Senior Security Software Engineer
Strata The Company
Strata is a venture-backed startup building the next generation of distributed identity management for the multi-cloud world. Led by a visionary team of serial entrepreneurs (with multiple exits) who built the first generation of Web identity management, the first IDaaS solution, co-authored SAML, and now are creating the Identity Orchestration market.
This is truly a ground-floor opportunity for a software engineer that wants to have a hand in building the future of multi-cloud identity. Strata is that opportunity applied to the hottest, exponentially growing security market.
At Strata, we build software using the Pivotal Labs Agile model leveraging small stories, and test-driven development in a highly collaborative (and fun) environment. Our engineering team is a hybrid model with a development team in Vancouver coupled with engineers across the US. We build Maverics using GoLang, and we practice build/run with DevSecOps.
Strata’s platform - Maverics - is an abstraction layer that makes delivering identity to apps simple, all without requiring any rewriting of applications. By creating an Identity Fabric, customers can seamlessly integrate with multiple identity infrastructures enabling next-level agility and cloud-scale.
Strata works closely with our partners at Microsoft Azure, Okta, AWS, GCP, and VMware to ensure interoperability through deep, native integrations. Strata’s Maverics Identity Orchestration software runs natively in the cloud or on-premises either as a native service or containerized on Kubernetes.
We build our software to be secure, scalable, and extensible.
Secure. We take security seriously and build it into the core of what we develop and run our platform. In this role, you will help ensure that our software and processes are hyper-secure to be trusted by the biggest brands and companies in the world.
Scalable. Strata’s customers rely on our software to secure their core business operations, meaning we need to be available 99.999%. In this role, you will architect and implement proven resiliency patterns to ensure rock-solid reliability.
Extensibility. Strata is building a platform for distributed identity management with plans to support evolving use cases that our customers bring us weekly. As such, we develop our software to integrate with and manage many other identity infrastructure systems easily. In this role, you will help make Maverics the one platform to rule them all (or at least manage them all).
We are looking for an experienced Senior Security Software Engineer to lead our team with a deep understanding of security best practices and proven experience in designing and developing security features to elevate our product. You will join an engineering team that strongly believes in designing for security, reliability, and scale with diligent code reviews, test-driven development, and a proven agile process to build the world’s first distributed identity orchestration platform.
Our elite engineering team is fast, creative, and agile; with a rapid, agile release cycle and individual ownership. We expect great things from our engineers and reward you with stimulating new projects, emerging technologies, and the chance to have a significant impact on a company that is changing the identity management landscape forever.
- Design, develop, and implement robust security features that continually improve our product
- Conduct security audits and assessments to identify vulnerabilities and areas for improvement
- Work with product and engineering teams to integrate security into every stage of the development process
- Stay up-to-date on the latest threats and trends in cybersecurity
- Support the maintenance and development of the infrastructure API.
- Contribute to architecture reviews and to the security posture of our SaaS platform.
- Mentor engineering teams on secure coding practices, particularly as they apply to Identity technologies.
- Work cross-functionally and closely collaborate with other engineers and teams to implement new features, improvements, and fixes that need to handle our current and future scale.
- Use Test-Driven Development to build, debug, and resolve production issues and implement fixes for them.
- Evaluate new technologies and techniques to improve overall practices.
- Instrument, monitor, and operate the code you write and services you build. This includes on-call rotations.
- Contribute to key areas of large scale, Go-based Identity Management product development, being ready to lead where your expertise shines.
- Participate in design and code review, and ensure good engineering practices are being applied.
- Mentor and be mentored, coach and be coached, as part of an ever-growing engineering team.
It’s not expected that a single candidate has expertise in all these areas. We’re looking for professional engineers, who can quickly learn and adapt as our systems and situation changes, rather than candidates with a rigid skill set.
- Degree in Computer Science or equivalent work experience
- 8+ years experience in software development and engineering for cloud-native or an enterprise software company
- Strong experience implementing software leveraging secure coding practices
- Experience training and/or mentoring other engineers in secure software development
- Expertise implementing solutions leveraging OAuth v2
- Experience with identity standards like OIDC or SAML
- Experience building software that runs on cloud IaaS platforms (AWS, Azure, GCP)
- Helpful but not necessary Knowledge of on-premises identity (SiteMinder, OAM, ClearTrust, Ping, ForgeRock) and cloud identity (AzureAD, Okta, Google, and AWS)
- Understanding of enterprise identity infrastructure and identity-related security concerns of cloud and on-premises environments
- Solid experience with HTTP, Web application architectures, and cloud platforms.
- Experience with GoLang, Linux, networking, web, and app servers.
- Experience designing and developing large scale applications, including the design and implementation of modern web applications
- Grounding in modern software engineering practices and design patterns
- Solid understanding of the technical fundamentals of networking and cloud-based applications
If you find yourself checking off most of the below, this could be the position for you!
- Place a high value on security and reliability.
- Take an agile, iterative approach to development, dividing long-term goals into incremental milestones.
- Have the ability to be self-directed and effective working independently, while also seamlessly contributing in a team environment.
- Work and communicate well with technical and non-technical people to deliver high-value results.
- Enjoy being part of a highly collaborative, remote-friendly environment.
- Bring the right attitude to the team: ownership, accountability, and attention to detail.
- Possess the desire to learn and curiosity to understand how and why things work.
Something looks off?