Company:
BusPatrol
Location: Lorton
Closing Date: 19/10/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description
Overview:
Location: Remote (must be based in the US or Canada)
Travel: Less than 5%
Manages Others: No
Education: BS in Computer Science or equivalent experience
Experience: Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
THE OPPORTUNITY:
Reporting to the Cloud Infrastructure Manager, the successful candidate will be instrumental in ensuring secure coding guidelines and best practices are in place. The position will require a strong knowledge of DevOps principles and an ability to apply security technologies and best practices in an ever-changing and fluid environment. This is an opportunity to develop and grow a career within cybersecurity in an engaging and rapidly expanding industry.
Responsibilities:
Develop, maintain, and socialize secure coding guidelines and best practices
Work with developers to assist in designing and architecting secure systems
Develop general techniques and frameworks that will enable other engineering teams to find flaws before they are introduced into production
Be a security subject matter expert and respond to any internal security engineering questions/requests
Work with other teams to help architect solutions that are inherently secure
Correctly balance security risk and product advancement
Perform threat modeling for existing applications
Perform reactive incident response when a security event occurs
Perform proactive research to detect new attack vectors
Collaborate with infrastructure and application teams to advance their ability to take ownership of and implement secure coding techniques and follow the OWASP best practices
Monitor the enterprise for signs of unexpected activity, and research, architect, and execute solutions that will advance internal security monitoring & controls
Support design and maintenance of the cloud security environments, with a strong focus on AWS
Qualifications:
3-5 years of systems administration, DevOps or development background using multiple tools, techniques, and platform technologies
Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
Proficiency in at least one scripting or programming language (Python, Ruby or JavaScript preferred)
Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g. GitHub Actions, SAST, DAST, SCA)
Experience with Infrastructure-as-Code (IaC) tools and concepts (e.g. Terraform, CDK, CloudFormation)
Ability to work independently and collaboratively, and set your own goals
Excellent analytical skills: able to break down complex, multi-faceted problems into actionable steps without over-simplification
Ability to communicate security-related concepts to a broad range of technical and non-technical staff in an articulate manner
Understanding of frameworks such as OWASP Top 10 and OWASP Application Security Verification Standard
Nice to have:
Experience with AWS SSO/Identity Center and external Identity Providers like Azure AD (preferred), Okta, Auth0
AWS Serverless Computing experience (Lambda, Step Functions, ECS Fargate)
IoT and embedded security experience
OSCP, GWAPT or other relevant security certification
Familiarity with SOC 2 or other compliance frameworks
BusPatrol Value Proposition:
WHO WE ARE
BusPatrol is a technology company with a public safety mission. Through relentless innovation and discovery, we are strengthening trust, safety, and transparency across the student transportation space and making the trip to and from school safer for students. As a leader in smart transportation, BusPatrol brings cutting-edge AI, machine learning and IoT safety tech solutions to school buses across North America. BusPatrol’s technology has been deployed onto more buses and has been used to issue more school bus stop arm citations than any other company in the world.
WHAT WE OFFER
BusPatrol employees get:
A competitive salary and benefits package
Comprehensive personal time off, including volunteering and birthday days off
An opportunity to help build a company dedicated to children’s safety
The chance to join an innovative and dedicated team, focused on leading edge technology
The occasion to participate in BusPatrol’s culture of safety, learning, and teamwork
BusPatrol’s school bus safety programs are violator-funded, meaning that those who break the law pay for the technology that protects children. We build solid partnerships in the communities in which we operate which, coupled with our innovative business model, leads to sustainable efforts to change driver behaviors.
HOW WE WORK
On our mission to make the journey to and from school safer for children, the way we work together and with our partners is built on foundational cultural pillars.
SAFETY
Safety is our focus, for the children we protect and for each other. We follow the letter and spirit of occupational safety law, relentlessly employ safety best practices, and foster learning and development on our worksites. We are safe to be ourselves and to make mistakes, and we create safe environments for our teams.
CONNECTION
We build strong relationships and teams in support of our mission. We promote and provide opportunities for employees to grow together.
EXCELLENCE
We commit to innovation and quality work in support of our mission and each other. The children we safeguard are at the forefront of our decisions and actions and we excel on their behalf.
IMPACT
We measure success by fulfilling our mission and keeping the company strong. We invest our time and energy in the actions that deliver results for students and for their communities.
We are looking for a valued member of the BusPatrol team to assist us in our quest to improve children’s safety. This is an important role for us and a great opportunity for the right candidate. Our environment is inclusive, diverse, ignited, built on integrity, and deeply committed.
The US salary range for this position is provided in this posting. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your Talent Partner can share more about the specific salary range for your preferred location and skill level during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, and/or commission (if applicable) or benefits.
