Listing Description

Yalo

Hi! This is Yalo! We are on a mission to bring conversational commerce to the world...

Remember how it used to be to interact with businesses that knew and understood you, that could recommend exactly what you needed, and that with a simple message could get you what you wanted??? Yep... neither do we. That is why at Yalo we are marrying the scale of digital commerce with the personalization and simplicity of conversations to help companies delight their users.

We know that traditional SAAS companies focus on first world problems... we don't! Having started in Latin America, our roots are in Emerging Markets and therefore we care about bringing amazing experiences to a population that traditionally has been underserved, such as the small shop owner in Brazil that is ordering online for the first time.

If you're looking for a place to make shit happen, learn fast, and impact emerging markets in a way that hasn't been done before, look no further. 💫

Come join us in our mission of improving billions of lives through the power of conversational commerce!

Security Team

As a Staff Platform Security Engineer you will help build a culture of continuous improvement, raising awareness and understanding of important security practices and considerations throughout Yalo.  

What are the activities of a Staff Security Engineer?

• Lead technical security requirements for Yalo’s production cloud infrastructure.


• Lead threat modeling to define an approach to operationalizing and automating security throughout the system and software development lifecycle.


• Develop and implement runtime security measures for container environments.


• Define hardening and continuous assessment criteria for Yalo’s infrastructure stack. 


• Design security tooling to identify system/software vulnerabilities and common misconfigurations. 


• Assist the team in developing a library of automated checks and integrations to inspect machine and container image configurations, IAM and Storage policies, Firewall configurations etc.


• Support internal and third-party security penetration testing as Platform Security SME. 


• Participate in the Security team on-call rotation. 

Experience you need to perform this role:

• 8+ years of experience as a security engineer or a mix of security engineering, software development and operations in a lead or staff role. 


• Bachelor’s degree in Computer Science, Information Systems or related field or equivalent work experience. 


• Deep expertise in Cloud Computing, Linux and network security. (experience with Kubernetes is a plus)


• Strong knowledge of networking and internet protocols (TCP/IP, DNS, SMTP, HTTP etc.)


• Strong knowledge of secure authentication protocols (OAuth, SAML 2.0) and cryptographic key management.


• Scripting & Programming experience required (Python, bash, Java, GO)


• Strong experience with security tools and services within AWS and GCP.


• The following certifications are desirable but not required: Google cloud security professional, AWS cloud security practitioner, CISSP.


• Deep understanding of Security in the Software Development Life Cycle.


• Familiar with security frameworks and standards. (SOC2, ISO27001, NIST CSF)

What soft skills matter to us?

• Excellent time-management skills


• Team player


• Critical thinker and problem-solving skills


• Sense of ownership and pride in your performance and its impact on the company’s success.


• Interpersonal and communication skills.

• Unlimited PTO policy


• Competitive rewards on the market range


• Remote working (-+3 hours CT)


• Flexible time (driven by results)


• Friday Off once a month


• No Meetings Wednesday


• Start-up environment


• International teamwork


• You and nothing else limit your career herec

We care,

We keep it simple,

We make it happen

#LI-Remote