The Company You’ll Join
Carta connects founders, investors, and limited partners through world-class software, purpose-built for everyone in venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta’s platform of software and services lays the groundwork so you can build, invest, and scale with confidence.
Carta’s Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management, with tools designed to enhance the strategic impact of fund CFOs. Recognized by Fortune, Forbes, Fast Company, Inc. and Great Places to Work, Carta is shaping the future of private market infrastructure.
Together, Carta is creating the end-to-end ERP platform for private markets. Traditional ERP solutions don’t work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta’s software for the Office of the Fund CFO does just that - it’s a new category of software to make private markets look more like public markets - a connected ERP for private capital.
For more information about our offices and culture, check out our Carta careers page.
The Problems You'll Solve
At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow.
As a Senior Infrastructure Security Engineer, some of the problems you’ll help us solve include:
How do you build a program that ties application security, container security, and cloud security together instead of treating them as separate specialities?
How do we change the application framework to make security the easiest path?
What tools and information can we provide to ensure developers can effectively peer review code themselves?
How do you encourage developers to continuously think about security using gamification and giving them results where they live (in the pipeline)?
The Team You'll Work With
You will be a Senior Infrastructure Security Engineer within Carta’s Security Engineering organization, collaborating closely with application, platform, and other infrastructure security engineers. We partner with our product teams to design security solutions that are both maintainable and resilient, while continually improving our risk posture.
Our culture is rooted in blameless problem solving and teamwork at the intersection of infrastructure, security, and DevOps, enabling the business to grow securely.
We work in an environment that uses infrastructure-as-code, Kubernetes, role-based access, and with engineers who care about the integrity and security of our data.
The Impact You’ll Have
With the power to change the product, the pipeline, and our developers on-boarding, not only will you be able to help us continue our security ownership program, you’ll also have the chance to build something new using your research. We are the partner to the engineering organization releasing quality software and we need curious minds to help us keep paving the way.
About You
You have 5+ years of experience in applying an engineering-driven approach to solving infrastructure and platform security problems at scale.
You thrive in environments with autonomy, confidently driving security improvements from idea to implementation.
You can analyze vulnerabilities that currently affect Carta’s infrastructure/platform, assess business impact and risk, implement effective fixes, and prioritize remediation based on severity and exploitability.
Create automations in higher level scripting languages (Python, Go, Ruby, Javascript, etc)
Bonus points if you have experience in securing containerized environments, with practical skills in Docker and Kubernetes.
Disclosures:
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email.
Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details.
For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report.
Please note that all official communications from us will come from an @carta.com or @carta-external.com domain. Report any contact from unapproved domains to security@carta.com.
