Render is hiring a
Software Engineer, Security

Summary

Render is a cloud platform provider that aims to offer flexibility without complexity for developers and businesses. They are looking for a security-minded software engineer to build their security program and raise the bar on platform security. The role involves building internal tooling, maintaining a development toolkit, analyzing and assessing security issues, working with developers, liaising with customers, reducing compliance toil, and communicating security risks.

Requirements

• Experience designing and building secure web applications, tools, and APIs
• Experience securing systems on AWS or GCP
• Experience with infrastructure as code (e.g. Terraform, Ansible)
• Knowledge of the Go programming language
• Experience with vulnerability review and analysis

Responsibilities

• Build internal tooling to enable secure access to resources (e.g., wrappers, utilities, authentication services, and proxies)
• Maintain a development toolkit that enables our teammates to write secure code with ease and apply security best practices
• Analyze and assess security issues identified through security reviews, threat modeling, penetration testing, and vulnerability disclosure
• Work with developers on sensitive code paths and educate them on secure design patterns
• Liaise with customers regarding their security and compliance needs, and in return, inform our security program
• Reduce compliance toil and friction through high-leverage automation and programmatic workflows
• Communicate security risks and solutions to technical and non-technical stakeholders as part of company-wide planning and prioritization processes
• Stay up-to-date with the latest security threats, vulnerabilities, and best practices and make recommendations for improvements to our security posture
• Partner with product engineering teams to inform and build thoughtful security features for our customers
• Continually ensure that our systems have appropriate authentication, authorization, and accounting with low internal overhead

Preferred Qualifications

• Experience building a security program such as one based on NIST CSF or ISO 27001
• Experience securing Kubernetes clusters and workloads
• Experience designing and analyzing secure GraphQL APIs
• Experience securing software supply chains in accordance to frameworks like SLSA
• Experience with testing tools such as Burp Suite, OWASP ZAP, and Semgrep
• Active participation and contributions to the security community through public research, blogging, presentations, and other means
• Proven expertise in exploiting common security vulnerabilities, demonstrating practical experience in identifying and leveraging vulnerabilities to assess security posture

Benefits

• Our openings span more than one career level. The starting salary for this role is between $150,000 and $220,000 USD
• The opportunity is also eligible for equity with early exercise options and extended exercise windows
• 4 weeks of paid vacation, available from day one
• 14 weeks of fully paid parental leave for all parents to bond with a newly born, adopted, or fostered child. We will also work with you to create a supportive plan of return
• Long-term disability, life insurance, and 401K plans
• 100% employer-paid medical coverage and 99% employer-paid dental and vision coverage for you and a dependent. FSAs available as well
• Monthly lifestyle stipend for wellness, mental heath and therapy, hobbies, etc
• Monthly cell phone and internet subsidy
• Commuter benefits for Renders in the Bay Area, and home office stipends for remote Renders
• Continuous learning benefits & related support