Kubernetes Jobs at Pinata

Pinata Technologies, Inc. is building the tools and infrastructure for a more free and empowering Web3 generation through IPFS. Our vision is to foster a sense of place for every creator on the internet that is uniquely theirs. Our fully remote team comprises engineers and designers, builders and creators, and overall kind humans with big dreams. We believe in a culture that fosters honesty and teamwork, laughter and trust, and our work is meaningful and challenging in the best ways every day. 

Check us out at About Us | Pinata

Pinata is looking for DevSecOps Engineer to come join the team! This fully remote position will report to the VP of Information Security and will be responsible for building and improving Pinata’s security posture for external and internal technology footprint.

We are looking for an experienced DevSecOps engineer to work in the DevSecOps areas of Vulnerability Scanning, Certificate Management, Password Management, Data Analysis of security monitoring outputs, coordination of Patching, and other daily Security and requirements. Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions. Assisting in enforcing and creating policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. You will be responsible for identifying vulnerabilities and working with our technology team to resolve them, ensuring that our network and data remain secure.

WHAT YOU’LL DO

• Assist in creating and enforcing policies and procedures related to Information Security
• Coordinate deployment of security patches to ensure software is kept up to date
• Facilitate activities related to SOC audit and other compliance audits
• Support overall business technology planning, providing a current knowledge and future vision of technology and systems
• Make recommendations for improving infrastructure, application, and development security enhancements
• Assist with implementing, and maintaining a vulnerability management program
• Educate and train staff on information system security best practices
• Ensure that security programs comply with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings

WHAT YOU BRING

• 3+ years experience in a Production Engineering or related position 
• Knowledge of cybersecurity frameworks such as SOC2, GDPR, NIST and ISO 27001 
• Excellent written and verbal communication skills and high level of personal integrity
• Ability to review, analyze and report on vulnerability data to identify security risks to the organization's network, infrastructure, and applications
• Experience with Cloud computing/Elastic computing across virtualized environments.
• Experience coordinating and performing vulnerability assessments using automated and manual tools (Tenable, NMAP, etc)
• Familiar with researching and understanding modern and current security threats
• Proficiency in Python, NodeJS, ReactJS or other scripting languages
• Understanding of security areas including Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc
• Knowledge of Windows and Linux related information security functions (authentication, encryption, SSL, Ciphers, etc)
• Ability to work with APIs and Plugins to integrate security tools

BONUS POINTS

• NGINX, Lambdas, Kafka, SQS, Cloudflare, Kubernetes, Terraform
• Familiarity with the web3/NFT space

Ability to work remotely from anywhere

Competitive salary

Health, dental and vision benefits

Unlimited paid time off

Professional development stipend

18 weeks parental leave for full-time, salaried employees

Meaningful equity for full-time, salaried employees

Opportunity to join us at an early stage where your contributions will make an impact and you’ll have significant opportunities to flourish