- 経験
- 5年以上
- 給料
- —
- 求人情報
- 1
- 投稿済み
- 2時間前
- 作業モード
- 在任中
- 資格
- Experienced security, platform, or SRE professionals who can work from Christchurch or Auckland and are open to an office-based role. Candidates who are highly capable even if they do not match every preferred requirement are welcome to apply.
- 再開する
- 応募必須
勤務地
仕事内容
About Partly
Partly is a company focused on connecting the world’s parts by creating a global platform for replacement parts, beginning with auto parts. Its long-term goal is to help accelerate a more sustainable future in which people can repair rather than replace. The business was started by former Rocket Lab engineers and uses modern technology to tackle complex, high-impact challenges in a multi-trillion-dollar industry.
The company has grown quickly, expanding significantly over the last year and continuing to scale across Europe and Australasia. Its platform supports large enterprises and fast-growing startups worldwide, providing the digital infrastructure used to organize and manage parts catalogs online. The company is backed by investors including Blackbird Ventures, Square Peg, Octopus Ventures, Icehouse, Peter Beck, Akshay Kothari, and Dylan Field.
Partly is headquartered in Austin, Texas, and also has offices in London, Christchurch, and Auckland. New hires are connected to the nearest office for onboarding and are flown in for quarterly company-wide Season Opener gatherings, with travel and accommodation covered. Relocation support is also available for those moving to join the team. This role is based in Christchurch and Auckland.
Role overview
The Platform Security Engineer will be responsible for strengthening Partly’s security posture while also supporting platform reliability. The position reports to the Platform Lead and combines practical infrastructure security work with reliability engineering. This is a hands-on role for someone who can implement technical safeguards, work closely with infrastructure systems, and help establish security processes from the ground up. As the first dedicated security hire, you will partner closely with the SRE team and shape how security is embedded across the platform.
Key responsibilities
- Help keep the platform dependable and secure by joining the on-call rotation with the SRE team, owning security incident response planning and testing, leading reviews after security incidents, contributing to availability incident reviews, and building security monitoring and alerting.
- Take ownership of the company’s security and compliance position by preparing for audits such as ISO 27001 and future SOC 2, maintaining ongoing compliance through Vanta, handling enterprise customer security questionnaires, and keeping the risk register up to date for engineering and leadership.
- Strengthen infrastructure security by applying least-privilege access across systems, including PostgreSQL roles, Kubernetes RBAC, and secret access controls. Drive progress toward network segmentation and zero-trust using Cilium network policies and Kyverno admission policies, and make production access read-only by default for developers.
- Build and run a structured vulnerability management process by operating scanning and detection tools such as Trivy, Renovate, and Falco. Own vulnerability triage, assess severity, prioritize remediation, track issues through closure, coordinate fixes with service owners, and report trends and metrics.
Candidate profile
- You likely bring at least 5 years of experience in security engineering, platform engineering, or SRE with a strong security focus, and you should be comfortable working independently from day one.
- Practical Kubernetes security knowledge is important, including RBAC, network policies, and admission controllers, along with experience implementing controls in production Kubernetes environments.
- You should have exposure to at least one compliance standard such as ISO 27001, SOC 2, or PCI-DSS, and understand the difference between paperwork-driven compliance and real security.
- Strong cloud security knowledge is needed, with GCP experience preferred and a solid understanding of how to secure cloud infrastructure.
- Experience using infrastructure-as-code and GitOps tools such as Terraform and ArgoCD is valuable, along with a mindset that infrastructure changes should be reviewed through code.
- You need to communicate clearly and be able to explain security risks to non-technical stakeholders in a way that connects technical issues to business impact.
- Bonus experience includes CNCF security tools such as Cilium, Kyverno, and Falco, as well as container security and supply chain security practices like SBOMs and image signing.
- Experience with Rust or Go would be helpful because those are the backend languages used at Partly and may come in handy when reviewing security-sensitive code.
- Applicants who do not meet every listed requirement are still encouraged to apply if they believe they can contribute strongly in this role.
Benefits
- Fresh, healthy catered lunches are provided every workday in the Auckland, Christchurch, London, and Austin offices, along with snacks and drinks.
- Each team member receives a $1,500 annual wellness allowance, or the local equivalent, on a Partly-branded card for expenses such as gym memberships, climbing, therapy, massage, doctor visits, and prescriptions.
- Primary caregivers are offered 3 months of fully paid parental leave, plus a phased return-to-work arrangement of four days per week at full pay for the first three months back.
- Employees commuting to a Partly office or coworking space can choose between a paid 24/7 parking space or a commuting allowance.
- The offices are newly designed to encourage collaboration and creativity, with coffee, social areas, and nearby cafes.
- Partly follows an office-first model in Christchurch, Auckland, London, and Austin, while still supporting a high-trust environment that allows flexible scheduling around personal needs.
- The company makes time to celebrate as a team through weekly happy hours, monthly lunches, quarterly Season Openers, and an annual global offsite.
Relocation and onboarding
New team members are onboarded through the nearest office and brought together with the wider company at quarterly Season Opener events, with travel and accommodation covered by the company. If you are moving to join Partly, relocation assistance is available to help with costs.
Work location
This role is based in Christchurch and Auckland, New Zealand, and is intended to be an office-based position.