Engineer, SecOps

Описание вакансии

As a SecOps Engineer, you will be working on our core infrastructure and will be responsible for integrating, maintaining and improving our application security practices within our  infrastructure and applications.  You should demonstrate mastery of the principles of security, networking and data assurance, and be comfortable delivering improvements and implementing tools with light supervision from a lead engineer.  You will be responsible for the overall security posture of our cloud and application platform including security, resilience, observability and operations. We are looking for self-motivated team members who crave a challenge and feel excited about rolling up their sleeves to realize our potential.  This is an infrastructure position so you must have a firm understanding of complex architectures on public cloud services. Bay-area based candidates would work 2-3 days/week in office at our Morgan Hill, CA office for collaboration.

What you will do:

• Design, implement, and maintain security tools and processes for the platform that provide the foundation for a world class level of security with our products and services
• Drive security workflow automation, deploy/tune EDR tools, manage security log ingestion, and build custom dashboards for visibility.
• Analyze and solve security problems, providing mitigations and root cause analyses
• Must be able to operate in a fast-moving environment with the ability to adapt to changing priorities and requirements
• Proactive threat management, analyze security alerts, perform prioritization with evidence, and manage incident remediation
• Must be able to monitor and handle emerging escalations and work in an on-call rotation with other engineers
• Be a driving force for incident response and blameless post mortem reporting
• Ensure compliance with security policies, industry regulations (e.g., SOC 2, PCI, etc), and manage IAM roles

We are looking for people who have:

• Minimum of 3-5+ years in a SOC, security operations, or IT operations role with production-grade in Google Cloud Platform
• Networking knowledge (DNS, firewall/security groups, VPN, subnets, CIDR)
• Experience with SIEM platforms (Splunk, Sentinel, Rapid7, etc), and cloud security and infrastructure as code tools including Terraform, ArgoCD,, etc
• Strong scripting experience with bash, yaml, Typescript, GO, etc
• Experience with tools such as EDR, WAF, IDS/IPS, Pentests (e.g. Cobalt), etc
• Extensive experience with Docker and Kubernetes clusters
• Experience with Claude, Cursor, Git and GitHub
• Experience with DevSecOps (SOC2, PCI and/or ISO 27001 certification a plus)
• Knowledge of best practices related to security, resilience and disaster recovery
• Familiarity with Monitoring, Observability and Alerting tools (Prometheus/Grafana, Pager Duty, OpenTelemetry, etc)
• Strong documentation and compliance management skills - increasing awareness of all things security for the organization
• Bachelor's degree in Computer Science or similar field or equivalent

In the United States, the range is typically a salary of $135,000 to $175,000 + bonus + equity + benefits. The range provided is Shopmonkey’s reasonable estimate of the base compensation for this role. The actual amount will be based on job-related and non-discriminatory factors such as location, experience, training, skills, and abilities. Consult with your Recruiter during the initial call to determine a more targeted range based on these job-related factors. In addition to this base compensation company stock options and benefits as outlined below are included.

Why Shopmonkey?

Shopmonkey has become an amazing environment where employees feel that they are valued as people, and not just worker bees. To ensure that our team thrives, we invest in the following perks (benefits below are mainly for U.S. based, full-time employees). Other benefits vary upon location outside of the United States, and employment status:

💪🏼 Health & Wellness

• Medical, dental, vision, and life insurance benefits available the 1st of the month following hire date
• Short term and long term disability
• Employee assistance program
• Reimbursement for a personal health and wellness membership
• Generous parental leave
• 401(k) available upon hire

✈️ Time Off

• 11 paid holidays
• Flexible time off - take the time off you need!

🥰 Giving Back

• Matching donations for approved charitable organizations
• Group volunteer efforts

Check out our founder’s story, life page, or hear from real employees about what it’s like to work at Shopmonkey.

Join our team of hungry, humble, smart people who love what they do, and change the auto industry by helping every shop thrive.

About the Industry

The U.S. is the second largest passenger vehicle market with more than 260 million registered passenger vehicles, and the global car repair market is estimated to be worth more than $500B. Shopmonkey aims to change the status quo and enable auto shops to become more efficient and give their customers a more delightful experience.

About Shopmonkey

Shopmonkey is the leading auto-repair shop software company; it is a cloud-based solution that helps auto-repair shops consolidate tools, save time, and streamline their entire operation onto a simple, easy-to-use platform.

Headquartered in Silicon Valley and trusted by more than 3,500+ auto shops across the U.S. and Canada, Shopmonkey aims to change the status quo of the car repair market, estimated to be worth more than $500B.

In 2021 Shopmonkey raised a $75 million Series C, supported by top-tier Silicon Valley venture capital firms Bessemer Venture Partners, Index Ventures, Headline, I2BF, and ICONIQ Growth.

In 2022, Shopmonkey was named #4 on Forbes' annual ranking of America's Best Startup Employers list (and #1 in Business Products & Software Services). Shopmonkey was once again named as one of America's Best Startup Employers by Forbes in 2023,2024, and 2026! 

Shopmonkey is committed to building a diverse and inclusive team. We are looking for team members from all backgrounds that are committed to the Shopmonkey mission.

Shopmonkey provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Shopmonkey is committed to the full inclusion of all qualified individuals. In keeping with our our commitment, Shopmonkey will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact our Talent Team at hiring@shopmonkey.io. 

Please note: Shopmonkey will never request sensitive information such as your social security number, bank account information, or other non-publicly available information during the application and interview process. If an applicant is extended an offer of employment, such sensitive information will be requested at that time. Shopmonkey will never ask you to receive and ship packages or goods as part of the interview. Other practices to be on alert for:

• Contact initiated via unsolicited text message or cold call. Shopmonkey does not follow up with candidates through instant messaging applications.
• Our Talent Acquisition team only corresponds from email addresses with the domain ‘@Shopmonkey.io’. If a generic email ID ending with Gmail/Yahoo or other domain is used while receiving a job offer or interview call, there is a likelihood of a scammer.
• While some of our jobs can be found on third party job sites, all of our current job opportunities and descriptions are posted on Shopmonkey’s Careers page, or our official LinkedIn Company Page

The U.S. Federal Trade Commission has published helpful articles to help individuals learn more about protecting themselves from recruiting scams and financial fraud. If you believe you were a victim of such a scam, you may contact your local law enforcement agencies. Shopmonkey is not responsible for any claims, liability, losses, damages, or expenses resulting from scammers or impersonators.