Security Program Engineer at Oneleet (S22)
$80K - $140K  •  0.01% - 0.05%
YC's most popular security compliance platform (SOC 2, ISO 27001, HIPAA, GDPR)
US / Remote (US)
Full-time
3+ years
About Oneleet

Oneleet is a Y Combinator-funded cybersecurity startup that aims to make effective cybersecurity easy and painless for companies. The company provides a full-coverage cybersecurity platform through which companies can build, manage, and monitor their cybersecurity management program.

The core product is a roadmap for companies that helps them become secure and build trust with their partners, which requires the implementation of numerous solutions like penetration testing, vulnerability assessments, awareness training, static code scanning, endpoint monitoring, and more.

About the role
Skills: Kubernetes, PowerShell, Cryptography, Google Cloud, Information Security, Software Security, Bash/Shell, Microsoft Azure, Amazon Web Services (AWS)

About Oneleet:

Oneleet is a cybersecurity startup with a mission to revolutionize the industry. It aims to make effective cybersecurity easy and painless for companies by providing a comprehensive platform that helps companies build, manage, and monitor their cybersecurity management program.

Oneleet is backed by top-tier venture capital firms including Y Combinator, and is part of their S22 cohort. The founding team has over 10 years of penetration testing and cybersecurity experience.

Be a part of our team of opinionated rebels and help us create a category-defining company on a mission to reshape the broken and fragmented cybersecurity industry.

Who we’re looking for:

At Oneleet we value individuals who are passionate and motivated to make a large impact in the cybersecurity ecosystem. We are looking for rebels with a growth mindset who love to take ownership, who exhibit excellent communication skills, and who have a "can-do" attitude towards technical challenges and innovation.

A rebel’s mindset — we’re frustrated with the state of the cybersecurity industry, and believe that a rebel mindset is key to changing it. Opinionated (but not obstinate) — we believe that having an opinion is better than having no opinion, and helps us move quicker.

The Security Program Engineer is part engineer & part account manager. You will work with our customers from the start to asses their current security/compliance framework, provide guidance and recommendations for improvements, and work with clients to implement recommendations. You're passionate about security, and enjoy sharing your knowledge with not only our customers but your colleagues.

Key Responsibilities

  • Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives.
  • Provide guidance and recommendations for improving client security posture
  • Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs.
  • Collaborate with clients to customize and refine the security program to match their specific use cases.
  • Communicate with clients and stakeholders to ensure smooth and efficient security program creation
  • Liaise with auditors to ensure clients' security programs align with auditors' expectations
  • Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more.
  • Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs.
  • Be highly technical, learn new technologies quickly, and translate security concepts into implementations.
  • Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations.

Requirements

  • 3+ years in an information security engineering role
  • Broad knowledge of security best practices, frameworks, control types, and relevant technologies.
  • Ability to understand client infrastructure and map security controls to meet compliance goals.
  • Strong analytical skills to evaluate environments and determine appropriate safeguards.
  • Excellent verbal and written communication skills.
  • Self-driven with the ability to work independently and move fast in a startup environment.
  • Willingness to go the extra mile to meet tight deadlines and deliver results.

Why Oneleet

At Oneleet, you'll join a tight-knit crew of cybersecurity rebels on a mission to reshape the industry. We move fast, take ownership, and aren't afraid to disrupt stagnant business models to make security effortless for companies.

Our "work hard, play hard" culture means we hold ourselves to high standards, then celebrate wins. Our leading-edge tech stack keeps things exciting for any geek. And our experienced team ensures you're always sharpening your skills.

Bottom line, you'll have a blast doing deeply meaningful work. Expect hard problems, lots of autonomy, and plenty of growth. If you want your work to drive real change, this is the place to make your impact.

Oh, and we offer all the usual startup perks too - competitive comp, equity, plenty of PTO, flexible remote work, quarterly off sites to cool places (most recent one was in Amsterdam). But our mission is what really sets us apart.

So if you're a passionate cybersecurity rebel ready to reshape the future, join our crew today!

Technology

We use Go and Prisma/Postgres on the backend and Typescript with React on the frontend. For task orchestration we use Temporal. Our applications are hosted on GCP using K8s.

Other jobs at Oneleet

fulltimeUS / Remote (US)Devops$80K - $140K0.01% - 0.05%3+ years

fulltimeUS / Remote (US)Full stack$80K - $120K0.01% - 0.05%3+ years

fulltimeRemote (US)$50K - $65K1+ years

fulltimeUS / Remote (US)Backend$100K - $140K0.01% - 0.05%6+ years

fulltimeUS / Remote (US)$100K - $150K0.01% - 0.05%3+ years

Hundreds of YC startups are hiring on Work at a Startup.

Sign up to see more ›