Sauce Labs is the leading provider of continuous testing solutions that deliver digital confidence. In today’s software-centric economy, speed is everything. The pressure to deliver more, faster, falls squarely on development teams. Sauce Labs accelerates software development by removing testing as a bottleneck. We run the world's largest cloud-based platform for automated and live testing cloud to ensure that the web and mobile applications people use everyday work flawlessly on any browser or device. We’re already transforming the way companies approach testing at organizations like JPMorgan Chase, Twitter, Verizon Media, and Charles Schwab and we are adding new customers every quarter.
Sauce Labs Engineering is looking for a Security Engineer who can use their experience to support the Security function in our Site Reliability Engineering team. If you consider yourself a thoughtful, kind, and supportive person, this might be a good fit for you. You must be eager to learn, enjoy exploring as well as working closely with a team.
- Perform network, application, and policy level security assessments for Sauce Labs’ environments, products, and services.
- Design, build, and maintain security controls in an agile DevOps environment with an emphasis on automation.
- Operate and evolve our Public Bug Bounty Program, leveraging our partners to ensure efficiency.
- Facilitate external and internal penetration tests to continuously assess our products and environments for vulnerabilities.
- Forensic analysis and incident response, including participating in on-call rotation schedule.
- Design, test, and deploy systems to improve security monitoring and response capabilities. Includes data centers, public and private cloud environments.
- Create and maintain scripts and custom-built tools to automate routine security tasks and increase our security posture.
- Work as a member of the SRE team to triage and manage incidents.
- Minimum 3-5 years work experience in an application security role.
- Experience with vulnerability management and penetration testing.
- Experience working on a Linux command line.
- Experience working with backend systems that consume and produce data via APIs.
- Familiarity with the TCP/IP protocol stack, routers, and firewalls.
- Experience with network and host based IDS/IPS, Web Application Firewalls, and load balancers.
- Working knowledge of OWASP web application security controls.
- You dig deep into incidents/problems and come up with unique solutions.
- You think of software and infrastructure coming together to form a larger system.
- You battle ruthlessly to fix what's broken and protect the customer experience.
- You are compelled to leave a situation better than you found it.
- You are able to lead security initiatives and projects across diverse groups.
- You are able to effectively communicate the right level of detail to both internal and external customers.
- You are able to support the diverse needs of both Corporate IT and Customer environments.
- You are interested in expanding SRE skills while helping others improve their security skills.
- Experience building tooling or automating tasks using Python or Go.
- Experience with Terraform or similar automation tooling
- Experience securing images, containers, and Kubernetes.
- You have hands-on experience in architecture and SaaS systems delivered through a hybrid cloud (on-premise, AWS, GCP).
- You are experienced with infrastructure as code practices.
- Familiarity with encryption and key management systems.
- CISSP, CSSLP, GWAPT, SANS, or other security certifications would be a plus
We are a hybrid workplace that recognizes the importance of flexibility while valuing in-person collaboration and relationship building. As a result, Saucers located near an office location must be able and willing to come into the office. Those hired remotely must be able and willing to travel to an office as required by the specific role.
Please note our privacy terms when applying for a job at Sauce Labs.
Sauce Labs is proud to be an Equal Opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender identity/expression/status, sexual orientation, age, marital status, veteran status or disability status.
Security responsibilities at Sauce
At Sauce, we will commit to supporting the health and safety of employees and properties, partnering with internal stakeholders to learn and act on ever-evolving security protocols and procedures. You’ll be expected to fully comply with all policies and procedures related to security at the department and org wide level and exercise a ‘security first’ approach to how we design, build & run our products and services.