Staff Site Reliability Engineer, InfraSec

Sprout General Referrals
Full_time$146k-219k/year (CAD)

📍 Job Overview

  • Job Title: Staff Site Reliability Engineer, InfraSec
  • Company: Sprout General Referrals
  • Location: Remote Canada
  • Job Type: Full-Time
  • Category: DevOps, Infrastructure, Security
  • Date Posted: 2025-06-24
  • Experience Level: 10+ years
  • Remote Status: Remote Solely (British Columbia, Ontario)

🚀 Role Summary

  • Key Responsibilities: Create "Paved Roads" for secure infrastructure, improve Sprout's security posture, enforce security best practices, collaborate cross-functionally, lead strategic initiatives, and mentor team members.
  • Key Skills: Site Reliability Engineering, Infrastructure Security, Automation, Cloud Security, Infrastructure as Code, Configuration as Code, Project Management, Collaboration, Mentorship, Technical Expertise, Security Best Practices, Vulnerability Remediation, CI/CD Pipelines, AWS, Programming, Observability.

📝 Enhancement Note: This role requires a strong background in infrastructure security, with a focus on automation and simplification. Candidates should be comfortable working in a Linux/UNIX environment and have experience with infrastructure-as-code tools.

💻 Primary Responsibilities

  • Create "Paved Roads": Develop standard production-ready technology that all engineering teams can leverage to build secure experiences.
  • Improve Sprout's Security Posture: Enhance Sprout's security through automation, auditability, and clear processes to build sustainable and secure solutions.
  • Enforce Security Best Practices: Implement security best practices through code to minimize chances of misconfiguration and increase confidence in service adoption in the cloud.
  • Collaborate Cross-Functionally: Work with product, site reliability engineering, data platform, and GRC teams to deliver scalable, secure-by-default infrastructure.
  • Lead with Influence: Drive alignment on security best practices and create momentum for cross-functional initiatives.
  • Mentor and Guide: Pair deep technical expertise with pragmatic execution and mentorship to help engineers shape the future of security at Sprout.
  • Own Strategic Initiatives: Lead projects such as IAM modernization, zero trust, vulnerability remediation pipelines, and secure paved road delivery.

📝 Enhancement Note: This role requires a balance of strategic thinking and hands-on execution. Candidates should be comfortable working at both high and low levels, from guiding engineers to shaping the future of security at Sprout.

🎓 Skills & Qualifications

Education: A Bachelor's degree in Computer Science, Engineering, or a related field. Alternatively, relevant work experience can be considered.

Experience: 7+ years building and maintaining reliable, scalable systems in a Linux/UNIX environment. 5+ years experience with infrastructure-as-code or configuration-as-code tools. 3+ years operating and maintaining cloud security tools. 3+ years leading engineering projects and initiatives.

Required Skills:

  • Experience with Amazon Web Services (AWS)
  • Experience with Security Tooling and Vendor selection plus management of third-party security tooling such as CNAPP, CWPP, CSPM, IDS/IPS, etc.
  • Experience in at least one programming language, such as Python, Java, Golang, or Ruby
  • Experience with building CI/CD Pipelines using tools such as Jenkins, Gitlab, Github Actions, etc.

Preferred Skills:

  • Experience with Terraform, Chef, Ansible, SaltStack, etc.
  • Experience with WAF, IAM, AWS Config, etc.
  • Familiarity with threat modeling, risk assessment, and incident response processes.

📝 Enhancement Note: While the preferred skills are not required, they would be beneficial for candidates looking to excel in this role and take on more complex projects.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Demonstrate a strong understanding of infrastructure security principles and best practices.
  • Showcase experience with infrastructure as code and configuration as code tools.
  • Highlight projects that showcase your ability to lead cross-functional teams and deliver strategic initiatives.
  • Include examples of how you have improved the security posture of previous organizations.

Technical Documentation:

  • Provide clear and concise documentation for your projects, including setup instructions, code comments, and any relevant diagrams or flowcharts.
  • Include any relevant security assessments, penetration testing results, or vulnerability reports.
  • Showcase your ability to write technical blog posts or articles on infrastructure security topics.

📝 Enhancement Note: While a portfolio is not explicitly required for this role, providing one can help demonstrate your technical skills and approach to infrastructure security.

💵 Compensation & Benefits

Salary Range: The base pay range for this role is $146,000 (min), $182,500 (mid), $219,000 (max) CAD annually. Individual base pay is based on various factors, including work location, relevant experience and skills, the responsibility of the role, and job duties/requirements.

