What You’ll Do

• Drive vulnerability management and compliance (SOC 2, ISO, NIST)
• Secure and automate our CI/CD pipelines and Infrastructure-as-Code (Pulumi, Helm, Python, etc.)
• Protect our AWS cloud and containerized environments (Docker/Kubernetes)
• Monitor systems, respond to threats, and lead incident resolution
• Partner with developers to integrate AppSec (SAST/DAST, dependency scanning) into workflows
• Mentor peers and foster a culture of security awareness

What We’re Looking For

• 3+ years in security engineering, cloud, or DevSecOps
• Strong AWS experience (Azure/GCP a plus)
• Knowledge of IaC, CI/CD, and cloud-native security tools
• Familiarity with SIEM, EDR/XDR, WAFs, and OWASP Top 10
• Excellent communicator who thrives in cross-functional teams
• US-based (or eligible to work in the U.S.)

**Bonus: ** Experience with Wiz, NopSec, Kubernetes security, or security certifications (CISSP, AWS Security Specialty, etc.).

Why Join Black Book

• Competitive pay + 401(k) match
• Comprehensive health, dental, vision, life, and disability insurance
• Generous PTO, parental leave, and wellness reimbursement
• Hybrid flexibility + inclusive, growth-focused culture
• Backed by Hearst: stability with startup-like agility

Apply now and help secure the future of automotive data.