GuardRails is looking for a full-time AppSec Engineer with a focus on cloud security. GuardRails is supporting a rapidly growing number of developers all over the world and you will play an important role in ensuring that we have the best cloud security analysis capabilities in the industry.

About you

You love finding vulnerabilities and misconfiguration for cloud environments. You understand from experience that Infrastructure as Code (IaC) is a great opportunity to secure cloud environments, but that configuration drift and lack of coverage are an issue to overcome. As such you are excited to apply your knowledge to many IaC languages, while ensuring that the actual cloud configuration is covered as well. The thought of writing excellent security rules that identify vulnerabilities, identify whether security controls are in place and creating auto-fixes to eliminate these issues fills you with joy and you can’t wait to scale your knowledge to help millions of developers and cloud users around the world.

You will be adding support for many different IaC tools and cloud providers, tuning existing rules, improving their accuracy, and of course creating new rules. You are excited by the fact that you can release advisories for issues you identify and share your expertise in blog posts and technical conferences.

You are an incredibly motivated, highly experienced, and organized hacker who loves applying his skills constructively. You are happy to work in a startup environment and wear all the hats that you need to in order to get things done. While you are happy to contribute individually, being part of a growing team of world class security researchers and engineers is a big plus for you.

Your experience and skills

  • You are fluent in at least one programming language and are a builder at heart.
  • You know all about cloud related security vulnerabilities including Docker, Kubernetes, and cloud configuration.
  • You can set up a Kubernetes cluster in your sleep.
  • You are self-motivated, organized, creative, respectful, with a high level of integrity and ethics.
  • You have a strong command of the English language.

You pretty much have the job if

  • You are an expert in writing rules with semgrep or other frameworks (e.g tfsec, etc).
  • You have previously helped organizations secure their cloud posture at scale.

How you'll make an impact

Benefits of Working with Us

  • Fully Remote Organization, with flexible work hours, we are outcome-focused.
  • High impact environment, ability to make a difference. You are not just a number.
  • Employee Stock Option Program.
  • Mac laptop and external monitor.
  • Remote-friendly tool allowance.
  • Health insurance.
  • Gym allowance, Internet allowance, Educational allowance.

More About GuardRails

GuardRails, an end-to-end application security platform, empowers modern development teams to uncover critical vulnerabilities in their applications and rectify them before attackers abuse them.

Software is transforming the world, and we’re ensuring that businesses can make that change securely. Join our engineering team and help us deliver security to development teams globally.

Join a fast-growing cybersecurity company with an experienced founding team, flagship clients who love us, and technology that is quickly becoming the go-to choice for development and security teams.