Jobs at Evervault

Lead Engineer, Security

Build secure encryption infrastructure.


Evervault is a technology company building the encryption engine for the web, so that developers never touch sensitive data in plaintext and can isolate the code that processes it from the rest of their stack.

Our mission is to encrypt the web; our goal is zero data breaches, and our end-state is everything encrypted everywhere.

Security is at the core of Evervault. We’re hiring a Lead Engineer, Security to build security into our systems and processes from the ground up. You'll be working with Rust, Node.js, and AWS Nitro Enclaves.

Core challenge

The core challenge for this position is simple: How do you design and build systems & processes when security is the primary concern for developers considering using Evervault?

This person will

  • Be directly responsible for defining, owning, and executing Evervault’s production security roadmap, and championing security across all architectural and product decisions
  • Regularly conduct security audits to determine our security risk tolerance, needs, and priorities — and develop strategies based on these determinations, translate those strategies into tactical plans, and execute those plans
  • Establish an engineering process & culture across all layers of Evervault’s engineering process which holds security as the first priority
  • Make every Evervault engineer a security engineer, e.g. by ensuring everyone considers security implications in the design and implementation of their code
  • Prepare Evervault for security events by proactively running incident response simulations, using tools with automation to increase our speed for detection, investigation, and recovery
  • Introduce mechanisms and tools to reduce or eliminate the need for direct access or manual processing of data
  • Automate security best practices to improve our ability to securely scale more rapidly and cost-effectively
  • Create secure architectures, including the implementation of controls that are defined and managed as code, i.e. Terraforming
  • Enhance existing, and introduce new, observability & traceability mechanisms to monitor, alert, and audit actions and changes to our environment in real time, including the integrate log and metric collection with systems to automatically investigate and take action
  • Implement a strong identity foundation across Evervault systems
  • Be heavily involved in developing compliance processes, and help get Evervault compliant to the highest information security standards (including SOC 2, ISO 27001, and PCI DSS) — including managing independent penetration tests

You may be the right person if

  • You are an expert in security, with deep knowledge across all security specialities
  • You are a security evangelist who believes that every engineer is a security engineer
  • You want to be heavily involved in building Evervault’s dedicated security team, and mentoring engineers who may not be trained in security
  • You have a network of quality (security) engineers who would instantly want to join Evervault if you did

You are the ideal person if you have

  • 8+ years of relevant experience, including experience leading security organizations — or you’ve had equivalent experience in a more condensed period
  • Expert knowledge of security threats, deep hands-on experience detecting & defending from cyber attacks, and experience using big data analytics and orchestration to address security challenges
  • Exceptional engineering skills in a common development language (e.g. Rust, C, C++)


Here’s what our hiring process looks like for lead engineers:

  1. Application: Submit your application including:
    • Links to your profiles (e.g. GitHub, Twitter, Substack)
    • A technical project(s) you’re particularly proud of — with some explanation of what it does
    • Whatever information you think would be most useful — like a short explanation of your accomplishments & background, what you like to work on, and why you’re excited about joining Evervault
  2. Introduction call: An opportunity for us to get to know you & for you to learn more about Evervault.
  3. System Design interview: A call where you'll build a scalable, fault tolerant, highly available system. This helps us see what it’s like working with each other.
  4. Take-home task: A coding task that helps us understand if you can write clean, maintainable, and well-documented code.
  5. Call with Design: Meet with one of our designers, a key engineering partner.
  6. Offer: We aim to go from introduction call to offer made within two weeks.

Programming challenges

Sending a solution to one or more of these programming challenges is an effective way of impressing us:

  • Build a simple CLI tool that deploys & runs arbitrary JavaScript files in a secure isolated process or thread.
  • Build a distributed system with 3 separate worker nodes which dynamically calculates n digits of Pi (π) over x cycles in a distributed manner, exposing a single POST /calculate endpoint which accepts x and n as its body.
  • Build a Node.js module which exposes a single function that accepts a function as its only parameter. Serialize the code for the parameter function and any external dependencies (e.g. npm modules, required functions). Bundle it into a single index.js file which can be run in isolation while maintaining the same functionality.
  • Implement a TLS man-in-the-middle forward proxy using HTTP CONNECT, which replaces all instances of foo with bar in outbound requests. Make it as fast/low-latency as possible.
  • Build an implementation of the Raft consensus algorithm across n nodes that demonstrates leader election and log replication.

Apply now