Security DevOps Engineer - Infrastructure and Deployment
Security is a core value at Credit Karma. We help millions of people better manage their credit. Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual engineer, everyone views security as a personal responsibility. Your unique mission as a Security DevOps Engineer is to tackle the security challenges of software-defined infrastructure and enable rapid deployment and iteration without enabling attackers.
What will you do?
- Design and implement audit controls to signal production changes for a constantly evolving software-based infrastructure, ranging from networks up through application stacks.
- Evolve and refine the security of our docker pipelines that are the basis of our microservice architecture.
- Tighten and monitor a production pipeline of dozens of teams independently releasing hundreds of dependent, versioned microservices across multiple data centers.
- Craft production tooling to grant end-to-end control and monitoring of production services to development teams without enabling malicious insider access to production data.
- Implement code signing and other crypto controls to limit the ability for malicious code to run.
- Solve bootstrapping problems in mobile build and release, and other fascinating challenges in streamlining chains of multi-party approval.
- Validate static infrastructure definitions against live SIEM data.
What’s great about it?
- Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
- Solving frontier security problems at scale in a highly technology-focused team.
- Spending zero minutes convincing anyone why security is important - we all understand that very well already!
What do we expect?
- B.S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.
- Minimum 5 years experience with internet-facing production infrastructure.
- Minimum 1 year experience with infrastructure automation technologies.
- Automation experience with vulnerability feeds including OSVDB or similar.
- Strong scripting or relevant programming skills.Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
- A fun and positive attitude!
Back to top