About this role
What You’ll Do
- Drive vulnerability management and compliance (SOC 2, ISO, NIST)
- Secure and automate our CI/CD pipelines and Infrastructure-as-Code (Pulumi, Helm, Python, etc.)
- Protect our AWS cloud and containerized environments (Docker/Kubernetes)
- Monitor systems, respond to threats, and lead incident resolution
- Partner with developers to integrate AppSec (SAST/DAST, dependency scanning) into workflows
- Mentor peers and foster a culture of security awareness
What We’re Looking For
- 3+ years in security engineering, cloud, or DevSecOps
- Strong AWS experience (Azure/GCP a plus)
- Knowledge of IaC, CI/CD, and cloud-native security tools
- Familiarity with SIEM, EDR/XDR, WAFs, and OWASP Top 10
- Excellent communicator who thrives in cross-functional teams
- US-based (or eligible to work in the U.S.)
**Bonus:** Experience with Wiz, NopSec, Kubernetes security, or security certifications (CISSP, AWS Security Specialty, etc.).
Why Join Black Book
- Competitive pay + 401(k) match
- Comprehensive health, dental, vision, life, and disability insurance
- Generous PTO, parental leave, and wellness reimbursement
- Hybrid flexibility + inclusive, growth-focused culture
- Backed by Hearst: stability with startup-like agility
Apply now and help secure the future of automotive data.