DevSecOps Engineer
About StarburstAt Starburst, we are working to dismantle the status quo of data silos and vendor lock-in every single day. For decades, database companies have held their customers hostage and we believe that’s just plain wrong. Starburst offers a full-featured data lake analytics platform, built on open source Trino. Our platform includes all the capabilities needed to discover, organize, and consume data without the need for time-consuming and costly migration projects. Today more than 300 leading organizations trust us to make better decisions faster. Though Starburst has raised $414M in venture funding from top investors, we were founded in a rather unusual way as we bootstrapped the business with customers and revenue from the very beginning! We are a remote-first company with employees all over the world and are proud to be named a Best Place to Work. Come join our team of All-Stars!About the roleAs a DevSecOps Engineer on the Starburst Security team, you’ll work with Starburst Galaxy Engineering to design and protect cloud and data environments to meet our customers’ security needs for our growing fully-managed data lake analytics platform, Starburst Galaxy.The DevSecOps Engineer will be responsible for integrating security practices and principles into the software development and operations processes, with the goal of ensuring that components and infrastructure within Galaxy are secure, compliant, and resilient.Daily tasks will include embedding security into the development process by reviewing code, identifying vulnerabilities, and implementing security measures.
As a DevSecOps Engineer at Starburst you will:
- Collaborate closely with our development and infrastructure teams to integrate security into every phase of the software development lifecycle
- Infrastructure as Code (IaC): Develop and maintain infrastructure as code scripts and templates to enable automated provisioning and management of infrastructure components, using Pulumi
- Integrate security practices into the development and operations process to ensure continuous delivery of secure and resilient software
- Identify and remediate security vulnerabilities in applications and infrastructure components, using Wiz and cloud native tools
- Build and implement security solutions across the product lifecycle by completing architecture review requests
- Implement code signing and mature our secrets management program
- Improve perimeter security by managing our Cloudflare WAF
- Make suggestions, and guide discussions on how to improve security posture in AWS/Azure/GCP
Some of the things we look for:
- Demonstrated experience with securing cloud environments (Familiarity with Amazon AWS policy, configuration, and security management tools)
- Azure and GCP cloud experience preferred
- Programming experience (Preference for Java, Python, Typescript)
- Experience managing infrastructure as code templates and scripts (e.g., Terraform, Pulumi) to provision and configure infrastructure components securely
- Demonstrated experience with secure development, coding, and engineering practices. Comfortable suggesting and making developer-led security improvements
- Demonstrated ownership and grit: these are core values we take seriously at Starburst
- Ability to execute - an ideal candidate can set clear plans of action and see complex security projects through to completion, especially while working at the pace of a startup
- Strong ability to work with multiple stakeholders to understand the best way to secure software for intricate and complex features. A willingness to collaborate with cross-functional engineering teams is essential
Where could this role be based?
- We are looking for someone located on the East Coast.