Lead Infrastructure Security Engineer

Full Time
10 months ago

About Us:

DataCamp is on a mission to make the world data fluent by building the future of data education. We help both businesses and individuals to up-skill, re-skill, and transition from learning to doing data science through our training, certification and collaboration tools.

Today we have 400+ interactive courses, 270+ expert instructors, 90+ real-life projects and we consistently upgrade our learning products and services to continuously deliver value to consumer, teams and enterprise customers.

Since our launch in 2013, more than 11 million learners around the world have completed hundreds of millions of DataCamp content items. More than 3,500 businesses and government entities worldwide use DataCamp to make their teams and organisations data fluent. 

Funded by Spectrum Equity, Accomplice and Arthur Ventures, our ambition is to grow to $100M ARR in the next few years. Headquartered in NY, we have offices in London and Leuven with about 200 colleagues working together out of our major hubs or remotely.

About the role

DataCamp's infrastructure squad, which is part of the Platform Engineering department, is a T-shaped cross functional team that looks after CI/CD pipelines, cloud infrastructure (deployed on AWS and GCP), security feedback cycles and security detection, logging and monitoring. The team helps advise our production engineering teams on infrastructure and security best practices on all DataCamp projects and looks after the whole DataCamp Platform to ensure commercial availability for our customers.

To facilitate this we have a highly automated CI/CD pipeline based on CircleCI and Spotify Backstage (internal engineering portal) which allows developers to ship what they build, increasing deployment speed and ownership and visibility. The infrastructure squad aims to enhance developer productivity, scalability, availability, testing and security by providing feedback cycles for teams so they follow a model of continuous improvement. 

It will be your role as lead security infrastructure engineer within the Infrastructure squad to be our security specialist. This will involve owning and developing and implementing the application and infrastructure security roadmap for our DataCamp platform and liaising with our compliance infosec team on bug bounty findings. This will involve maximizing our security budget on tooling to guard DataCamp against security threats and enable teams to allow the detection, prevention and remediation policies to be built into product teams continuous feedback loops that ensure we improve our security posture and adhere to audit requirements. You will also be contributing to infrastructure projects to support the business objectives but will lead at least one security specific OKR per quarter that is focused on improving our DataCamp security posture.

The team has a strong bias towards providing self-serve and automation for deployment/infrastructure provisioning as well as cost control. The infrastructure team aims to support other teams using these services rather than being a central bottleneck in the company. You will play a key part in planning future improvements and owning your day to day work.

All DataCamp Platform workloads are deployed on EKS (Kubernetes) and our Istio service mesh by the self-service deployment pipelines. All infrastructure is provisioned using Terraform. The infrastructure team also manages the Kong API Gateway allowing external ingress traffic into the DataCamp Platform. The DataCamp Data Platform is deployed on Big Query and airflow manages our data pipeline jobs.

In terms of security tooling we utilize JFrog x-ray for container security scanning, AWS inspector for account security scanning and NoName security for network and OWASP top 10 detection at an application level as well as network security. 

The ideal candidate

  • Has 3+ years experience of application security (AppSec) and web application security principles as the OWASP top 10
  • Has 3+ years experience with DAST (Dynamic Application Security Testing) and SAST (Static Application Security Testing) security tools and how to implement them to secure web applications hosted in the cloud
  • Has 3+ years of administering/maintaining infrastructure related tools (AWS, Docker, K8s)
  • Has 3+ years experience advising on/implementing deployment pipelines (CI/CD)
  • Experience in participating and advising on ISO 27001 compliance and security controls needed to pass audits.
  • Has the ability to code in a programming language such as (javascript, go, python, node, ruby)
  • You have experience with Infrastructure-as-code (Terraform, Ansible, etc)
  • Has excellent oral and written communication skills
  • Is interested in understanding and scaling complex systems
  • Is interested in monitoring and self healing systems
  • Is highly organized with a flexible, can-do attitude and a willingness/aptitude for learning
  • Improves the team with code reviews, technical discussions and documentation
  • Is able to work collaboratively in teams and develop meaningful relationships to achieve common goals

It's a plus if

  • You have experience with API-gateways or service meshes (Kong, Istio, etc)
  • You are passionate about data science and education

What's in it for you:

In addition to joining a creative and international start-up, as a permanent employee you’ll enjoy:

  • A very competitive salary
  • An exciting job that will offer you technical challenges every day
  • Flexible working hours
  • International company retreats 
  • Conference and hardware budget
  • Working with a great team (everyone says this, but we’re serious—we’re pretty great)

DataCamp is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.