Software Security Engineer II, Identity Engineering

Software Security Engineer II, Identity Engineering

Location: Remote

About HashiCorp

HashiCorp is a fast-growing startup that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. We build tools to ease these decisions by presenting solutions that span the gaps. Our tools manage both physical machines and virtual machines, Windows, and Linux, SaaS and IaaS, etc.

Engineering at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.

Our Team

We're looking for talented Software Engineers to join our Internal Corporate Identity Engineering Team. This team ensures HashiCorp’s systems are secured consistently and ensures least privilege access is practiced across the company.

This Position

As a member of our Internal Identity Security Team, you’ll be responsible for creating the tooling and automation that manages our internal identity and access management and governs our cloud environments and internal services. You will work closely with teams across the company to provide foundational tooling to scale safe access across the enterprise, including other teams within security, Infrastructure engineering, Platform engineering, as well as Governance, Risk and Compliance (GRC).

In this role, you can expect to:

• Develop software and deploy infrastructure to manage internal identity and access governance.
• Develop centralized policies for managing access internally.
• Scale identity to all internal systems
• Reduce auditing needs through automation and time-based access controls.
• Create self-service workflows for common application types within our identity provider.
• Work across all organizations collaborating on efforts to secure our infrastructure, products, and the enterprise.
• Mentor teammates and other engineers across the company
• Take a large task / project and drive it through all lifecycle phases.
• Take on Oncall rotation for production support issues.

You may be a good fit for our team if you have experience in some of these areas:

• You have 3+ years of work experience in software development.
• You have programming experience in Go to build scalable security tools.
• You have experience in developing and deploying cloud native applications in production.
• You have demonstrated technical experience across related security disciplines e.g. identity governance and administration, appsec, network security, infrastructure security, etc.
• You have the ability to prioritize and track multiple projects in parallel.
• You have previous experience working in collaborative security teams
• You have experience implementing and scaling security programs in a startup environment.
• You have indirect experience in security, being that person who consistently recognizes and fixes security-related issues or problems with the systems, services, or applications you manage.
• You love to build and push the industry to do better.
• You are able to work effectively in a team environment, and collaborate with others across multiple time zones.

Preferred (but not required)

• Experience in SAML, SCIM, SSO, OIDC
• You have experience operationalizing security tooling and infrastructure.

About the tools that you would be working with

• Greenfield work on Passport Auth proxy
• Iterate on our existing Passport product, built in Go over AWS infrastructure.
• Deployment Automation: AWS
• Storage: AWS (DynamoDB)
• Identity: Okta
• Monitoring and Alerting: Sentry, PagerDuty, Incident.io.

• Doormat / Passport

  • Doormat where Cloud and Application access requests are submitted
  • Passport is where membership and JIT access for a given request is managed

About the Application Process

Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

#LI-REMOTE

Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.

The base pay range for this role in the SF Bay Area / NYC area is:$174,300—$205,000 USDThe base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is:$159,700—$187,900 USDThe base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is:$145,200—$170,800 USD