Benefits:

  • Insurance and benefit options that are built for both individuals and families.
  • Progressive policies to support work/life balance, such as flexible paid time off and a parental leave program.
  • High-quality and well-maintained equipment.
  • Wellness initiatives to ensure both health and mental well-being of our team.
  • Ongoing education and development opportunities via the Grow@Sprout program, employee-led diversity, equity and inclusion initiatives, and mentorship programs for aspiring leaders.
  • A growing corporate social responsibility program that is driven by the involvement and passion of our team members.

Working Hours: This role follows a standard full-time work arrangement, with the expectation of working 40 hours per week. However, Sprout Social is committed to supporting work/life balance and offers flexible paid time off and a parental leave program.

📝 Enhancement Note: The salary range provided is based on market research and is intended to be competitive and equitable. However, individual base pay may vary based on the factors listed above.

🎯 Team & Company Context

Company Culture: Sprout Social is a fast-growing, remote-first company that values collaboration, innovation, and continuous learning. The engineering team is composed of cross-functional teams that span mobile, front-end, back-end, and site reliability engineering. The company is committed to providing a supportive and inclusive work environment that fosters professional growth and development.

Team Structure:

  • The engineering team is organized into cross-functional teams that work together to deliver powerful features for Sprout's customers.
  • Each team is led by an engineering manager who is responsible for guiding the team's technical direction and ensuring the delivery of reliable services.
  • The site reliability engineering team works closely with other engineering teams to ensure the scalability, reliability, and security of Sprout's infrastructure.

Development Methodology:

  • Sprout uses Agile methodologies, including Scrum, to manage its development processes.
  • The engineering team follows a "you build it, you own it" philosophy, which encourages engineers to take ownership of the systems they develop and maintain.
  • Sprout uses CI/CD pipelines to automate the build, test, and deployment processes for its applications and infrastructure.

Company Website: Sprout Social

📝 Enhancement Note: Sprout Social's engineering team is known for its collaborative and supportive culture, which encourages engineers to learn from one another and take on new challenges. This role offers the opportunity to work on a large-scale, fast-growing product and make a significant impact on the company's security posture.

📈 Career & Growth Analysis

Web Technology Career Level: This role is at the senior level, requiring a deep understanding of infrastructure security principles and best practices. Candidates should have extensive experience leading engineering projects and initiatives and be comfortable working in a fast-paced, dynamic environment.

Reporting Structure: The Staff Site Reliability Engineer will report directly to the Engineering Manager of the Site Reliability Engineering team. They will work closely with other engineering managers, product managers, and security team members to deliver scalable, secure infrastructure.

Technical Impact: This role has a significant impact on Sprout's security posture and the overall reliability of its infrastructure. The Staff Site Reliability Engineer will be responsible for creating "Paved Roads" that enable engineering teams to build secure experiences and for improving Sprout's security through automation and clear processes.

Growth Opportunities:

  • Technical Growth: This role offers the opportunity to deepen your technical expertise in infrastructure security, cloud security, and site reliability engineering. You will work with cutting-edge technologies and have the chance to learn from experienced engineers and security professionals.
  • Leadership Growth: As a senior member of the site reliability engineering team, you will have the opportunity to mentor junior engineers and guide the technical direction of the team. You may also have the chance to take on a leadership role within the broader engineering organization.
  • Career Progression: This role is well-positioned for career progression within the site reliability engineering team or the broader engineering organization. As Sprout continues to grow, there will be opportunities to take on more complex projects and leadership roles.

📝 Enhancement Note: The growth opportunities for this role are significant, as Sprout Social is a fast-growing company with a strong commitment to supporting the professional development of its employees.

🌐 Work Environment

Office Type: Remote-first, with a focus on supporting a distributed workforce.

Office Location(s): Sprout Social has team members located across North America, with a strong presence in British Columbia and Ontario. The company is committed to supporting a remote work environment and offers flexible work arrangements to accommodate the needs of its team members.

Workspace Context:

  • Collaboration: Sprout's engineering team uses collaboration tools such as Slack and Google Workspace to communicate and coordinate projects.
  • Development Tools: The engineering team uses a variety of development tools, including Git, Jenkins, Terraform, and Chef. They also use cloud-based tools such as AWS, Google Cloud Platform, and Microsoft Azure.
  • Testing and Deployment: Sprout uses CI/CD pipelines to automate the build, test, and deployment processes for its applications and infrastructure. The engineering team uses tools such as Jenkins, GitHub Actions, and AWS CodePipeline to manage these processes.

