Workstream is a mission-driven company that believes in building premium, modern software solutions for local businesses. There are 2.7 billion hourly workers, who make up 80% of the global workforce, but they've been heavily underserved by technology and deserve better. We help local businesses around you hire, manage, and retain qualified workers.

Our customers include leading brands from multiple sectors, including Burger King, Carl's Jr./Hardee's, IHOP, KFC, and Culvers. At series B, we are quickly expanding our product portfolio. We are backed by legendary VCs and industry experts like Founders Fund, BOND, and Coatue.

We are seeking a talented DevSecOps Engineer to join our growing team. As a DevSecOps Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect Workstream's infrastructure, applications, and data. You will work closely with development teams to ensure secure software development practices are implemented throughout the development lifecycle.

Day in the Life:

Implement and execute security policies across AWS cloud environments including VPC, SSO and Organizational Policies
Evaluate security controls, design standards, drive changes across the organization
Investigate and Remediate security issues across multiple AWS organizations at scale
Review and participate in Design Reviews for Infrastructure security changes and standards
Identify and drive opportunities to improve automation for code deployment, cloud configuration management, and visibility of security services
Drive AWS security features and product relationships globally

Who You Are:

BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience
3+ years of experience in DevSecOps with strong understanding of software development processes and methodologies
Experience with security-focused tools and vulnerability assessment
Experience with incident response, on-call responsibilities, and/or digital forensics
Familiarity with security automation and tooling such as DAST and SAST
Experience in data security, including access control, governance, PII control/detection, etc.
Excellent written and verbal communication skills
Experience with languages like Ruby, Python, Java, JavaScript, Puppet, etc

Preferred Qualifications:

Background in public cloud deployment or operations, especially with AWS
Experience with Intrusion Detection Systems (IDS): their design, implementation, benchmarking, and related strategies
Deep knowledge of IAM tools, techniques, and related best practices
Knowledge of security best practices and compliance standards such as SOC2
Cloud security certifications like AWS Certified Security Specialty or other industry recognized certifications like CEH are preferred

What We Offer:

A mission-driven and value-based company dedicated to empower deskless workers and local businesses
An early employee opportunity at a Series B hyper-growth startup; work with the founding team and industry veterans to accelerate your career
Competitive salary and equity
Comprehensive health coverage: medical, dental, and vision
WeWork Office - Amenities and Perks
Learning/development stipend
Unlimited PTO
Hybrid Office/WFH schedule

Additional Information

Workstream provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

We are committed to the full inclusion of all qualified individuals.

Apply now

See more open positions at Workstream

Something looks off?

Privacy policy Cookie policy