Hello. We are ShipHero (https://shiphero.com). We have built a software platform trusted by hundreds of ecommerce companies large and small to run their operations. Many of our customers sell on Shopify and/or Amazon. We’re driven to help our customers grow their businesses by providing a platform that solves complex problems and is engineered to be reliable and fast. We strive to build great technology that is beautiful and easy to use. Our culture also reflects our ethos and belief that by bringing empathetic, talented, and great people together - you can do great things.Our team is remote, with most of our engineers currently either in New York or Argentina. We do team meetings through Google Hangouts and communicate regularly using video chat and Slack.About YouYou are passionate about technology and security, have formed your own opinions about which technologies are better suited to different problems and why they are better, but remain flexible and open to alternative technologies and approaches. You recognize that effective security requires a nuanced approach to balancing security, business needs and human factors. You flourish within fresh ideas and are comfortable in a dynamic, changing environment.The RoleWe are looking for an engineer that can help us define policies and strategize how to protect the different systems run in the cloud (AWS). This role is a hands on role. We want somebody that has no problem getting their hands dirty checking/patching vulnerabilities but also someone that can do the more mundane auditing/documenting work from time to time. You would be the first hire focused solely on securing our systems but will work with a great team of smart engineers that enjoy tough challenges and collaboration.RequirementsHave experience working in fast paced fully remote startup environment.Team player and strong collaboratorIncident detection and response.Python development experience AND/OR DevOps (AWS) experience.Performs Vulnerability audits and compliance at the application layer and server layer.Good written and oral communicator.Been involved in getting organizations to comply with security standards.Preferred: Blue team experience but not required.Bonus: Knowledge of OWASP best practices.The Perks$2.500 so you can buy any equipment you need to be happy at your job.20 days paid vacation + New Year & Christmas.We will pay for courses & conferences: if you learn we all learn.Conference days don't count against your vacation days; we want you to stay up-to-date.