• Location
    • Dublin
  • Date Posted
  • May. 17, 2021
  • Function
  • IT
  • Sector
  • Data

Evervault is a technology company building the encryption engine for the web, so that developers never touch sensitive data in plaintext and can isolate the code that processes it from the rest of their stack.

Our mission is to encrypt the web; our goal is zero data breaches, and our end-state is everything encrypted everywhere.

Security is at the core of Evervault. We’re hiring a Lead Engineer, Security to build security into our systems and processes from the ground up. You’ll be working with Rust, Node.js, and AWS Nitro Enclaves.

Core challenge

The core challenge for this position is simple: How do you design and build systems & processes when security is the primary concern for developers considering using Evervault?

This person will:

  • Be directly responsible for defining, owning, and executing Evervault’s production security roadmap, and championing security across all architectural and product decisions
  • Regularly conduct security audits to determine our security risk tolerance, needs, and priorities — and develop strategies based on these determinations, translate those strategies into tactical plans, and execute those plans
  • Establish an engineering process & culture across all layers of Evervault’s engineering process which holds security as the first priority
  • Make every Evervault engineer a security engineer, e.g. by ensuring everyone considers security implications in the design and implementation of their code
  • Prepare Evervault for security events by proactively running incident response simulations, using tools with automation to increase our speed for detection, investigation, and recovery
  • Introduce mechanisms and tools to reduce or eliminate the need for direct access or manual processing of data
  • Automate security best practices to improve our ability to securely scale more rapidly and cost-effectively
  • Create secure architectures, including the implementation of controls that are defined and managed as code, i.e. Terraforming
  • Enhance existing, and introduce new, observability & traceability mechanisms to monitor, alert, and audit actions and changes to our environment in real time, including the integrate log and metric collection with systems to automatically investigate and take action
  • Implement a strong identity foundation across Evervault systems
  • Be heavily involved in developing compliance processes, and help get Evervault compliant to the highest information security standards (including SOC 2, ISO 27001, and PCI DSS) — including managing independent penetration tests

You may be the right person if:

  • You are an expert in security, with deep knowledge across all security specialities
  • You are a security evangelist who believes that every engineer is a security engineer
  • You want to be heavily involved in building Evervault’s dedicated security team, and mentoring engineers who may not be trained in security
  • You have a network of quality (security) engineers who would instantly want to join Evervault if you did

You are the ideal person if you have:

  • 8+ years of relevant experience, including experience leading security organizations — or you’ve had equivalent experience in a more condensed period
  • Expert knowledge of security threats, deep hands-on experience detecting & defending from cyber attacks, and experience using big data analytics and orchestration to address security challenges
  • Exceptional engineering skills in a common development language (e.g. Rust, C, C++)

Benefits

  • Ownership over your work, and in the company
  • Open vacation policy
  • Flexible work hours
  • Build your dream machine & workspace
  • Health insurance
  • Paid maternity and paternity leave
  • Relocation costs
  • Free lunch & dinner