Security Engineer

Improvado’s Mission

Improvado is committed to a vision of minimizing transaction cost for people to get business answers. Today, data lives in many different siloes and business users need to rely on scarce technical resources in order to get the answers they need to do their job effectively. Improvado is changing that.

The Product

Improvado’s product is an Enterprise Data Platform for Marketers, Data Analysts, and Strategists that allows you to easily aggregate data from 250+ marketing platforms like Google and Facebook, into one place, transform that data into the format you need, and visualize that data in your platform of choice. We automate up to 90% of manual work related to reporting and uncover large revenue-generating opportunities for your Marketing teams that are hidden amongst the data. Improvado’s ability to process large amounts of data at high speeds enables us to help and customize solutions for Enterprise Brands more than anyone in the market. Today, some of our partners are Monster Energy, L’Oreal, ASUS, etc.

Position Summary

As a Security Engineer within our engineering group, you will execute on projects that are critical to the security of our platform. Successful candidates will have experience with cloud and containerized infrastructure. Your day to day will include security best practices into infrastructure and container base images, taking an active role in vulnerability scanning and remediation, and improving our cloud security practices.

In This Role, You Will

• Design, develop, administer, and maintain the security of cloud environments (AWS and GCP) with a clear passion for cloud security and cloud technologies.
• Provide security expertise and perform high-level technical reviews of applications hosted in cloud platforms (AWS and GCP).
• Help us a solution and build Cloud Native Detective and Responsive controls in AWS and GCP that enforce the security baseline at scale (such as SIEMs and secrets managers) and, when necessary, integrate with open source and vendor tools.
• Integrate security best practices into our CI/CD, Kubernetes configuration, and infrastructure base images
• Build automation to audit the infrastructure for AWS and GCP security misconfigurations actively.
• Work with developers and other teams to implement and integrate Security best practices
• Help us select, deploy and manage security-critical tooling design and develop scripts needed for troubleshooting and resolution of security or compliance issues.
• Participate in the security engineering incident management process.
• Maintain knowledge of the latest cloud security threats.

About you

• At least one year in a role mostly focused on Kubernetes and Cloud.
• Knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration.
• Experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation, such as Terraform, Jenkins.
• Experience with Docker.
• Experience with AWS is required.
• Experience with infrastructure-as-code and using automation tools.
• Experience with vulnerability management, including infrastructure and web application vulnerability management, and ideally including practical experience of SAST.
• Strong experience managing Linux based infrastructure.
• Experience with languages such as Python.
• Experience in version control systems such as Git.
• Knowledge of Cloud Security Alliance (CSA) Cloud Controls Matrix.
• Experience providing evidence for SOC2 Type 2 or similar audit framework is a strong plus.
• Familiarity with Falco, OSSEC, or similar intrusion detection systems.
• Familiarity with Golang is a strong plus.
• Familiarity with security issues associated with containers, Kubernetes, distributed systems, and large-scale web applications.
• A strong drive for continual learning.
• Work independently and as part of a geographically disparate team.
• An ability to work under pressure and take ownership of tasks.

Why Improvado?

• Well-tuned workflow and development processes;
• Modern tech stack (Clickhouse, highload, CI/CD, Kubernetes, AWS)
• Strong infrastructure team of ex-software engineers
• Constant salary indexation and clear professional growth roadmap (performance reviews)
• Stock option (ability to get a share in 3X-growing company)
• 100% remote work, or ability to work from comfortable Moscow/Tomsk offices
• Flexible schedule
• Free English courses
• Investors in Improvado are Silicon Valley Elites; i.e., Jonah Goodhart (SVP Oracle Data Cloud, Former Founder & CEO of MOAT), Kim Perell (CEO Amobee), Toby Gabriner (Former CEO Nextroll, CEO Bitly), Auren Hoffman (Founder & Former CEO of LiveRamp), etc.. as well as Bullpen Capital and 500-Start Ups