Drivetrain

Drivetrain

Drivetrain offers a strategic finance platform designed to streamline financial planning, enhance real-time tracking of actuals, accelerate reporting processes, and support informed decision-making for finance teams in modern businesses.

Capital Markets
11-50
Founded 2021
$15M raised

Description

  • Design, implement, and maintain security controls across AWS/GCP cloud infrastructure, CI/CD pipelines, and internal systems.
  • Lead application security efforts, including threat modeling, secure code review, and SAST/DAST integration into the development lifecycle.
  • Own vulnerability management by triaging findings and driving remediation from scans, pen tests, and bug bounty reports.
  • Monitor for security incidents, respond to events, and build and maintain incident response runbooks.
  • Manage identity and access controls, including SSO, RBAC, and least-privilege enforcement across internal and customer-facing systems.
  • Support customer security questionnaires, audits, and certifications such as SOC 2 and ISO 27001.
  • Partner with engineering teams to embed secure-by-design practices into new features and services.
  • Evaluate and implement security tooling such as secrets management, endpoint protection, and cloud security posture management.
  • Educate the broader team on security best practices and help build a security-first culture.

Requirements

  • 2+ years of experience in security engineering, application security, or a related infrastructure/security role.
  • Strong understanding of cloud security fundamentals, network security, and IAM, especially in AWS or GCP.
  • Experience with secure SDLC practices, including code review, dependency scanning, and CI/CD pipeline security.
  • Familiarity with common frameworks and standards such as OWASP Top 10, SOC 2, ISO 27001, and GDPR.
  • Hands-on scripting and automation skills in Python, Go, or similar languages for internal security tooling.
  • Experience responding to and documenting security incidents.
  • Clear communication skills with the ability to explain security risk to non-security stakeholders.
  • Experience securing a SaaS product handling sensitive financial data is preferred.
  • Prior experience leading a SOC 2 Type II or ISO 27001 audit from the engineering side is preferred.
  • Familiarity with container security tools and practices for Docker/Kubernetes and IaC scanning with Terraform is preferred.
  • Relevant certifications such as OSCP, CISSP, or CCSP are a plus.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Malware Analyst Tech Lead

Nozomi Networks 251-1K Internet Software & Services

Nozomi Networks is seeking a Malware Analysis Tech Lead to lead and grow its security research team focused on reversing malicious samples, developing detections, and producing threat intelligence that protects critical infrastructure worldwide.

Python Wireshark
2 hours, 22 minutes ago

Information System Security Engineer

Accenture 100K+ Professional Services

Accenture Federal Services is hiring a Cloud Information Systems Security Engineer to secure and authorize classified cloud systems for U.S. federal missions.

CI/CD Cybersecurity DevSecOps Encryption Linux Network Security SIEM Splunk
2 hours, 22 minutes ago

Information System Security Engineer

CSCI Consulting 51-250 Professional Services

CSCI Consulting is hiring an Information System Security Engineer to support the Joint Transportation Management System by securing on-premises and cloud environments for mission-critical transportation and logistics operations.

Cybersecurity
2 hours, 37 minutes ago

ServiceNow Integration & Infrastructure Specialist (MID Server, GCP, SSO)

Muller Internet Software & Services

Muller's Solutions is hiring an Integration/Infrastructure Specialist to support ServiceNow enterprise integrations, MID Server operations, and cloud connectivity across security and infrastructure environments.

Active Directory Agile CI/CD DNS GCP JavaScript OpenID Connect PowerShell Python REST API Scrum Shell Scripting
2 hours, 37 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers