Make commerce better for everyone
Staff Infrastructure Security Engineer
Securing infrastructure is a core part of engineering at Shopify. The Infrastructure Security team cares deeply about securing and supporting our production environments, and about removing the toil associated with this sort of work. We’ve seen the focus of our work change over the years as Shopify’s infrastructure scales and changes.
As a Staff Engineer for this team, your focus will be building security at Shopify. You will have influence and will contribute to the overall strategy of our Infrastructure Security team, lead designing and building our security for merchants globally.It isn’t easy, but that’s one of the reasons we find it particularly rewarding. We’re building out some of the most innovative cloud platform security around (we’d love to tell you more!). Our scale is massive - Shopify powers over 1 million merchants in over 175 countries worldwide. We always approach our work from a place of empathy and enablement to Shopify’s ambitions.
Sounds like the place for you? Read on and we’d love to hear from you!
Requirements for the role:
- Strong systems administration experience (you’re able to talk about the differences between virtual machines (VMs) and/or Docker and Linux containers)
- Programming foundations (we use a lot of Ruby and Go, but we believe that good programmers can work in any language, even Bash)
- Act as a technical leader for the team and a mentor to other security engineersGreat problem solving skills. You like a good puzzle, and aren't too attached to any given solution
- Long-term architectural thinking. You can simultaneously keep the desired end-state in mind, while optimising current processes and practices as we move toward that goal
- Enthusiasm for remote collaboration
- Systems security-related hobbies. You’ve played CTFs/war games or solved similar security puzzles. You know what binary exploitations are, how shell injections work, and how to secure a system. You might not have time to participate in these activities now, but you certainly enjoyed them in the past
- A love of all things Security Operations. Complex systems and software are where your brain thrives, and you excel at finding and fixing security concerns and weaknesses in them
- Intimate understanding of logs and their usefulness. You know that the information is there, and you always want to make it more discoverable (e.g. building useable alerting and reporting pipelines)
- Experience with any of the following: Kubernetes, Terraform, Vulnerability and Patch Management, Identity and Access Management, Incident Handling and Response
- Contributing to the open source community (e.g. kubeaudit, voucher, krane)
Check out what’s been keeping the team busy:
Shopify at a glance
Shopify focuses on SaaS, Enterprise Software, E-Commerce, Mobile Commerce, and E-Commerce Platforms. Their company has offices in New York City, Toronto, Ottawa, Montreal, and Stockholm. They have a very large team that's between 1001-5000 employees. To date, Shopify has raised $122.25M of funding; their latest round was closed on May 2015 at a valuation of $1.27B.