What: Security & Compliance Technical Writer<p>Who: You<p>Where: Aptible (YC 14)<p>Location: Anywhere<p>Aptible is looking for an expert in web security, software development, and compliance to help make the Internet safe for sensitive data.<p>Software is eating the world, powered by the Internet. Developer teams are using DevOps to run health care, fintech, banking, payments, IoT, blockchain, AI, and B2B services in the cloud. When these teams are small, they can’t afford to hire full-time for security or compliance. When they scale, the find that existing security and compliance management tools suck.<p>Here’s what we think:<p>- Trust is essential for security.<p>- Compliance with HIPAA, ISO 27001, SOC 2, PCI-DSS, and other frameworks fosters trust, but should be viewed as a starting point.<p>- Good security is more than compliance, and is much harder to achieve.<p>- Complexity is the enemy of good security. Complex systems are harder to understand and reason about, and are inherently less secure.<p>- People are often the weakest point in any system.<p>We build two people-centered security products that help developer teams build security into their architecture and their organization’s culture:<p><i></i>Enclave<i></i> is a container orchestration platform built for developers that automates security best practices and controls needed for deploying and scaling Dockerized apps in regulated industries.<p><i></i>Gridiron<i></i> is like the missing QuickBooks for security management. It helps developers design and run security management programs that meet and exceed requirements like HIPAA, SOC 2, and ISO 27001. Customers use it to build trust with their own customers and partners, and prepare for certifications.<p>IN THIS ROLE YOU WILL:<p>- Help design security control schemas for integrations with AWS, Google Cloud Platform, and many other IaaS and SaaS providers that our customers use every day.<p>- Develop clear, sane, easily understood policies and training content for customers.<p>- Iterate and improve on the core risk API that powers all of Gridiron.
Work closely with designers and engineers to imagine and build new Gridiron features.<p>- Help us distribute our knowledge about security, DevOps, compliance to the software development community, to build trust and spread awareness about Aptible. You will help design and build security guides, courses, webinars, and tools.<p>YOU MIGHT BE A GOOD FIT FOR APTIBLE IF:<p>- You’re excited by what we’re working on!<p>- You prefer to work with a small group of high performers<p>- You are a deliberate communicator, and value good communication<p>- You’re self-directed and comfortable with autonomy and responsibility<p>- You’re ready to work remotely, communicating asynchronously across time zones and cultures<p>- You love learning, and want to grow professionally<p>WHY YOU SHOULD WORK AT APTIBLE:<p>- Making the Internet safe to trust with sensitive data is a good thing!<p>- It’s also pretty fun!<p>- You will learn a lot about security, compliance, DevOps, and SaaS. We work
very closely, collaborating across the company and teaching each other.<p>- You will get to work with customers doing really cool things.<p>- You will feel invested in your work: We are highly internally transparent with
business strategy, successes and failures, and management decisions. You will
have a direct impact on success, and whether we achieve our goals.<p>- You will help us build a business for the long term, investing in a
sustainable business model and building trust with our customers through
transparency and visibility.<p>- We are backed by excellent investors and have the resources we need to do a
great job.<p>- Everyone gets to live in the place that suits them best. We work remotely, and meet up at least twice a year in places like Mexico, San Diego, Brooklyn,
Barcelona, Denver, and Ann Arbor/Detroit. Next up: Paris? Iceland?<p>- A+ benefits<p>- Mandatory vacation<p>Apply here: https://jobs.lever.co/aptible/79273b7a-995a-4021-a92d-8c8509fed1a3/apply?lever-source=HackerNews