Work Schedule: This role follows a standard full-time work arrangement, with the expectation of working 40 hours per week. However, Sprout Social is committed to supporting work/life balance and offers flexible paid time off and a parental leave program.

📝 Enhancement Note: Sprout Social's remote-first work environment is designed to support a distributed workforce and promote collaboration and productivity. The company offers a range of benefits and resources to support the well-being and professional development of its team members.

📄 Application & Technical Interview Process

Interview Process:

  1. Phone Screen: A brief phone call to discuss your background, experience, and interest in the role.
  2. Technical Deep Dive: A technical interview focused on your experience with infrastructure security, cloud security, and site reliability engineering. You will be asked to discuss your approach to security best practices, vulnerability remediation, and CI/CD pipelines.
  3. Behavioral Interview: A behavioral interview to assess your problem-solving skills, leadership potential, and cultural fit with Sprout's engineering team.
  4. Final Interview: A final interview with the Engineering Manager and other senior team members to discuss your fit for the role and the team's technical direction.

Portfolio Review Tips:

  • Highlight projects that demonstrate your experience with infrastructure security, cloud security, and site reliability engineering.
  • Include examples of how you have led cross-functional teams and delivered strategic initiatives.
  • Showcase your ability to write clear and concise technical documentation, including setup instructions, code comments, and any relevant diagrams or flowcharts.

Technical Challenge Preparation:

  • Brush up on your knowledge of infrastructure security principles and best practices.
  • Review your experience with infrastructure as code and configuration as code tools.
  • Familiarize yourself with Sprout's development methodologies, including Agile and CI/CD pipelines.
  • Prepare for questions about your approach to security best practices, vulnerability remediation, and incident response.

ATS Keywords: Infrastructure Security, Site Reliability Engineering, Cloud Security, AWS, Terraform, Chef, Jenkins, CI/CD Pipelines, Vulnerability Remediation, Incident Response, Leadership, Mentorship, Technical Expertise, Security Best Practices, Infrastructure as Code, Configuration as Code, Programming, Observability.

📝 Enhancement Note: The interview process for this role is designed to assess your technical expertise, leadership potential, and cultural fit with Sprout's engineering team. The technical deep dive and behavioral interview are particularly important for this role, as they provide an opportunity to discuss your approach to infrastructure security and your ability to work collaboratively with other engineering teams.

🛠 Technology Stack & Web Infrastructure

Frontend Technologies: Not applicable for this role.

Backend & Server Technologies:

  • Cloud Platform: Amazon Web Services (AWS)
  • Infrastructure as Code: Terraform
  • Configuration as Code: Chef
  • CI/CD Pipelines: Jenkins, GitHub Actions, AWS CodePipeline
  • Monitoring Tools: Threatstack, Datadog, New Relic
  • Security Tools: WAF, IAM, OneLogin, Okta, CrowdStrike, Cloudflare

Development & DevOps Tools:

  • Version Control: Git
  • Code Review: GitHub, Bitbucket
  • Containerization: Docker, Kubernetes
  • Orchestration: Kubernetes, AWS EKS, Google Kubernetes Engine (GKE)
  • Serverless: AWS Lambda, Google Cloud Functions, Azure Functions

📝 Enhancement Note: Sprout Social uses a diverse set of technologies to deliver its products and services. The technology stack for this role is focused on infrastructure security, cloud security, and site reliability engineering. However, candidates should be comfortable working with a wide range of technologies and be open to learning new tools as needed.

👥 Team Culture & Values

Web Development Values:

  • Security-First: Sprout places a strong emphasis on security, with a focus on building secure-by-default infrastructure.
  • Collaboration: Sprout's engineering team values collaboration and cross-functional teamwork, with a focus on delivering powerful features for its customers.
  • Innovation: Sprout encourages its team members to think creatively and take on new challenges to drive the company's growth and success.
  • Continuous Learning: Sprout is committed to supporting the professional development of its team members and encourages them to learn new skills and take on new responsibilities.

Collaboration Style:

  • Cross-Functional Integration: Sprout's engineering team works closely with other teams, including product, design, and marketing, to deliver powerful features for its customers.
  • Code Review Culture: Sprout places a strong emphasis on code reviews and peer programming to ensure the quality and security of its codebase.
  • Knowledge Sharing: Sprout encourages its team members to share their knowledge and expertise with one another and to learn from one another's experiences.

📝 Enhancement Note: Sprout's engineering team is known for its collaborative and supportive culture, which encourages engineers to learn from one another and take on new challenges. This role offers the opportunity to work on a large-scale, fast-growing product and make a significant impact on the company's security posture.

