Staff Security Software Engineer, Altana AI
$134-200k
+ Equity Grants + Discretionary Bonus/Variable Compensation Plan
Supply chain visibility platform
Open for applications
Supply chain visibility platform
101-200 employees
Open for applications
$134-200k
+ Equity Grants + Discretionary Bonus/Variable Compensation Plan
101-200 employees
Company mission
Altana AI's mission is to improve global commerce.
Role
Who you are
- Bachelor’s degree in Computer Science, Engineering, or a related field; advanced degree preferred
- 5+ years of experience in Operations, DevOps, DevSecOps, or related engineering roles
- Expertise in building out application security pipelines and CI/CD platforms using tools such as GitHub Actions, Jenkins, and/or Azure DevOps
- Proficiency in programming/scripting languages like Python or Go
- Hands-on experience with IaC tools (Terraform, OpenTofu, CloudFormation) and cloud platforms (AWS, Azure)
- Strong understanding of application security, container security (Docker, Kubernetes), and cloud security (AWS or Azure)
- Knowledge of modern software delivery paradigms, including microservices and serverless architectures
- Familiarity with security frameworks and standards (OWASP, NIST, CIS)
- Exceptional problem-solving skills, communication, and ability to work in a fast-paced environment
- Experience with SAST/DAST tools like SonarQube or Burp Suite
What the job involves
- At Altana, we believe great engineering drives reliable and secure systems
- We're looking for someone excited about embedding security deeply into our infrastructure and supporting processes, which run on modern technologies like containers, cloud services, and automated pipelines
- You'll be instrumental in building tools and processes that proactively keep our systems secure and free from vulnerabilities
- This role combines technical leadership, creativity, and collaboration across DevOps, security, and software development teams to ensure our technology stack remains resilient and trusted
- You'll play a key role in developing and implementing a robust security posture within our DevOps team, with a strong emphasis on proactive risk reduction
- This includes establishing and refining processes for identifying and remediating vulnerabilities, deploying security tooling, and leveraging automation within our pipelines to maximize efficiency
- You'll collaborate closely with Information Security and Development teams to integrate security practices throughout the development lifecycle
- Success will be measured by the overall strength and effectiveness of our security posture, the timely and efficient resolution of vulnerabilities, and enabling our engineering teams to deliver secure and reliable products
- Aggregate and assess vulnerability data from multiple scanning tools and sources
- Quickly triage vulnerabilities; accurately assessing their risk and impact, and clearly documenting findings
- Define effective remediation actions and collaborate directly with relevant teams to initiate timely fixes
- Act as the primary contact for security compliance engagements and audits across the business
- Develop, publish, and maintain clear metrics and reports that demonstrate the effectiveness and progress of our vulnerability management program
- Collaborate with engineering and security teams to prioritize and facilitate timely vulnerability remediation
- Provide actionable guidance on code-level fixes, configuration improvements, and secure coding best practices
- Drive improvements in vulnerability management processes through ongoing collaboration and feedback
- Implement automated security testing and monitoring solutions to continuously identify new risks
- Develop automation to prioritize vulnerabilities based on severity, exploitability, and impact
- Automate patch management, dependency updates, and configuration management to quickly resolve vulnerabilities
- Create automated remediation workflows to address common security issues and reduce manual effort
- Collaborate closely with Cloud Engineering and DevOps teams to embed automated security controls into deployment processes
- Generate automated reports and dashboards to communicate security posture and remediation progress
- Regularly evaluate and enhance automation practices, tooling configurations, and control efficacy
Our take
Altana AI’s platform provides a shared source of truth for the global supply chain. The idea is that this will help businesses and governing powers optimize global commerce which, over the past few years, has shot up on the list of international priorities. With three quarters of businesses reporting recent supply chain disruptions, and governments increasingly concerned with mitigating security threats, data-driven visibility is more sought after than ever before.
Crucially, the platform doesn’t require data sharing to create global intelligence, instead using a federated machine learning approach. This is a nut many big-data companies have been trying to crack, and Altana AI’s success has attracted the company interest from top-tier investors like Google Ventures and Floating Point alongside contracts with the UK Department of Business & Trade. A number of other headline enterprises and government agencies are already on the company's customer roster.
With companies looking to recoup some of the $4 trillion reportedly lost in supply chain disruptions over recent years, and the push for global databases getting stronger, logistics startups are having a fruitful investment period. Altana is crafting a remarkable product at a highly marketable time, and with good uptake so far. Backed by substantial funding, Altana is set for a strong few years.
Steph
Company Specialist at Welcome to the Jungle
Insights
26% employee growth in 12 months
Company
Funding (last 2 of 5 rounds)
Jul 2024
$200m
SERIES C
Oct 2022
$100m
SERIES B
Total funding: $323.5m
Company benefits
- Comprehensive healthcare package
- Paid parental leave of 3 months for the primary caregiver and 1 month for the secondary caregiver
Company HQ
Financial District, New York, NY
Leadership
Raphael Tehranian
(COO)Previously an analyst with J P Morgan, pivoting to engagement at Cleantech Group and then corporate tech strategy with Suncor Energy. After a spell as an investor at Fuller Smith, spent time with global supply chain analytics company Panjiva as a management advisor.
Peter Swartz
(Chief Science Officer)An MIT grad in political science who went on to work as Head of Data Science at Panjiva.
Evan Smith
(CEO)A Yale economics graduate with experience in renewables at Imperium Renewables and Verno Systems, the latter of which they co-founded. Served as a partner at Fuller Smith, before moving on to work in a management advisor role at Panjiva.
Salary benchmarks
We don't have enough data yet to provide salary benchmarks for this role.
Submit your salary to help other candidates with crowdsourced salary estimates.
Share this job
View 16 more jobs at Altana AI