Lead Infrastructure Security Engineer
Who We Are:
At DataCamp, we're not just a platform; we're the catalyst for a data-fluent world. We enable individuals and businesses to leap forward in data science, providing them with top-tier education, certification, and collaboration tools.
By the Numbers:
- 400+ dynamic courses
- 270+ renowned instructors from 35 Countries
- 90+ hands-on projects
- 12 million+ global learners
We're proud to be backed by Spectrum Equity, Accomplice, and Arthur Ventures, aiming to hit $100M ARR in the upcoming years. While our roots are in New York City, our presence spans London to Leuven, with a vibrant team of 200+ members working both on-site and remotely.
About the role
DataCamp's infrastructure squad, which is part of the Platform Engineering department, is a T-shaped cross functional team that looks after CI/CD pipelines, cloud infrastructure (deployed on AWS and GCP), security feedback cycles and security detection, logging and monitoring. The team helps advise our production engineering teams on infrastructure and security best practices on all DataCamp projects and looks after the whole DataCamp Platform to ensure commercial availability for our customers.
To facilitate this we have a highly automated CI/CD pipeline based on CircleCI and Spotify Backstage (internal engineering portal) which allows developers to ship what they build, increasing deployment speed and ownership and visibility. The infrastructure squad aims to enhance developer productivity, scalability, availability, testing and security by providing feedback cycles for teams so they follow a model of continuous improvement.
It will be your role as lead security infrastructure engineer within the Infrastructure squad to be our security specialist. This will involve owning and developing and implementing the application and infrastructure security roadmap for our DataCamp platform and liaising with our compliance infosec team on bug bounty findings. This will involve maximizing our security budget on tooling to guard DataCamp against security threats and enable teams to allow the detection, prevention and remediation policies to be built into product teams continuous feedback loops that ensure we improve our security posture and adhere to audit requirements. You will also be contributing to infrastructure projects to support the business objectives but will lead at least one security specific OKR per quarter that is focused on improving our DataCamp security posture.
The team has a strong bias towards providing self-serve and automation for deployment/infrastructure provisioning as well as cost control. The infrastructure team aims to support other teams using these services rather than being a central bottleneck in the company. You will play a key part in planning future improvements and owning your day to day work.
All DataCamp Platform workloads are deployed on EKS (Kubernetes) and our Istio service mesh by the self-service deployment pipelines. All infrastructure is provisioned using Terraform. The infrastructure team also manages the Kong API Gateway allowing external ingress traffic into the DataCamp Platform. The DataCamp Data Platform is deployed on Big Query and airflow manages our data pipeline jobs.
In terms of security tooling we utilize JFrog x-ray for container security scanning, AWS inspector for account security scanning and NoName security for network and OWASP top 10 detection at an application level as well as network security.
The ideal candidate
- Has 3+ years experience of application security (AppSec) and web application security principles as the OWASP top 10
- Has 3+ years experience with DAST (Dynamic Application Security Testing) and SAST (Static Application Security Testing) security tools and how to implement them to secure web applications hosted in the cloud
- Has 3+ years of administering/maintaining infrastructure related tools (AWS, Docker, K8s)
- Has 3+ years experience advising on/implementing deployment pipelines (CI/CD)
- Experience in participating and advising on ISO 27001 compliance and security controls needed to pass audits.
- Has the ability to code in a programming language such as (javascript, go, python, node, ruby)
- You have experience with Infrastructure-as-code (Terraform, Ansible, etc)
- Has excellent oral and written communication skills
- Is interested in understanding and scaling complex systems
- Is interested in monitoring and self healing systems
- Is highly organized with a flexible, can-do attitude and a willingness/aptitude for learning
- Improves the team with code reviews, technical discussions and documentation
- Is able to work collaboratively in teams and develop meaningful relationships to achieve common goals
It's a plus if
- You have experience with API-gateways or service meshes (Kong, Istio, etc)
- You are passionate about data science and education
What's in it for you:
In addition to joining a creative and international start-up, as a permanent employee you’ll enjoy:
- A very competitive salary
- An exciting job that will offer you technical challenges every day
- Flexible working hours
- International company retreats
- Conference and hardware budget
- Working with a great team (everyone says this, but we’re serious—we’re pretty great)
DataCamp is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.