EOE/AA Disability-Veteran
Location: Remote (must be based in the US or Canada)
Travel: Less than 5%
Manages Others: No
Education: BS in Computer Science or equivalent experience
Experience: Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
THE OPPORTUNITY:
Reporting to the Cloud Infrastructure Manager, the successful candidate will be instrumental in ensuring secure coding guidelines and best practices are in place. The position will require a strong knowledge of DevOps principles and an ability to apply security technologies and best practices in an ever-changing and fluid environment. This is an opportunity to develop and grow a career within cybersecurity in an engaging and rapidly expanding industry.
Responsibilities:
Develop, maintain, and socialize secure coding guidelines and best practices
Work with developers to assist in designing and architecting secure systems
Develop general techniques and frameworks that will enable other engineering teams to find flaws before they are introduced into production
Be a security subject matter expert and respond to any internal security engineering questions/requests
Work with other teams to help architect solutions that are inherently secure
Correctly balance security risk and product advancement
Perform threat modeling for existing applications
Perform reactive incident response when a security event occurs
Perform proactive research to detect new attack vectors
Collaborate with infrastructure and application teams to advance their ability to take ownership of and implement secure coding techniques and follow the OWASP best practices
Monitor the enterprise for signs of unexpected activity, and research, architect, and execute solutions that will advance internal security monitoring & controls
Support design and maintenance of the cloud security environments, with a strong focus on AWS
Qualifications:
3-5 years of systems administration, DevOps or development background using multiple tools, techniques, and platform technologies
Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
Proficiency in at least one scripting or programming language (Python, Ruby or JavaScript preferred)
Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g. GitHub Actions, SAST, DAST, SCA)
Experience with Infrastructure-as-Code (IaC) tools and concepts (e.g. Terraform, CDK, CloudFormation)
Ability to work independently and collaboratively, and set your own goals
Excellent analytical skills: able to break down complex, multi-faceted problems into actionable steps without over-simplification
Ability to communicate security-related concepts to a broad range of technical and non-technical staff in an articulate manner
Understanding of frameworks such as OWASP Top 10 and OWASP Application Security Verification Standard
Nice to have:
Experience with AWS SSO/Identity Center and external Identity Providers like Azure AD (preferred), Okta, Auth0
AWS Serverless Computing experience (Lambda, Step Functions, ECS Fargate)
IoT and embedded security experience
OSCP, GWAPT or other relevant security certification
Familiarity with SOC 2 or other compliance frameworks
BusPatrol Value Proposition:
WHO WE ARE
BusPatrol is a technology company with a public safety mission. Through relentless innovation and discovery, we are strengthening trust, safety, and transparency across the student transportation space and making the trip to and from school safer for students. As a leader in smart transportation, BusPatrol brings cutting-edge AI, machine learning and IoT safety tech solutions to school buses across North America. BusPatrol’s technology has been deployed onto more buses and has been used to issue more school bus stop arm citations than any other company in the world.
WHAT WE OFFER
BusPatrol employees get:
A competitive salary and benefits package
Comprehensive personal time off, including volunteering and birthday days off
An opportunity to help build a company dedicated to children’s safety
The chance to join an innovative and dedicated team, focused on leading edge technology
The occasion to participate in BusPatrol’s culture of safety, learning, and teamwork
BusPatrol’s school bus safety programs are violator-funded, meaning that those who break the law pay for the technology that protects children. We build solid partnerships in the communities in which we operate which, coupled with our innovative business model, leads to sustainable efforts to change driver behaviors.
HOW WE WORK
On our mission to make the journey to and from school safer for children, the way we work together and with our partners is built on foundational cultural pillars.
SAFETY
Safety is our focus, for the children we protect and for each other. We follow the letter and spirit of occupational safety law, relentlessly employ safety best practices, and foster learning and development on our worksites. We are safe to be ourselves and to make mistakes, and we create safe environments for our teams.
CONNECTION
We build strong relationships and teams in support of our mission. We promote and provide opportunities for employees to grow together.
EXCELLENCE
We commit to innovation and quality work in support of our mission and each other. The children we safeguard are at the forefront of our decisions and actions and we excel on their behalf.
IMPACT
We measure success by fulfilling our mission and keeping the company strong. We invest our time and energy in the actions that deliver results for students and for their communities.
We are looking for a valued member of the BusPatrol team to assist us in our quest to improve children’s safety. This is an important role for us and a great opportunity for the right candidate. Our environment is inclusive, diverse, ignited, built on integrity, and deeply committed.
The US salary range for this position is provided in this posting. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your Talent Partner can share more about the specific salary range for your preferred location and skill level during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, and/or commission (if applicable) or benefits.
EOE/AA Disability-Veteran
Share this job
Useful Links