Full Stack Engineer
New Context is a rapidly growing consulting company in the heart of downtown San Francisco. We specialize in Lean Security: an approach that leads organizations to build better, safer software through hands-on technical and management consulting. We are a group of engineers who live and breathe Agile Infrastructure, Systems Automation, Cloud Orchestration, and Information & Application Security.
As a New Context Full Stack Engineer you will be a member of our LS/IQ product development team. Your app stack is on AWS and includes: koajs (node.js), Vue, Ruby, PostgreSQL, MongoDB and lambda functions. Hands on cybersecurity experience and related certifications are a huge plus. If you are looking to become a more security minded software engineer or need a sponsor for a certification, then this is a great opportunity for you.
You will work with other New Context team members while working from your home or New Context office. You will have access to our customers to learn directly from them on how they use the LS/IQ product. We foster a tight-knit, highly-supportive environment where you will receive respect and be included. Even if you may not know the answer to a question immediately, you'll have the entire company supporting you via Slack, Zoom, or in-person. We also host a weekly all-company checkin and daily team stand ups via Zoom, so you won't just be a name on an email.
At New Context, our core values are Humility, Integrity, Quality & Passion! Our employees live these values every single day.
- Participate in all phases of the software development lifecycle (planning, design, implementation, deployment and support).
- Participate in checking in with product customers to directly hear their feedback and evolve the product to support their needs.
- Create simple and intuitive web and mobile applications
- Design, develop and deploy integrated solutions
- Collaborate effectively with teammates and technical partners via Slack, Zoom, and other remote-first methods.
- Communicate technical ideas and direction across the organization with a focus on problem-solving
- Technology you must know and have hands-on experience with are: Node.js, VueJS/Quasar, Ruby, PostgreSQL, MongoDB, AWS Lambda, Terraform, AWS ECS/Fargate
- Your coding practices must include: Agile, pair programming, peer reviews, TDD, Git workflow, automated integration testing, feature flags, automated deployment, secure coding best practices
- We help our customers build better infrastructure security and we treat security seriously in our product. You should have knowledge of or hands on experience with most of these:
- Firewalls, endpoint security, intrusion protection, log management, principle of least privilege access
- Secure coding practices, threat modeling
- Compliance and security standards
- BurpSuite, ZAP Proxy, SAST/DAST scanning tools
- Additional technologies you should have some experience with:
- Vagrant, Docker, Chef, GraphQL, AWS CodePipeline Python, Go, Jenkins, Atlassian Suite Google: DataStudio, BigQuery, pub/sub, Cloud functions, DataDog, Gitlab, Sentry, Hashicorp Vault, SumoLogic
Who you are:
- Intermediate-level full stack engineer with 3+ years of experience
- Experienced in integrating with internal and third-party solutions.
- Knowledgeable in building RESTful APIs for internal and external products.
- Knowledgeable in cloud computing platforms like AWS, GCP, Azure
- Able to work closely with internal stakeholders and vendors to understand their systems, build custom solutions, integrate with external systems and deploy the solution
- Knowledgeable in data structures, algorithms and design patterns
- Interested in creating user-friendly UI/UX and Data Visualizations.
- Able to communicate and collaborate across multiple teams to deliver an end product
- A creative, self-motivated problem solver who enjoys challenges
Bonus points if you are:
- CEH, CASE, GWEB, GWAPT, GSSP (or equivalent) certified.
- Familiar with network security fundamentals, social engineering, and/or forensic analysis;
- A member of national and/or local security groups.