⚡ Challenges & Growth Opportunities

Technical Challenges:

  • Security Best Practices: Stay up-to-date with the latest security best practices and ensure that they are implemented consistently across Sprout's infrastructure.
  • Vulnerability Remediation: Identify and remediate vulnerabilities in Sprout's infrastructure, ensuring that the company's systems are secure and protected from potential attacks.
  • Incident Response: Develop and maintain incident response plans to ensure that Sprout is prepared to respond to security incidents and minimize their impact on the company's operations.
  • Emerging Technologies: Stay current with emerging technologies and assess their potential impact on Sprout's infrastructure and security posture.

Learning & Development Opportunities:

  • Technical Skills: Deepen your technical expertise in infrastructure security, cloud security, and site reliability engineering. Take on new challenges and learn from experienced engineers and security professionals.
  • Leadership Skills: Mentor junior engineers and guide the technical direction of the site reliability engineering team. Take on leadership roles within the broader engineering organization.
  • Career Progression: Take on more complex projects and leadership roles as Sprout continues to grow. Explore opportunities to specialize in specific areas of infrastructure security or take on a broader role within the engineering organization.

📝 Enhancement Note: The challenges and growth opportunities for this role are significant, as Sprout Social is a fast-growing company with a strong commitment to supporting the professional development of its employees. This role offers the opportunity to work on a large-scale, fast-growing product and make a significant impact on the company's security posture.

💡 Interview Preparation

Technical Questions:

  • Security Best Practices: How do you ensure that security best practices are implemented consistently across an infrastructure? Can you provide an example of a time when you identified and remediated a security vulnerability?
  • Vulnerability Remediation: How do you approach vulnerability remediation in a large-scale infrastructure? Can you describe a time when you had to remediate a critical vulnerability quickly and effectively?
  • Incident Response: How do you prepare for and respond to security incidents? Can you walk us through your incident response process and provide an example of a time when you had to respond to a security incident?

Company & Culture Questions:

  • Company Culture: How do you see yourself fitting into Sprout's engineering team culture? Can you provide an example of a time when you worked collaboratively with a diverse team to deliver a complex project?
  • Technical Direction: How do you approach guiding the technical direction of a team? Can you describe a time when you had to make a difficult technical decision and how you arrived at that decision?
  • User Experience Impact: How do you ensure that security considerations do not negatively impact the user experience of Sprout's products? Can you provide an example of a time when you had to balance security and user experience in your work?

Portfolio Presentation Strategy:

  • Technical Depth: Focus on the technical aspects of your portfolio, including your approach to infrastructure security, cloud security, and site reliability engineering.
  • Collaboration: Highlight your experience working collaboratively with other engineering teams to deliver complex projects.
  • Leadership: Showcase your ability to mentor junior engineers and guide the technical direction of the site reliability engineering team.

📝 Enhancement Note: The interview process for this role is designed to assess your technical expertise, leadership potential, and cultural fit with Sprout's engineering team. The technical deep dive and behavioral interview are particularly important for this role, as they provide an opportunity to discuss your approach to infrastructure security and your ability to work collaboratively with other engineering teams.

📌 Application Steps

To apply for this Staff Site Reliability Engineer, InfraSec position:

  1. Update Your Resume: Tailor your resume to highlight your experience with infrastructure security, cloud security, and site reliability engineering. Include any relevant projects or initiatives that demonstrate your leadership potential and technical expertise.
  2. Prepare Your Portfolio: Ensure that your portfolio showcases your experience with infrastructure security, cloud security, and site reliability engineering. Include examples of how you have led cross-functional teams and delivered strategic initiatives.
  3. Review the Job Description: Carefully review the job description and make sure that you understand the key responsibilities, required skills, and preferred qualifications for the role.
  4. Practice Technical Interview Questions: Brush up on your knowledge of infrastructure security principles and best practices. Review your experience with infrastructure as code and configuration as code tools. Familiarize yourself with Sprout's development methodologies, including Agile and CI/CD pipelines.
  5. Prepare for Behavioral Interview Questions: Reflect on your experience working collaboratively with other engineering teams and leading strategic initiatives. Prepare examples of how you have demonstrated leadership potential and technical expertise in previous roles.
  6. Apply: Submit your application through the application link provided in the job description. Make sure to include your resume and portfolio, as well as any other relevant documents or links.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web development/server administration industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

Application Requirements

Candidates should have over 7 years of experience in building reliable systems in a Linux/UNIX environment and at least 5 years with infrastructure-as-code tools. Experience with cloud security tools and leading engineering projects is also required.