About the Role

The Vault Scanning Team builds and maintains a platform responsible for scanning source code repositories, as well as other text-based sources for various risks such as secrets and credentials.

Our platform is expected to handle millions of requests and manage and query rich metadata in a scalable and highly available service-oriented platform. Vault Scanning provides actionable insights and control for implementing security and compliance. It stores and indexes metadata, used for providing insights, alerting on abnormal behavior, policy evaluation, data visualization, and slice & dice data analysis.

The engineers on our team have a passion for solving complex problems, designing object data models to represent complex application data, and building highly scalable and highly available platforms. You will be leveraging new technologies and inventing new algorithms to solve complex code security related problems.

Our customers scan thousands of source code repositories, and rely on our tools to detect, triage, and remediate highly critical security risks as they are detected near real-time.

Some of the future challenges for our team include:

• Building an extensible architecture to allow for scanning new types of data sources

• Integrating the security risk scanning platform with other existing Hashicorp tools and products

• Designing and implementing an easy-to-deploy system for scanning security risks for on-premise customers

• Researching new types of security risk and determining how to best scan for such risks

• Studying performance characteristics of the existing platform and advancing the system through architecture and algorithm improvements

In this role, you can expect to:

• Work on next-generation distributed systems for detecting security risks

• Build and architect systems capable of efficiently scanning millions of data sources in a wide variety of data sources types

• Interface directly with internal teams, users and HashiCorp customers

• Own the full lifecycle of feature development from design through testing and release

• Work with stakeholders to define and create internal and public APIs

• Develop code in Golang, learning from and contributing to a team committed to continually improving their skills

You are a great addition to the team if you:

• Have at least 2 years of prior experience building services in a service oriented architecture in Go and at least 4 years of experience in a lower-level language like Go

• Are passionate about building security-related products

• Understand the basics of gRPC and protobuf

• Know how git version control systems work

• Write code with security and performance in mind

• Have developed scalable platforms with relational databases like Postgres/MySQL, and real time messaging systems like RabbitMQ, SQS, or Kafka in the past

• Have prior experience working in high performance or distributed systems

• Troubleshoot performance related issues, and determine a path forward

• Can knowledgeably discuss design and performance tradeoffs in complex systems

• Exhibit ownership in your work, including research and understanding of the problem space, collaborating with the team to come up with solutions, proactively communicating your progress to the team, and shipping the feature over the finish line.

In your cover letter, please describe why you're interested in working at HashiCorp, and on the Vault Scanning team in particular. Specifics of your past experience that are relevant to this role are great to include too.

If you are uncertain about applying, we encourage you to please do. We’d love to hear from you!

#LI-REMOTE