DeepSource is a modern static analysis platform
There are over 40 million developers in the world, and all of them write and review code in some form. DeepSource is working on building tools that help developers ship good code. We believe there’s a massive opportunity to impact how software is built right from where the code is written using automation and intelligence, which not only improves developer productivity but also increases software’s robustness.
As a Senior Security Engineer, you will be responsible for managing DeepSource’s private cloud and application infrastructure's security. You'll be responsible to set up security perimeters and controls for our infrastructure and the applications and services we run and depend on.
As a Senior Security Engineer, you will,
- Identify design and configuration flaws of our cloud infrastructure that could be exploited by bad actors.
Minimize risk of reliability-related failure outcomes as pertaining to security.
Debug production issues across services and levels of the stack.
Implement observability and reporting tools to ensure we're compliant in security fronts.
Run security awareness and training education for all engineers and other stakeholders.
Deploy tooling to manage end-to-end security of the software supply chain of DeepSource.
At least 4 years experience working with production security teams.
Familiarity with infrastructure management and experience running Kubernetes in production.
Experience operating and maintaining production systems in a Linux and private cloud environment.
Working knowledge of industry best practices and compliance standards such as SOC2 with regard to information security.
Comfortable with Python, Go, or any low-level programming/scripting language.
Work your way around Unix shell.
A focus on delivering high-quality code through strong testing practices.
DeepSource continuously analyzes source code changes and finds issues categorized under security, performance, anti-patterns and bug-risks. DeepSource integrates with GitHub/GitLab and runs analysis on every commit and pull request, discovers and fixes potential issues before they make it to production.