Helm believes that a more equitable world will be built by people with organizing superpowers. To achieve this vision, we are building one seamless and intuitive platform that integrates data, tools, and experiences to give anyone those superpowers. We are designing and executing experiments to better understand human civic behavior, determine which interventions drive impact, and scale them toward a more participatory democracy. Our customers are organizations engaged in political and social advocacy that drive big change over the long-term using a portfolio of strategies on a multi-partisan basis. Most importantly, our customers believe that people organizing in their communities are the ultimate agents of durable change.
Issue advocates and organizers are our inspiration. Building with and for them is our mission. We are assembling a team that shares values with, learns alongside, and stands with the people who are doing the work to change the nation. So if you’re highly motivated, super passionate about democracy, and want to join a team that is looking to build great things together, Helm may be for you. This is a full-time position reporting to the Director of Infrastructure. Helm is a remote first company.
We are seeking an experienced Senior Security Engineer who is passionate about building highly available and scalable services to power a variety of applications. A successful candidate will bring strong analytical ability, cloud infrastructure expertise, and the ability to deliver results within a fast-moving, agile environment.
What you’ll be doing:
- As a key member of an agile DevSecOps team, you will design, code, and maintain performant, reliable infrastructure and platforms.
- Automate tasks using various configuration management and scripting tools such as Ansible, Terraform, and Python.
- Provide mentorship and promote security best practices throughout the company.
- Assess project risks, quantify risk/benefit relationships and provide alternative solutions and risk mitigation.
- Develop internal tooling for automatic deployment of security patches to production infrastructure.
- Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.
- Researching the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks.
- Detect and remediate any security incidents that may occur across the technical stack.
- Develop tools to automate the ongoing security auditing of permissions within a multi-cloud environment.
- Create secure architectural designs and perform security reviews with Engineering teams.
Skills you should have:
- 5+ years experience building and working on cloud infrastructure for large scale distributed systems (primarily AWS based).
- Experience integrating security practices into product-focused engineering teams.
- Experience with multiple programming languages and automation tools such as Python, Ansible, and Cloudformation.
- Experience with unit and integration testing, continuous integration, and deployment workflows.
- Experience developing REST APIs and integrating third-party APIs.
- Knowledge of software engineering fundamentals, patterns, and design.
- Knowledge of security best practices and how to implement them in cloud infrastructure.
- Unix / Linux proficiency.
- Passion for understanding and researching vulnerabilities and exploitation techniques.
- General understanding of PKI, X.509, ASN.1, key exchange protocols, and authentication protocols.
- Familiar with Identity Access Management (IAM) best practices and tools such as Okta.
- Experience with various database technologies and associated security practices.
Skills you could have:
- Full-stack engineering experience.
- Experience with NoSQL databases and data warehousing platforms.
- Experience with running various security testing campaigns such as phishing.
- Understanding of multiple AWS services like ECS, Fargate, MSK, and Lambda.
Helm is an equal opportunity employer that encourages diversity across all spectrums in its hiring, without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, or any other protected factor. With that being said, we wouldn’t be able to accommodate candidates in need of work sponsorship at this time since we are a small company. If you find this role interesting and you hit on the elements above, please apply!