Sr. SEII, Secure Platform Operations (Remote Eligible)

Smartsheet

6d•Remote

About The Position

For over 20 years, Smartsheet has helped people and teams achieve–well, anything. From seamless work management to smart, scalable solutions, we’ve always worked with flow. We’re building tools that empower teams to automate the manual, uncover insights, and scale smarter. But more than that, we’re creating space– space to think big, take action, and unlock the kind of work that truly matters. Because when challenge meets purpose, and passion turns into progress, that’s magic at work, and it’s what we show up for everyday. Automation is the key to creating highly reliable and secure large-scale software systems. Are you someone who engineers solutions to problems rather than simply fixing the same thing over and over again? Can you protect Smartsheet against attackers? We are looking for a Senior Software Engineer with passion for security and platform engineering (which combines elements of development, site reliability, devops, and security), to join our global Secure Platform Operations team. In this critical role, you will be a leader in maturing our security and reliability posture by treating both as software engineering challenges, as well as system-wide optimization for Smartsheet engineering including supporting migrations and modernizations for feature teams to the platform. You will architect, automate, and operate a highly reliable, scalable, and defensible production environment with a great developer experience, directly impacting our ability to deliver a world-class service to our customers 24/7. This is a unique opportunity to truly apply Platform Engineering concepts and technologies, working at the intersection of infrastructure, automation, security, and developer experience to build a platform that is resilient, secure, and easy to use and maintain.

Requirements

8+ years of progressive experience in technology, with at least 5 years in a hands-on senior role such as Site Reliability Engineering, or DevOps.
A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience.
Expert-level proficiency in at least one major cloud provider, preferably AWS, with deep knowledge of core infrastructure and security services.
Expert-level proficiency with Infrastructure as Code, particularly Terraform.
Expert-level proficiency in a scripting or programming language such as Python, Go, or Ruby, with a proven history of building automation and custom tooling.
Deep experience with containerization and orchestration technologies (Kubernetes), including securing containerized environments.
Proficiency with the modern security operations toolchain, including SIEM, EDR, and vulnerability scanning technologies.
Experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines.
A critical thinker with a proven ability to troubleshoot complex problems in high-pressure production environments.
Excellent verbal and written communication skills and a collaborative spirit. This will include fluency in English.
Must be a U.S. Citizen or a U.S. National to meet federal compliance requirements

Nice To Haves

Advanced industry certifications such as CISSP, CISM, OSCP, or cloud-specific security certifications.
Experience with compliance frameworks like FedRAMP, ISO27001, SOC2.

Responsibilities

Engineer Secure and Resilient Infrastructure: Design, build, maintain, and improve secure, scalable, and highly available infrastructure in our multi-cloud environment (primarily AWS) using Infrastructure as Code (IaC) principles with tools like Terraform, Kubernetes, and Helm.
Automate Proactive Security: Engineer and automate threat detection, incident response, and vulnerability management processes. You will build the tools and workflows that allow us to respond to threats at machine speed.
Secure the Software Development Lifecycle: Architect and secure our CI/CD pipelines, integrating automated security tooling (SAST, DAST, SCA) to provide developers with fast, actionable feedback.
Master Container Security: Manage, operate, and secure our container orchestration platform (Kubernetes), implementing best practices for container security from the registry to runtime, including knowledge of hardening requirements such as CIS Benchmarks or DISA STIG.
Lead Incident Response: Act as a technical lead during security and reliability incidents, driving resolution and conducting blameless post-mortems to engineer preventative solutions.
Drive Automated Compliance: Implement and automate technical controls to ensure continuous compliance with frameworks such as FedRAMP, SOC 2, and ISO 27001.
Mentor and Lead: Serve as a subject matter expert for security and reliability, mentoring other engineers and championing a culture of operational excellence and security ownership across the organization.

Benefits

Medical/vision and dental coverage options for full-time employees
401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)
Monthly stipend to support your work and productivity
Flexible Time Away Program, plus Sick Time Off
US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans
US employees receive 12 paid holidays per year
Up to 24 weeks of Parental Leave
Personal paid Volunteer Day to support our community
Opportunities for professional growth and development including access to Udemy online courses
Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account
Teleworking options from any registered location in the U.S. (role specific)