What You’ll Do

Drive vulnerability management and compliance (SOC 2, ISO, NIST) Secure and automate our CI/CD pipelines and Infrastructure-as-Code (Pulumi, Helm, Python, etc.) Protect our AWS cloud and containerized environments (Docker/Kubernetes) Monitor systems, respond to threats, and lead incident resolution Partner with developers to integrate AppSec (SAST/DAST, dependency scanning) into workflows Mentor peers and foster a culture of security awareness

What We’re Looking For

3+ years in security engineering, cloud, or DevSecOps Strong AWS experience (Azure/GCP a plus) Knowledge of IaC, CI/CD, and cloud-native security tools Familiarity with SIEM, EDR/XDR, WAFs, and OWASP Top 10 Excellent communicator who thrives in cross-functional teams US-based (or eligible to work in the U.S.)

**Bonus:** Experience with Wiz, NopSec, Kubernetes security, or security certifications (CISSP, AWS Security Specialty, etc.).

Why Join Black Book

Competitive pay + 401(k) match Comprehensive health, dental, vision, life, and disability insurance Generous PTO, parental leave, and wellness reimbursement Hybrid flexibility + inclusive, growth-focused culture Backed by Hearst: stability with startup-like agility

Apply now and help secure the future of automotive data.