Staff DevSecOps Engineer
San Francisco, CA

Job Description

At Amplitude, we're building analytics that helps our customers use data to build better products and drive growth. We're already the analytics platform of choice for many top product teams around the world including Microsoft, Square, and Hubspot. Backed by top VCs - Battery Ventures, Benchmark and YCombinator - our team is defining the future of how companies interact with data to build better products.

Our infrastructure consists of over 1,000 servers on AWS and is continuing to grow. As a member of our Cloud Engineering team, you will be responsible for keeping our infrastructure secure. You will work on our deployment, automation, and monitoring systems. You will also work closely with our development team to implement the necessary processes to keep our platform highly available, efficient and secure. Your work will touch many technologies including AWS, SaltStack, Docker, Threatstack, Consul, Redis, Kafka, and Postgres.

Responsibilities

* Work closely with our internal InfoSec team and be the primary engineering contact related to all things security.
* Own and manage our security vulnerability monitoring and intrusion detection systems. Ensure we are proactively fixing issues raised.
* Develop internal tooling for automatic deployment of security patches to our production infrastructure.
* Build out, test and maintain disaster recovery solutions.
* Architect and implement solutions necessary to address security audits and compliance efforts.
* Work with external security testing vendors to coordinate pen testing of our platform and network. Coordinate any necessary fixes with the engineering team.
* Work closely with the applications and infrastructure engineering teams to ensure we are considering security when architecting and building new systems. Ensure that security solutions are architected with developer velocity and efficiency in mind. Identify and develop tools to aid this process.
* Develop tools to automate the ongoing security auditing of IAM permissions and other AWS configurations
* Participate in an on-call rotation with the engineering team.

Skills and Experience

* B.S., M.S., or Ph.D. in Computer Science or other technical fields
* 3+ years of experience working in a Software Engineering role
* 3+ years of experience working in a DevOps role
* 3+ years of experience working in a Security role handling cloud infrastructure
* Experience securing AWS deployments.
* Experience turning feedback from security analysis tools (Threat Stack, Amazon Inspector, etc) into infrastructure improvements
* Familiarity with Docker and container orchestration tools like Kubernetes
* Experience managing and automating large AWS deployments (100+ machines)
* Strong foundation in programming, algorithms, and software application design
* Passion for solving challenging problems and iterating quickly