Security Operations Engineer at Toptal
We created Toptal to solve an extremely difficult, real-world problem: the talent shortage.
Learn more about us and how to join our core team today.

Job Description

About Toptal

Toptal is a global network of top talent in business, design, and technology that enables companies to scale their teams, on-demand. With $200+ million in annual revenue and over 40% year-over-year growth, Toptal is the largest fully distributed workforce in the world.

We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun (see this video from The Huffington Post). We see no borders, move at a fast pace, and are never afraid to break the mold.

Position Description

As a SecOps Engineer at Toptal, you will work with Development, IT Operations, and Infrastructure teams to provide the tools, environment, and guidance for building high-quality secure applications. You will contribute to software design and implementation decisions. You will build libraries and utilities to help developers keep software secure. You will conduct assessments, automate operational workflows, and hold security training.

This is a remote position that can be done from anywhere. All communication and resumes must be submitted in English.

Responsibilities:

  • Run secure code assessments and advise developers on remediation.
  • Maintain static and dynamic security analysis tools and integrate them into the CI pipeline.
  • Provide timely and adequate information about the current state of Toptal security.
  • Develop corporate security practices, policies, and standards.
  • Respond to any ongoing or completed incidents, help teams to find the root cause, and set possible action points.
  • Contribute to application designs and solutions and assist with code reviews.
  • Educate staff on personal, corporative, architecture, and development security.

In the first week you will:

  • Onboard and integrate into Toptal.
  • Rapidly begin learning about Toptal’s history, culture, and vision.

In the first month you will:

  • Get familiar with the tools we use to assess and improve the security of our applications.
  • Complete necessary training.
  • Deliver your first tickets through to completion.
  • Begin collaborating with other teams.

In the first three months you will:

  • Track the latest vulnerabilities in used frameworks and technologies and communicate to developers on how to mitigate them.
  • Improve the security audit of our applications (integrate new security tools, scale current solutions to more projects, create dashboards with metrics, and set up automated notifications for our teams).
  • Work on achieving team OKRs.

In the first six months you will:

  • Take part in making design/implementation decisions.
  • Investigate security events and carry-on follow-up actions.
  • Suggest and implement improvements for our processes and tools.
  • Hold security awareness & education sessions and develop appropriate materials for the whole company.

In the first year you will:

  • Assist in preparation for certification against one of the modern security standards (ISO 27001, SOC1 or other).

Requirements:

  • 3+ years’ experience with application security.
  • Experience in application development with at least 1 modern programming language.
  • Experience with CI/CD tools like Docker and Jenkins, as well as cloud platforms (preferably GCP).
  • Knowledge of OWASP methodology and web and mobile vulnerabilities.
  • Be familiar with SAST and DAST tools like BurpSuite, OWASP ZAP, NMap, Metasploit, Kali Linux, etc.
  • Ability to solve complex problems by considering multiple solutions, weighing them, and deciding on the best course of action.
  • Be genuinely interested in technology and love to try new things.
  • Be open to receiving constructive feedback.
  • You must be a world-class individual contributor to thrive at Toptal. You will not be here just to tell other people what to do.
For Toptal Use Only: #individualcontributorSA #individualcontributorEurope
← View all open positions

Required skills

Location

GMT+3 to GMT-3

Commitment

Full Time

Think you’re a fit? Apply below:

Upload a resume
Browse
Our team reviews every candidate, and you will be contacted to interview if we feel you are a great fit.
Thank you for applying to Toptal.
We will review your application and get in touch if you seem to be a fit for the role. In the meantime, explore some of our blog articles below.
trending insights articles
How to Build Culture in Remote Teams
How to Build Culture in Remote Teams
How can you build a healthy culture when your employees are far away? Mark Bosma, VP of Sales at Toptal, explores the cultural best practices that helped Toptal grow to hundreds of team members and nine-figure annual revenue—all in a 100% remote organization.
Why Top Professionals Prefer Agile Work
Why Top Professionals Prefer Agile Work
As the demand for greater flexibility and variety in the workplace continues to rise, explore why top tier professionals are turning to agile work to advance their knowledge, expertise, and careers.
How To Lead Remote Product Teams
How To Lead Remote Product Teams
Product management plays a pivotal role in modern technology and internet companies, but the prospect of doing so remotely is likely daunting to many practitioners. Kleanthis Georgaris, Toptal’s VP of Product provides strategies for adapting to the remote environment to drive product success.