Security and Compliance Engineer

Job description

DEV is hiring our first security and compliance engineer. We believe that security is a process, not a state, which will be reflected in this role. We are a fast-growing start-up and need someone who is comfortable working at a smaller company. The security and compliance engineer will work closely with our SRE and development teams to establish the DevSecOps culture at DEV. This role will be hands-on, which includes proactively finding bugs and vulnerabilities throughout our site and apps, and taking an active role in the code review process.

We value emotional intelligence and communication skills. We want to work with developers who want to build an inclusive software ecosystem as badly as we do.


Primary Responsibilities

  • Stay up to date with relevant data regulations
  • Ensure we remain in compliance at all times
  • Shape our data best practices to protect private user data
  • Serve as the first line of contact for any security vulnerabilities, and help fix any problems that arise
  • Lead our bug bounty program: establish a process for handling external vulnerability reports and maintain good relationships with reporters
  • Take part in all compliance-related conversations
  • Continuously educate our team on security best practices

    Requirements

    Skills we’d like to see

    • Knowledge of web application security, especially in the context of Ruby on Rails (OWASP Top 10, etc)
    • Pen testing (automated and manual)
    • Previous compliance experience, for security (ISO 270001, PCI DSS) and/or privacy (GDPR, CCPA)

      About DEV

      DEV Community is the fastest growing social network for software developers. The DEV mission and brand is defined by helping all software workers achieve their goals and find community while building towards something bigger together.

      We’re a company that values emotional intelligence, learning and growth. We hire diverse, well-rounded and communicative people who want to build an inclusive software ecosystem as badly as we do.

      Perks:

      • Medical, Dental, Vision plan
      • Unlimited vacation
      • Flexible Equipment and Conference budget
      • Co-Working budget (we are a 100% Distributed Team)
      • Monthly Wellness Budget

      This position is for US based candidates only.