Cloud/Infra Security Engineer

role overview

We are looking for an engineer that can contribute toward the design, implementation and optimization of the security of our infrastructure and cloud environments.

A security engineer who would work within an agile team of engineers delivering highly resilient, scalable, automated, and performant infrastructure. Our team values pragmatic, maintainable, and conscientious solutions which leave work in a better shape than how it was found.

responsibilities

• Supply-Chain Security:
• a) Work on our Third-party dependency review policy as well as on tooling and best practices around third-party dependencies
• b) Vulnerability Management Response and related tooling and best practices when vulnerabilities get identified/released somewhere in our stack or dependencies
• Decentralized Trust:
• c) We strongly believe tomorrow’s internet is being built today, and we want to help build a secure, decentralized internet, where you never need to trust anybody
• d) Zero Trust Architecture
• Automated infrastructure:
• e) We strongly believe that the more our infrastructure is automated, the easier it is to manage from all points of view, including the security angle
• Hardware security modules:
• d) When working with cryptographic keys, as we often need to, it is essential to make sure we’re making an attacker’s job as difficult as possible, relying on HSMs, TPMs, and TEEs, we believe we can enhance our architecture and improve our defense in depth
• Proactively introduce new controls into our infrastructure that enhance our security posture
• Identify the areas and components whose security needs improvement and help our teams perform proper threat modelling and assess which measures should be taken to harden these further
• Help us automate and contribute to, or develop, open-source tools to improve our security posture
• Identify security gaps and bring new processes or solutions to fix these
• Collaborate closely with our Application Security, Red Team
• Be a security advocate within Protocol Labs

requirements

• Strong threat modeling skills, demonstrable experience in security engineering
• Good understanding of the DevOps philosophy and experience with GitOps
• Know how to build, test, run, and secure Docker containers using orchestration platforms (such as Kubernetes)
• Excellent written and verbal communication skills on both technical and non-technical issues
• A keen awareness of teamwork, process, and patterns of successful collaboration
• A will to challenge the status quo and bring the changes we need

Added benefits:

• Have the chance to help us shape our new NetOps Security Squad team as you’d like it to be!
• Good budget for formation and conference, no questions asked: you’re our expert, you know best which are valuable for you to become better at what you do

culture & perks

As a distributed team, we hire anywhere in the world, and at various levels of experience (entry, senior, staff). We look for people with unique perspectives and diverse backgrounds.

We have a great benefits package, including parental leave, contributions to your retirement, competitive pay, and unlimited time off. For U.S.-based employees, we also provide platinum-level health, dental, and vision coverage for you and your family.

about us

Protocol Labs drives breakthroughs in computing to push humanity forward. Protocol Labs is a product-development lab, but behind the protocols and tools we build, behind the research and implementations, are passionate people, teammates, and community members. Most teams in the Protocol Labs Network are fully distributed and work remotely around the world.

Engineers, researchers, and operators work in the open to improve the internet — humanity's most important technology — as we explore new advances at the intersection of many exciting fields (web3, cryptography, networks, distributed systems) and cultures (startups, research, open-source, distributed work).