Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

Security Lead

Engineering | REMOTE | Full Time

Job Description

Security Lead

In an era where every data transfer is a potential data leak, Virtru makes it possible for everyone to protect their content by offering easy and affordable email and file encryption. From individuals to large enterprises, Virtru lets people control who receives, reviews, and retains their information – wherever it travels, throughout its lifespan. Based on the open Trusted Data Format (TDF) created by Virtru Co-Founder Will Ackerly, the company’s Encryption-as-a-Service (EaaS) architecture, integrates powerful data security directly into the applications we use every day.

Virtru is a fast-paced startup with a strong performance-driven culture. We are well capitalized with investments from Bessemer Venture Partners and private investors. Virtru offers a competitive salary, full health benefits, and the ability to work with talented coworkers in an informal, collaborative environment.

We are looking for a kick-ass developer who has the chops to crank out elegant production quality javascript for both the front and backend of Virtru's digital privacy products. Together with the team, you will spend your days building Node.js backed APIs, web-based administrative dashboards, browser extensions, and native apps for both Google and Office365. You'll also have an opportunity to apply or gain operations experience keeping a production scale web service on AWS up and running smoothly 24/7. The ideal candidate will have a natural passion for digital privacy, software development, and great user experiences.

We are a fun group and want to keep it that way, which means you should be comfortable speaking your mind, drinking a few beers, eating ramen, and geeking out about side projects. Anyone who has trouble self-motivating is going to have a hard time. We don't want anyone that needs to be managed, so if you have trouble self-organizing with the assistance of a sprint board you shouldn't apply.

At this time we are not accepting applications from outside the continental USA.

We are security lead who has experience with both client and server side Javascript and as many elements of our stack as possible (AWS, Ubuntu, node.js, Cloudant / couchdb, TLS, Backbone.js, Angular).

Scope of Responsibilities

  • Architecture and code reviews for security issues

  • Setting up, maintaining, and running toolchain for security checks

  • Cataloging, assessing, and tracking to completion know security issues throughout our entire stack (AWS, Ubuntu, node.js, Cloudant / couchdb, TLS, Backbone.js, Angular)

  • Performing monthly internal vulnerability scans on all components of our service

  • Coordinating 3rd party pen tests

  • Work with ops engineers during security incident response

  • Establish and oversee internal security awareness training program

  • Security related documentation activities required by HIPAA, CJIS, and Fedramp

  • Would be great if they could also help with network security - configuring and monitoring AlienVault intrusion detection system. If they can't, then overseeing contractors and/r growing the security team to cover this area and other security concerns as we grow.