Remote is solving global remote organizations' biggest challenge: employing anyone anywhere compliantly. We make it possible for businesses big and small to employ a global team by handling global payroll, benefits, taxes, and compliance (learn more about how it works at remote.com/how-it-works). We're backed by A+ investors and our team is world-class, literally and figuratively, as we're all scattered around the world.

Please check out our public handbook (at remote.com/handbook) to learn more about our culture. We encourage folks from all ethnic groups, genders, sexuality, age and abilities to apply. You can also check out independent reviews by other candidates on Glassdoor. If this job description resonates with you, we want to hear from you!

All of our positions are fully remote. You do not have to relocate to join us!

We use a LinkedIn feature called "multiplexing", which creates several location-specific job postings for individual locations from a single global position we publish. Multiplexing enables us to make our global job post compatible with LinkedIn's system and allows us to manage the inbound applications by location.

We encourage candidates to apply to any of these roles since they are factually global and we will make explicit mention of specific location details in the practical section below.

How we work

• We love working async (www.notion.so/80c01cd443ad4c77a8ceaef7c5fba5d0) and this means you get to do your own schedule.
• We empower ownership and proactivity and when in doubt default to action instead of waiting.

The position

This is an exciting time to join Remote and make a personal difference in the global employment space as a Senior Security Engineer, joining our Engineering team.

Requirements

• Adept in software security - understanding of security concepts, vulnerabilities, mitigations, and coding practices
• Significant professional experience in at least one of the domains - secure development, security research, web application penetration testing or other similar field
• Designing or implementing secure applications as part of a wider team
• Ability to automate and implement common security tasks
• Ability to pickup new technologies independently

Nice to have

• Excellent communication and interpersonal skills
• Knowledge of Security in DevOps-aware company (CI/CD, infrastructure as code, asynchronous SDLC)
• Kubernetes and Container Security
• Experience in secure design or threat modelling
• Experience running a bug bounty program
• Experience implementing a SIEM solution

Key responsibilities

• Support Engineering teams on key initiatives for entire Software Development Lifecycle
• Implement and maintain security tools used in CI/CD
• Conduct internal security testing on Remote's products to find potential issues
• Vulnerability management(internal and external findings)
• Create and deliver async trainings(guides, challenges, or similar activities) to enable engineering teams to code defensively and securely
• Provide security advisory to company wide audience

Practicals

• You'll report to: Security Team Leader
• Team: Security
• Location: Anywhere in the World
• Start date: As soon as possible

Application process

• (async) Profile review
• Interview with recruiter
• Interview with future manager
• (async) Small challenge
• (async) Challenge Review
• Interview with team members (no managers present)
• Prior employment verification check(s)
• (async) Offer

‍