Cloud / Infra Security Engineer

About Protocol Labs

Protocol Labs drives breakthroughs in computing to push humanity forward. Protocol Labs is a product-development lab, but behind the protocols and tools we build, behind the research and implementations, are passionate people, teammates, and community members. Most teams in the Protocol Labs Network are fully distributed and work remotely around the world. Engineers, researchers, and operators work in the open to improve the internet ?" humanity's most important technology ?" as we explore new advances at the intersection of many exciting fields (crypto, networks, distributed systems) and cultures (startups, research, open-source, distributed work).

What we're looking for...

We are looking for an engineer that can contribute toward the design, implementation and optimization of the security of our infrastructure and cloud environments.

A security engineer who would work within an agile team of engineers delivering highly resilient, scalable, automated, and performant infrastructure. Our team values pragmatic, maintainable, and conscientious solutions which leave work in a better shape than how it was found.

As a Cloud/Infra Security Engineer you will...

Help us solving hard security problems in areas like:

• Supply-Chain Security
• Work on our Third-party dependency review policy as well as on tooling and best practices around third-party dependencies
• Vulnerability Management Response and related tooling and best practices when vulnerabilities get identified/released somewhere in our stack or dependencies.
• Decentralized Trust
• We strongly believe tomorrow's internet is being built today, and we want to help build a secure, decentralized internet, where you never need to trust anybody
• Zero Trust Architecture
• Automated infrastructure
• We strongly believe that the more our infrastructure is automated, the easier it is to manage from all points of view, including the security angle.
• Hardware security modules
• When working with cryptographic keys, as we often need to, it is essential to make sure we're making an attacker's job as difficult as possible, relying on HSMs, TPMs, and TEEs, we believe we can enhance our architecture and improve our defense in depth.

Typically, this could mean:

• Proactively introduce new controls into our infrastructure that enhance our security posture.
• Identify the areas and components whose security needs improvement and help our teams perform proper threat modelling and assess which measures should be taken to harden these further.
• Help us automate and contribute to, or develop, open-source tools to improve our security posture.
• Identify security gaps and bring new processes or solutions to fix these.
• Collaborate closely with our Application Security, Red Team
• Be a security advocate within Protocol Labs.

You may be a fit for this role if you have...

• Strong threat modeling skills, demonstrable experience in security engineering
• Good understanding of the DevOps philosophy and experience with GitOps
• Know how to build, test, run, and secure Docker containers using orchestration platforms (such as Kubernetes).
• Excellent written and verbal communication skills on both technical and non-technical issues
• A keen awareness of teamwork, process, and patterns of successful collaboration.
• A will to challenge the status quo and bring the changes we need.

Added benefits...

• Have the chance to help us shape our new NetOps Security Squad team as you'd like it to be!
• Good budget for formation and conference, no questions asked: you're our expert, you know best which are valuable for you to become better at what you do.

What's it like to work at Protocol Labs?

Protocol Labs' mission is to improve humanity's most important technology, the Internet. We build protocols, systems, and tools to improve how it works. Today, we are focused on how we store, locate, and move information. Our projects include IPFS, Filecoin, libp2p, and more.

As a distributed team, we hire anywhere in the world, and at various levels of experience (entry, senior, staff). We look for people with unique perspectives and diverse backgrounds.

We have a great benefits package, including parental leave, contributions to your retirement, competitive pay, and unlimited time off. For U.S.-based employees, we also provide platinum-level health, dental, and vision coverage for you and your family.

If you're passionate about the future of computing and a more democratized internet, we want to talk to you.

GDPR for Job Applicants and Candidates

When you apply to a job on this site, the personal data contained in your application will be collected by Protocol Labs, Inc. ("Protocol Labs"), which is located at 427 N Tatnall St #51207, Wilmington, Delaware 19801 and can be contacted by emailing legalrequests[at]protocol.ai. Protocol Labs' data protection team can be contacted via legalrequests[at]protocol.ai. Your personal data will be processed for the purposes of managing Protocol Labs' recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by Protocol Labs, which are the solicitation, evaluation, and selection of applicants for employment.

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Protocol Labs to help manage its recruitment and hiring process on Protocol Labs' behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards.

Your personal data will be retained by Protocol Labs as long as Protocol Labs determines it is necessary to evaluate your application for employment or to assist in the hiring process. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.

Summary
Company name: Protocol Labs
Remote job title: Cloud/Infra Security Engineer
Job tags: Docker, Threat Modeling, containers