JumpCloud
About JumpCloud
JumpCloud delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. JumpCloud is IT Simplified.
About the Role JumpCloud is looking for a Staff Security Engineer on the DevSecOps team focusing on building and maintaining infrastructure, software, and automation to monitor and mitigate attacks and vulnerabilities across JumpCloud products and services. You will help lead a team responsible for ensuring JumpCloud products\' integrity and keeping JumpCloud users safe.
About the Team As a Staff Security Engineer specializing in DevSecOps, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. You will collaborate with SecOps, GRC, and other security functions, gaining exposure to a broad range of security domains. In addition, you will work with various engineering partners across the organization.
All roles at JumpCloud are Remote unless otherwise specified in the Job Description.
What you\'ll be doing
Lead the design and maintenance of infrastructure, including custom software and vendor integrations, to meet advanced security needs for Product and Infrastructure Security
Develop and implement policy enforcement automation and comprehensive reporting systems
Set up data ingestion, as needed, for the SIEM or other tooling
Collaborate with DevOps and Developer Enablement teams around the globe to embed security best practices and establish guardrails for developers
Conduct and oversee threat model reviews of product features and architectures, providing strategic guidance
Mentor and guide service/feature teams in secure software design principles
You have
7-10 years of experience in the field of security engineering with an extensive background and experience in software development and architecture
Substantial production experience with AWS or GCP that includes expertise in networking, securing workloads, and IAM management
Proficient in writing Golang – almost all of the Security team’s tooling is written in Go, with some miscellaneous scripts in Python
Extensive experience in Terraform (HCL) and Kubernetes, including containerization technologies
Proficiency with CI/CD tools, particularly GitHub Actions
Exceptional written and oral communication skills, with the ability to convey complex security concepts
Proven ability to lead cross functional projects and teams
You are also an expert in one of the following areas
Product Security (ProdSec) including threat modeling and secure architecture design/review
Authentication protocols (SAML, OAuth, LDAP, etc.)
Mobile application security (iOS and Android)
Bonus points for experience with
Open Policy Agent (OPA)
Open source security tools
Data pipeline tooling
Certificate infrastructure
Distributed systems
Working on core OS (Windows, Mac, Linux) APIs
Personal Characteristics
Visionary leadership with a focus on innovation in security
Results oriented, self driven, and able to work independently with minimal supervision
High level of integrity with a commitment to accountability
Excellent communication skills, capable of articulating complex ideas clearly
Creative problem-solving abilities with a passion for security
You MUST be
Available for on-call (after hours) duties for any internal tools/services the DevSecOps team owns
Willing to support the Security Operations team during incidents in performing ad-hoc queries, forensics, etc.
In accordance with the Colorado Equal Pay for Equal Work Act, the approximate annual compensation range for this role, depending on individual candidate level and experience, is $170,000 - $250,000 USD, including base salary and any related bonuses or commissions.
In the US, JumpCloud provides a comprehensive benefits package, with several medical plans to choose from including a high deductible HSA plan with employer contribution, two dental plans, vision insurance, flexible spending account (FSA), employee assistance program (EAP), short- and long-term disability, life insurance and a 401k savings plan with match. We have a flexible paid time off policy.
Location JumpCloud is committed to being Remote First, meaning that you are able to work remotely within the country noted in the Job Description. All roles posted in United States locations require that you be located within one of the 50 U.S. States. Our Headquarters is in the Denver/Boulder, CO area but as a remote company, you are able to work remotely anywhere in the U.S. If you would like to spend time in our offices in the Denver/Boulder area, you are welcome to do that as well. This role is remote in the United States of America. You must be located in and authorized to work in the USA to be considered for this role.
Other Scam Notice:
Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of JumpCloud. JumpCloud will never ask for personal account information, such as credit card details or bank account numbers, during the recruitment process. If you are contacted by anyone claiming to represent JumpCloud and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at recruiting@jumpcloud.com with the subject line "Scam Notice".
