🛠 Tech Stack

💼 About This Role

You'll be the first dedicated security generalist at Promise, a GovTech company building modern payment and benefits platforms for government agencies. You'll set strategic direction and ship concrete improvements across our security surface area. You'll partner with engineering to enable innovation while maintaining a high security standard and building a strong security culture.

🎯 What You'll Do

• Build and run Python-based detection rules
• Secure GCP cloud networking and Kubernetes
• Strengthen application security (Next.js, dependencies)
• Own vulnerability management end-to-end

📋 Requirements

• 5–8 years of experience with security focus
• Strong understanding of cloud security and networking (GCP preferred)
• Comfortable reading code and shipping fixes; Python scripting preferred
• Experience operating security tooling (EDR, MDM, CSPM)

✨ Nice to Have

• WAFs / web app security controls
• Threat modeling experience
• Deep Kubernetes hardening/runtime experience

🎁 Benefits & Perks

• 🏥 100% paid health coverage
• 🏖️ Generous PTO and sick leave
• 🍱 Lunch, snacks, and coffee provided
• 🏢 Company retreats