Lead Infrastructure Engineer (DevSecOps)

Helping organizations around the world secure their software supply chains and achieve new visibility into the technology they build and buy.

Our Mission

Software is the only thing we buy without having any idea what’s inside of it.

Manifest is a venture-backed cybersecurity startup, helping organizations around the world reduce their supply chain risk, and build/buy more secure software. We are a first-mover and leader in the software supply chain space, specifically around how organizations generate and operationalize software bills of material (SBOM).

We help:

Vulnerability analysts/SOC teams identify and respond to software vulnerabilities hidden in their supply chain. With Manifest, the 12-week hair-on-fire Log4j response could have been shortened to minutes, and repeated for the next major supply chain vulnerability.
Product/Application Security teams easily generate and manage SBOMs, and quickly reply to SBOM requests.
Governance, Risk, and Compliance teams streamline the process of evaluating and buying new tech (from printers to apps to medical devices), giving them more quantitative data to answer the question: “How risky is this asset we want to purchase?”

The impact you’ll have

Manifest is seeking to hire an experienced Lead Platform Engineer will own the design, development, implementation, and maintenance of Manifest’s infrastructure and build/release pipelines. You will build the program from the ground up, ensuring that our pipelines are fast, secure, performant, and scalable. By dogfooding Manifest’s core products, you will also be closely involved with Product and driving the direction of our product roadmaps.

As our Lead Platform Engineer, you will

Develop and deploy scripts (Terraform, Helm, Python, etc.) on a routine basis to support platform and customer requirements with a focus towards automation as much as practicable
Operate and sustain cloud-based CI/CD pipeline and components utilizing DevSecOps principles and best practices such as reducing human involvement through automation and similar
Automate application deployment that leverages container technology through a complex cloud-based environment through tools such as Kubernetes, Github, and other CI/CD tools and technologies
Allow Manifest to be deployed in any environment (AWS, Azure, on-prem, etc.)
Dogfood our own software supply chain product
Integrate DevSecOps tools and services to enable an automated pipeline that supports customer applications throughout their SDLC
Research and use the latest in open-source tools to help build and secure our development pipeline