SecDevOps Engineer, (Staff Level)
*This role can be fully remote or hybrid in our NYC or SF office. *
Who We Are
Aescape exists to help every body feel and live better, longer.
Aescape (pronounced 'escape') is redefining the therapeutic massage and wellness category through intelligent technology that helps people feel and live better, longer.
We bring together innovative research, revolutionary technology, and a holistic approach to physical wellness and recovery, in what will be a groundbreaking solution for the massage industry. We’re proud to share that we recently raised a $30MM Series A round, affirming what we know to be true: we’re truly revolutionizing the massage experience.
Founder and serial entrepreneur Eric Litman (4 prior exits) is joined by an exceptional leadership team sourced from Peloton, Tonal, Amazon, Accenture, Apple, Bird, Meta, and Intuitive Surgical - together they are building this category-defining business. And you have the opportunity to be a part of it!
What You’ll Do
- Take ownership of security tools to build tracking and reporting capabilities, mitigating or eliminating risks.
- Build Threat Models and analyze security weaknesses in infrastructure, pipelines, and tech stack.
- Lead the technical part of SOC 2 compliance, collaborating with Drata for successful compliance.
- Review vulnerability reports, deployments, misconfigurations, and tool findings for SOC 2 compliance.
- Analyze security incidents, identify root causes, and propose improvements or mitigating measures.
- Define and maintain a security reference architecture, providing best practices and design guidance for all major domains.
- Manage projects related to security tasks and work with teams to improve security posture.
- Work with Legal and Audit teams to define technical and regulatory requirements for security tools.
- Provide guidance and training to diverse groups and senior leaders, evangelizing DevSecOps and shift-left philosophy.
What You’ll Bring
- Experience implementing strong security in cloud-native technologies (Kubernetes, APIs, Microservices) using Infrastructure-as-Code and Compliance-as-Code.
- Hands-on experience with vulnerability scanning and data loss prevention tools.
- Experience writing IaC in a DevOps or DevSecOps context in a multi-cloud environment.
- Working knowledge of monitoring and securing cloud services (AWS) and APIs.
- Familiarity with compliance requirements and regulations, including managing audit vendors.
- Knowledge of setting up security incident response centers (SOC).
Why You’ll Love Working Here
- Join a trailblazing tech company anticipated to transform the massage industry
- Making a difference with a product that empowers healthier and happier living
- Team culture driven by passion, ambition, empowerment, inclusion, curiosity, and fun! :)
- We’ll grow together—your personal and professional growth are equally important
- An environment that empowers individuals, emboldens teams, and rewards achievement
- Early stage equity in a company led by serial entrepreneurs with multiple exits
- Medical, vision, and dental insurance for the employee is covered by us
- A 401k program with a 4% company match that vests immediately
- The freedom to schedule paid time off when you need it + 16 weeks parental leave
- Working late? Dinner is on us! :P
- Competitive pay from $180,000 to $220,000 base + target bonus + equity stock options.
At Aescape, we're looking for passionate, driven, curious people who love a challenge. You're encouraged to apply even if your experience doesn't precisely match the job description. Your other skills will shine and set you apart—especially if your career has taken some extraordinary twists and turns. We welcome diverse perspectives and people who aren't afraid to challenge assumptions. Join our team and you’ll see why we say, Try Once, Believe Forever.
Don’t see a role that matches your interests? *Share your resume here and we'll keep an eye out for you! *