Security Architect

Summary

Join Earnest as a Security Architect and play a crucial role in designing and implementing security solutions across applications, networks, and systems. You will develop threat models, security standards, and secure coding training. Responsibilities include defining network access control policies, ensuring vulnerability remediation, and developing a robust Identity and Access Management (IAM) strategy. This position requires 10+ years of experience in a security-related field, including extensive experience with AWS, DevSecOps, and application security. The ideal candidate will possess strong security policy framework knowledge and be comfortable with threat hunting and incident response. This remote-first role offers a competitive salary, comprehensive benefits, and the opportunity to collaborate with a passionate team in Oakland, CA, for a few days each month.

Requirements

• Must have 10+ years of experience in a security-related field, providing a blend of architectural leadership and hands-on experience as a security architect
• 5+ years of experience working with AWS environment and DevSecOps
• 5+ years application security experience with either functional or imperative languages
• Experience with security policy frameworks such as NIST, CIS, or FFEIC
• Ability to perform security-focused code reviews
• Comfortable with typical threat hunting / incident response processes
• Experience with containers, microservices, and the risks associated with these systems
• Understanding of both human and non-human identity, authentication and authorization
• Willingness to travel to the Oakland office monthly to collaborate with other Earnies

Responsibilities

• Design and implement security solutions that address organizational needs and mitigate risks across applications, networks, and systems
• Develop threat models and security standards, recommend security controls, and integrate security measures into system, infrastructure, and application designs
• Develop and deliver secure coding training, provide guidance on application security best practices, and encourage adherence to secure coding standards
• Define and enforce network access control policies, including firewalls, ACLs, and segmentation
• Ensure timely remediation of vulnerabilities and security audit trail production in server infrastructure and workstation endpoints
• Develop a robust Identity and Access Management (IAM) strategy by defining and implementing access management controls such as RBAC, SSO, IAM, FIdM, CASB, CIEM

Preferred Qualifications

• Professional security certifications (e.g., CISSP, OSCP, CISM)
• Worked in an environment subject to SOX compliance
• Proficient in NodeJS, Python, and/or Go
• Experience with infrastructure automation tools such as Terraform and Ansible
• Software development experience with either functional or imperative languages

Benefits

• Health, Dental, & Vision benefits plus savings plans
• Mac computers + work-from-home stipend to set up your home office
• Monthly internet and phone reimbursement
• Employee Stock Purchase Plan
• Restricted Stock Units (RSUs)
• 401(k) plan to help you save for retirement plus a company match
• Robust tuition reimbursement program
• $1,000 travel perk on each Earnie-versary to anywhere in the world
• Competitive days of annual PTO
• Competitive parental leave