Are you an experienced software engineer with deep experience in building and shipping amazing products? Do you have high standards when it comes to code quality and user experiences?
Are you the best developer on your team? Are you ready to work alongside the best engineers in the world for name-brand, industry leading companies?
Do you want to work in a positive, uplifting work environment, for a company with a 4.5 star rating on GlassDoor? Is a competitive compensation and benefits package important to you?
Join FullStack Labs as we revolutionize the software consulting industry, and execute on our mission to rid the world of ugly, outdated, buggy software.
As an engineer at FullStack Labs you will help our incredible clients achieve their technical goals in one of two ways : 1) Team Augmentation : You will integrate yourself directly into our client’s team and work alongside their existing engineers on a daily basis.
2) Design & Build : You will work on a FullStack Labs development team to build and ship greenfield applications for our clients.
What We're Looking For :
Knowledge in OWASP Practices.BS degree in Computer Science or equivalent practical experience, MS in Computer Science preferred.
4+ years of combined experience in Security, Software Engineering, and DevOps, with coding experience in an object-oriented language in a SaaS multi-tenant environment.
Experience leading small initiatives with the ability to course-correct as needed.Experience with conducting threat assessments and creating remediation plans based on the results of threat assessments.
Experience with penetration testing, threat modeling, open-source, and commercial security tools. Substantial experience with the following technologies is preferred : AWS and tools (GuardDuty, Tenable, Cloudconfirmity, Macie, Snyk, Cloudfront).
Infrastructure / cloud automation tooling (e.g. CloudFormation, Terraform, Packer).Service Mesh / Discovery Tooling (e.g.
Consul, Envoy, Istio, etc).Continuous Integration (e.g. Circle CI, Jenkins).Containers and Container Management (Docker, Kubernetes, Helm, Spinnaker).
Configuration and Security Management (e.g. SSL Certs, Puppet, Ansible, Salt, Vault, KMS).Security Tools : (Scanners, Interactive security testing tools, Burp Suite).
Technical Certifications are a plus (GIAC, OCSP, CISSP, OSCP).
What You'll Be Doing :
Be a proactive member of the security team that drives complex security efforts for internal and external customers.Own security decisions across Procore including identifying, planning, and applying security advance concepts and principles.
Advocate for security as a subject matter expert across multiple organizations, holding discussions on security topics and drive automation where required.
Design, build and review security-related services and functionality of web applications, mobile applications, and desktop applications.
Provide Procore's Engineering team with well-researched security advice to demonstrate vulnerabilities, collaborate with all teams to provide secure development guidance.
Triage vulnerabilities that are found internally or reported through our bug bounty program; serve as an escalation point of contact.
Conduct threat modeling, penetration testing, data security, DevSecOps, vulnerability management, and security metrics.Work across Ruby on Rails, Apache, Nginx, PostgreSQL, AWS tech stacks.
Wrapping it All Up Being a software consultant is a fun, challenging, and rewarding career choice for developers. Your contributions are highly valued by clients, and the work you do often has a direct and significant impact on client’s businesses.
You will have the chance to work on a variety of projects for our incredible clients, which will help you quickly improve as a consultant and software developer.
You will get to work with modern languages and frameworks alongside some of the best developers in the world. So if you have the desire to be a part of an exciting, challenging and rapidly-growing software development consultancy, and if you are passionate about software development and consulting, please apply. #LI-Remote