Carta

Carta is building the network graph of asset ownership. We help 15k+ privately held companies and a growing number of public companies track who owns what. We're a series F company ($3+ billion valuation) and offer very competitive benefits packages (equity, free lunch, 401K, fully subsidized personal healthcare, transportation and cell phone allowances, etc). Carta has over 800 employees world-wide. The Security team is looking for senior application security and cloud security engineers who will continue to make security a habit at Carta: using security controls around infrastructure as code and building the paved path for teams to take via automation. Regardless of which position you have experience in, you will have the chance to learn multiple areas of security. Required: Minimum 4+ years professional security experience. Application security engineers should be able to speak to vulnerabilities and how best to remediate them. Cloud security engineers should be able to confidently talk about infrastructure security controls relating to Docker, Kubernetes, OPA, Linux, and cloud infrastructure and networking (AWS is preferred). Experience writing code to support automation in languages similar to Python. Nice-to-have: Application Security Experience with Django, serverless, and static analysis tools such as semgrep. Infrastructure Security Experience with Terraform, OPA, and securing difficult networking situations. We're open to a higher level Staff Position as well! Drop a note to garrett.held+jan21 [at] carta [dot] com for more info.