Equal Opportunity
JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
#J-18808-Ljbffr
About the Role JumpCloud is looking for a Staff Security Engineer on the DevSecOps team focusing on building and maintaining infrastructure, software, and automation to monitor and mitigate attacks and vulnerabilities across JumpCloud products and services. You will help lead a team responsible for ensuring JumpCloud products\' integrity and keeping JumpCloud users safe.
About the Team As a Staff Security Engineer specializing in DevSecOps, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. You will collaborate with SecOps, GRC, and other security functions, gaining exposure to a broad range of security domains. In addition, you will work with various engineering partners across the organization.
All roles at JumpCloud are Remote unless otherwise specified in the Job Description.
What you\'ll be doing
Lead the design and maintenance of infrastructure, including custom software and vendor integrations, to meet advanced security needs for Product and Infrastructure Security
Develop and implement policy enforcement automation and comprehensive reporting systems
Set up data ingestion, as needed, for the SIEM or other tooling
Collaborate with DevOps and Developer Enablement teams around the globe to embed security best practices and establish guardrails for developers
Conduct and oversee threat model reviews of product features and architectures, providing strategic guidance
Mentor and guide service/feature teams in secure software design principles
You have
7-10 years of experience in the field of security engineering with an extensive background and experience in software development and architecture
Substantial production experience with AWS or GCP that includes expertise in networking, securing workloads, and IAM management
Proficient in writing Golang – almost all of the Security team’s tooling is written in Go, with some miscellaneous scripts in Python
Extensive experience in Terraform (HCL) and Kubernetes, including containerization technologies
Proficiency with CI/CD tools, particularly GitHub Actions
Exceptional written and oral communication skills, with the ability to convey complex security concepts
Proven ability to lead cross functional projects and teams
You are also an expert in one of the following areas
Product Security (ProdSec) including threat modeling and secure architecture design/review
Authentication protocols (SAML, OAuth, LDAP, etc.)
Mobile application security (iOS and Android)
Bonus points for experience with
Open Policy Agent (OPA)
Open source security tools
Data pipeline tooling
Certificate infrastructure
Distributed systems
Working on core OS (Windows, Mac, Linux) APIs
Personal Characteristics
Visionary leadership with a focus on innovation in security
Results oriented, self driven, and able to work independently with minimal supervision
High level of integrity with a commitment to accountability
Excellent communication skills, capable of articulating complex ideas clearly
Creative problem-solving abilities with a passion for security
You MUST be
Available for on-call (after hours) duties for any internal tools/services the DevSecOps team owns
Willing to support the Security Operations team during incidents in performing ad-hoc queries, forensics, etc.
In accordance with the Colorado Equal Pay for Equal Work Act, the approximate annual compensation range for this role, depending on individual candidate level and experience, is $170,000 - $250,000 USD, including base salary and any related bonuses or commissions.
In the US, JumpCloud provides a comprehensive benefits package, with several medical plans to choose from including a high deductible HSA plan with employer contribution, two dental plans, vision insurance, flexible spending account (FSA), employee assistance program (EAP), short- and long-term disability, life insurance and a 401k savings plan with match. We have a flexible paid time off policy.
Location JumpCloud is committed to being Remote First, meaning that you are able to work remotely within the country noted in the Job Description. All roles posted in United States locations require that you be located within one of the 50 U.S. States. Our Headquarters is in the Denver/Boulder, CO area but as a remote company, you are able to work remotely anywhere in the U.S. If you would like to spend time in our offices in the Denver/Boulder area, you are welcome to do that as well. This role is remote in the United States of America. You must be located in and authorized to work in the USA to be considered for this role.
Other Scam Notice:
Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of JumpCloud. JumpCloud will never ask for personal account information, such as credit card details or bank account numbers, during the recruitment process. If you are contacted by anyone claiming to represent JumpCloud and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at recruiting@jumpcloud.com with the subject line "Scam Notice".
Equal Opportunity
JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
#J-18808-Ljbffr