Infrastructure Security Engineer

Posted:
11/25/2024, 3:26:37 AM

Location(s):
Lisbon, Portugal

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
DevOps & Infrastructure ⋅ IT & Security ⋅ Software Engineering

Pay:
$64/hr or $133,120 total comp

Gorgias empowers ecommerce brands to grow through AI-powered customer experience. We are the #1 CX platform in the industry, trusted by over 15,000 merchants worldwide – from small independent shops to some of the largest ecommerce brands in the world.

We offer the most integrations of any tool on Shopify (100+) and the ability to get setup fast, without the need for complex onboarding. Gorgias offers its users a unified platform to manage every aspect of their customer support on every channel.

We can automate 60% of a brand’s support so that agents can focus on high-value conversations and driving sales. Plus, we offer purpose-built marketing tools to help merchants convert more shoppers into customers, driving GMV.

About the role

As a Gorgias Infrastructure Security Engineer, you will contribute to our security program, working directly with our SRE team and engineering leadership.

You will implement and manage essential security tools and processes, with a particular focus on ensuring resilience against potential external threats and attacks.

This role will be critical in setting up proactive security measures and responding to incidents, making a tangible impact on Gorgias’ ability to meet enterprise-grade security standards.

What you will do

  • Contribute to security framework, tools, and processes for Gorgias, focusing on protecting critical infrastructure and ensuring system reliability.

  • Collaborate closely with the SRE and Infrastructure teams to integrate security practices and tools into existing and emerging platforms, including Kubernetes and multi-region deployments.

  • Improve the Security Information and Event Management (SIEM) system to enhance comprehensive monitoring, threat detection, and alerting.

  • Develop automated detection and mitigation playbooks for common security incidents (such as DDoS attacks, phishing, and other infrastructure-related threats).

  • Conduct and evaluate attack simulations and real-time incident management to improve the detection and mitigation rate.

  • Champion security best practices within the engineering organization by promoting secure coding practices, incident response protocols, and real-time threat mitigation strategies.

  • Provide leadership and training across engineering teams to ensure adoption of security standards and incident management practices.

About you

  • 5+ years of experience in a security engineering or infrastructure security role, preferably within a high-growth SaaS or eCommerce environment.

  • Proven expertise in infrastructure security, DDoS mitigation, and SIEM/SOC platforms.

  • Strong knowledge of cloud environments, particularly in Kubernetes/GKE, Postgres clusters, and networking protocols.

  • Hands-on experience with automation tools and Infrastructure as Code (IaC), such as Terraform.

  • Proficiency in scripting languages like Python or Golang for automating security processes and incident responses.

  • Ability to communicate security best practices and protocols to cross-functional engineering teams, advocating for a security-first mindset across the organization.

  • Experience with observability, incident management, and disaster recovery is a plus.

  • Ability to confidently serve as the main point of contact for all security-related matters in a dynamic startup environment.

Our Stack

You’ll be working closely with our SRE team, a group of experienced engineers who are building and maintaining:

  • Multi-TB Postgres clusters

  • RabbitMQ and Redis with tens of thousands of operations per second

  • 10+ full-featured GKE clusters globally with over 15k tenants

  • A new stack of Kafka, Debezium, and Apache Flink

  • Github Actions CI and ArgoCD for scalable deployment strategies

  • Best practices around Kubernetes/Helm/Operators, SLIs/SLOs, Incident Management, Observability, Security, and Disaster Recovery

    Company Benefits and Perks

  • 🏖️ 22 days of paid leave (We follow each country's appropriate PTO Laws)

  • 🤕 Paid sick leave

  • 🧸 Paid parental leave (16 Weeks)

  • 💻 MacBook Pro

  • 🍽️ Personal credit card to buy lunches (you’ll have your own Gorgias credit card)

  • 🏥 Included in your offer’s calculation, there’s a 5% bonus for healthcare to compensate for Private Health costs

  • 💆🏻‍♀️ Get €700 to set up your workstation at home (working from home should feel breezy)

  • 📚 Get €2000 of learning material per year (includes books, courses, training sessions that are easily identified and linked with your job scope. This also covers individual coaching!)

  • 🥰 Every quarter, we organize an online company-wide summit to discuss where we’re going and strengthen social bonds. Once per year we organize offsite team retreats and company retreats! (Here is the photo album from our last company retreat in Mexico in 2022, when we were a total of 200 people!)

More cool things to know about Gorgias... 😁

Diversity, Equity, and Inclusion at Gorgias

At Gorgias, we’re dedicated to creating a diverse, inclusive, and equitable workplace where everyone is valued. We provide equal opportunities without discrimination based on race, gender, age, disability, or any characteristic protected by law.

We also recognize that individuals from diverse backgrounds—especially women and underrepresented groups—may hesitate to apply if they don’t meet every requirement. If this role excites you and you’re eager to grow, we strongly encourage you to apply, even if you don’t check every box. You might bring something unique and valuable that we didn’t even know we needed.

If you need accommodations to participate in the application or interview process, perform essential job functions, or access other employment benefits, please contact us at [email protected]. Let’s grow together!