do as our mission is to simplify the cloud. The job is to transform what is often regarded as red-tape and constraints to a well-oiled machine where everything is automated and where every constraint becomes a feature making the product better.\n\nDirectly reporting to our Data Protection Officer (VP), and in close interaction with our Chief Product Officer, CTO, VP of Infrastructure, and our Engineering and Customer Support teams.\n\nIn a given day you might be:\n\n\n* Acting as a technical liaison between the Security & Compliance department and our product, engineering, and operations staff.\n\n* Creating documentation and processes in English to help satisfy compliance requirements.\n\n* Evaluating, deploying, and creating, systems and tools that will enhance our support and operations efficiency.\n\n* Supporting our data protection officer and compliance team with information requests, pen testing, disaster recovery, and related activities.\n\n* Executing our security incident management process.\n\n* Working with appropriate teams to deploy and operate security tools and solutions.\n\n* Ensuring all systems, security applications, and services in environment are securely configured and managed through operating system appropriate security platforms and tools.\n\n* Ensuring optimal operation of all security solutions and tools.\n\n\n\n\nQualifications:\n\nMinimum Qualifications\n\n\n* Excellent written English skills (as in, you could have been a tech writer or commercial author in another life)\n\n* Experience with Linux (preferably Debian-based)\n\n* Familiar with markdown\n\n* Experience implementing PCI, SOC, or related\n\n* Operate largely independently (go take that hill) with management support\n\n* Juggle several requests at the same time\n\n* Proven successful experience in an operations role\n\n* Exposure to cloud services (AWS in particular)\n\n* Understands how an OS works, knows networking, how git works, and the constraints of a distributed system\n\n* Proficient in Python\n\n* Has an understanding of\n\n\n\n* Patch and Vulnerability Management process\n\n* Principle of Least Privilege\n\n* Incident response\n\n* Identity and Access Management\n\n* IPTABLES\n\n* WAFs\n\n\n\n\n\n\nPreferred Qualifications\n\n\n* Experience with containerization technologies (LXC/LXD, Docker)\n\n* Experience with vendor management\n\n* Experience with Puppet and Golang\n\n* Demonstrated the ability to successfully manage cloud-based infrastructure for a fast growing organization\n\n* Knowledge of Magento Ecommerce, Symfony, Drupal, eZ Platform, or Typo3\n\n* Relational database skills\n\n* Public speaking experience\n\n* Ability to speak French or German a plus\n\n* Ability to kick ass in Chess or beat Zork without using a map\n\n* CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, or CASP Certification or similar will get you moved to the top of the queue\n\n* CIPM/E, CIPP/E, CIPM/E certification or similar will get you moved to the top of the queue\n\n* Can bravely take on new challenges like a Gryffindor, analyzes problems like Ravenclaw, protects our infrastructure and client data like a Slytherin, and talks with clients like a Hufflepuff.\n\n\n\n\nSound Like a Good Fit? We’d love to talk to you! \n\n* This is a remote job. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, English, Cloud, Git, Python and Linux jobs that are similar:\n\n
$70,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐
We hire old (and young)\n\n