Weedmaps

1 Job

670 Employees

About the Company

Founded in 2008, we've grown from a small startup to a global leader in the cannabis industry. Our dedication to transparency, education, and community has set us apart, and today, we proudly serve cannabis to consumers and businesses in the U.S. and worldwide. "Freedom to choose. Freedom to access. Freedom to enjoy."

Listed Jobs

Company Name: Weedmaps
Job Title: Security Engineer (Remote)
Job Description: Job Title: Security Engineer (Remote) Role Summary: Develop, automate, and manage security tools and processes to secure the company’s cloud, container, and serverless infrastructure. Reduce vulnerability remediation time, scale security practices, and ensure compliance and resilience across all technology assets. Expectations: * Deliver measurable improvements in security workflow efficiency and vulnerability turnaround. * Build self‑service tooling that empowers engineering teams to embed security into their DevOps pipelines. * Collaborate effectively with IT, software engineering, and product teams to maintain a secure, compliant, and threat‑resilient environment. Key Responsibilities: * Design, develop, and maintain security scripts, automations, and tooling (e.g., SOAR, EDR, DLP). * Partner with engineering squads to prioritize, remediate, and track vulnerabilities from discovery through resolution. * Assess and rank risks using industry frameworks (CVSS, CWE) and business impact. * Define and enforce security policies and standards across the organization. * Integrate security controls into CI/CD pipelines and manage tool suites. * Author Jira stories, estimate effort, and contribute to sprint planning and retrospectives. * Establish secure development best practices and identify architectural risks. * Participate in on‑call rotation for incident monitoring, triage, and response. Required Skills: * 5+ years in Information Security, DevSecOps, or DevOps with a focus on vulnerability management. * Deep knowledge of cloud (AWS), containers (Kubernetes, Docker), serverless, and modern systems architecture. * Hands‑on vulnerability analysis (CVEs), code review, and remediation. * Proficiency in CI/CD, Git workflows (PRs, branching), and scripting (Python, Ruby, JavaScript, Java). * Experience with SOAR or SIEM platforms and security metrics for monitoring. * Strong written and verbal communication; ability to collaborate across technical and non‑technical teams. * Agile/Lean mindset with experience in JIRA, Confluence, and sprint ceremonies. Required Education & Certifications: * Bachelor’s degree in Computer Science, Information Security, or equivalent technical field. * Relevant security certifications (CISSP, CCSP, GCIA, GCIH) are preferred.