At Cube Dev, we are building the API layer for data apps.
We are focused on developer success, bottom-up adoption, and open source. Cube.js, our flagship open-source product, has 12,000 stars on GitHub and 4,000 developers in the community Slack. Cube.js is used by companies ranging from Apple, Intel, and Walmart to fast-growing Silicon Valley startups.
Currently, we are a 30-person remote-first team distributed over the US, UK, and Europe with an HQ in San Francisco. Having raised our Series A in July 2021, we’re funded by top-tier Silicon Valley venture funds that have previously invested in Redis, Hazelcast, Gradle, and other infrastructure software startups.
Some of the problems you’ll be working on
- Proactively improving Cube Cloud security. Cube Cloud provides a platform as a service infrastructure to deploy Cube applications in production capacity at scale. It’s a complex software system spanning multiple clouds (AWS, GCP, Azure), as well as on-prem deployments. In this role you’ll own the security side of the system, and will eventually start and run the security team at Cube.
- Implementing necessary product changes to improve security It’s a hands on role and you’re expected to be able to implement some of the security fixes by yourself and/or coordinate the effors with the rest of the Cube Cloud team.
- Responding to security reports. You will monitor and respond to reports coming via security@cube.dev, bug bounty program, responsive disclosure program or through other channels.
- Ensuring Cube Cloud complies with highest security standards. You will arrange external audits and pen-tests to ensure Cube Cloud complies with various security standards in the industry.
Requirements
- Ability to write code in JavaScript, Python, PHP, or similar
- Strong knowledge of Kubernetes
- Past experience in a security-related role
- Strong knowledge of information security fundamentals
- Experience using security scanners such as Qualys, Nessus, etc.
- Understanding of major cloud environments (AWS, GCP, Azure)
- Good communication skills
- Fluent English
Bonus points
- Participation in security contests
- Experience writing code in Rust
- Understanding of the BI space