Remote Frontend Jobs

Overview

We are a fast-growing Series A startup building cutting-edge technology to revolutionize cloud development processes and support highly efficient dev&test feedback loops. We’ve closed our last $25mil round in Q4 2024, led by Notable Capital, CRV and Heavybit.

At its core, LocalStack provides a high-fidelity emulator and local cloud development platform. Imagine developing cloud applications and data pipelines entirely on your local machine within a lightweight cloud sandbox, running in Docker!

Our mission is to empower developers to rapidly build and test their cloud applications, allowing for a more enjoyable dev experience, and saving valuable time and resources.

LocalStack has a large and active developer community with over 100k active users worldwide and 290M+ downloads to date. Our customer base ranges from SMBs to Global Fortune 500 companies.

We are sustainably growing our globally distributed team across sectors.

LocalStack is headquartered in Zurich/Switzerland 🇨🇭, with a main engineering office in Vienna/Austria 🇦🇹 and remote team members from 🇺🇸the US, 🇫🇷FR, 🇬🇧UK, 🇨🇦CA, 🇪🇸ES, and many more countries.

This is the right opportunity for a person with 7+ years in a security engineering or security compliance role, experience leading vendor risk assessments and building compliance frameworks from the ground up, a strong background in API design and build, as well as a strong background in DevSecOps, incident response, and pragmatic, risk-driven security leadership.

Requirements

✅ What you will be working on/responsible for

• Ensure robust security posture of our product, across the various components (in particular, the LocalStack emulators, the LocalStack Cloud platform, as well as our data warehouse).
• Lead initiatives for incident monitoring, intrusion detection, and vulnerability management.
• Define and implement regular security auditing procedures across systems and access controls.
• Deliver a sustainable, scalable process for vendor risk assessments and other security-related initiatives (e.g., via tooling, delegation, or automation) including completing and submitting vendor risk assessments to support our sales process.
• Ensure secure configurations and permission models, while collaborating with the engineering teams.
• Identify gaps between claimed and actual compliance and propose/lead corrective actions.
• Own documentation of security controls, configurations, and policies.
• Engage with internal stakeholders to evaluate different security threats and attack vectors.
• Generate and distribute internal audit and compliance reports in regular intervals.

✅ Experience we expect you to bring to the role

• Expert knowledge of threat modelling, vulnerability management, and tools like intrusion detection, network security, or Linux/Unix OS hardening.
• Practical experience with cloud security (AWS preferred).
• Good knowledge of common standards (e.g., SOC 2, ISO 27001, GDPR), even if not formally certified.
• Strong documentation skills and ability to make complex topics accessible to non-experts.
• Good understanding of US and EU security and compliance expectations.
• Prior engineering experience strongly preferred (even if no longer coding daily).
• Proactive, pragmatic, and capable of risk-based decision-making.

Benefits

• Fully remote
• Competitive salary
• Annual company retreat
• 2 extra company-wide holidays
• Friendly and inclusive workplace culture (community guilds and online company events)

Tagged as: DevOps, docker, SecOps, senior