Security Site Reliability Engineer

Job Description Job Description Security Site Reliability EngineerJoin Us at Pura—Reimagining Fragrance for the FutureAt Pura, we believe life is better when it smells good. Fragrance has the unique power to transform spaces, elevate moods, and create lasting memories. But we know it can do even more. That's why we're pioneering the future of fragrance, combining cutting-edge smart home technology with premium, clean scents to create personalized, meaningful experiences in every home.We're not just a fragrance company—we're on a mission to change the way people experience scent. At Pura, we are redefining fragrance as a critical element of design, on par with color, texture, sound, lighting, and furniture. We call this Scent Design—transforming scent from an afterthought into an intentional, skillful component of every space. By blending artistry and science, Pura allows users to design their own “scentscapes” that enhance daily life and craft environments that feel as good as they smell.Why Join Pura? Our journey began with two innovators, Richie Stapler and Bruno Lima, and their shared vision of revolutionizing how we experience fragrance. Since then, Pura has grown into a company that sells a fragrance every 3.7 seconds, partnering with iconic brands like Curio, Anthropologie, and Disney. We've been recognized as the Fastest Growing Company in Utah, and we are passionate about making scent a core part of life's most memorable moments.Your Role at Pura: You'll be the first dedicated Security SRE at Pura, reporting to the CISO. This is a high-impact, high-autonomy role where you'll own the security posture of our AWS and GCP environments. You'll work alongside our AppSec engineer and Security Director to protect the infrastructure that powers millions of connected devices, our API backends, and our growing suite of internal tools.This isn't a "monitor dashboards and escalate" role. You'll be hands-on — hardening infrastructure, enforcing secure patterns in Terraform, establishing security oversight of patching processes, and responding to the accelerating pace of vulnerability disclosures driven by AI-powered security research.Our infrastructure is in good shape — 75%+ is managed via Terraform, secrets are centrally managed, and we have a solid engineering team handling reliability. What we need is someone who brings a security lens to all of it and makes our infrastructure defensible by default.What You'll Own:Own cloud infrastructure security across AWS and GCP — IAM policies, network segmentation, encryption at rest/in transit, and CIS benchmark complianceHarden our IaC (Terraform) patterns — create secure modules, enforce policy-as-code (OPA/Sentinel/Checkov), and prevent misconfigurations before they reach productionEstablish security oversight of patching — engineering owns patching execution; you verify coverage, flag gaps, and ensure critical vulnerabilities are remediated on scheduleImplement and manage cloud-native security tooling — GuardDuty, Security Hub, Cloud Armor, Config Rules, and similar servicesSupport our Wazuh SIEM — maintain and extend cloud log ingestion (CloudTrail, VPC Flow Logs, GCP Audit Logs) and help tune detection rules after initial setup by a detection engineering contractorCollaborate with engineering teams to make secure infrastructure patterns the path of least resistance, not a gateSupport ISO 27001 compliance efforts by maintaining evidence of infrastructure security controls (Vanta deployment planned Q3 2026)Respond to security incidents involving infrastructure — contain, remediate, document, and improveQualifications:Must have:3+ years in SRE, DevOps, or Infrastructure Engineering with a security focus (or security engineering with strong infrastructure skills)Hands-on experience with AWS (IAM, VPC, EKS/ECS, Security Hub, GuardDuty, CloudTrail, Config)Working experience with GCP (doesn't need to be as deep as AWS)Strong Terraform skills — you've written modules, not just applied themExperience with Kubernetes security — RBAC, network policies, pod security standards, image scanningSolid understanding of Linux systems administration and OS-level hardeningComfortable scripting in Go, TypeScript, Python, or Bash for automation and toolingExperience with centralized logging — bonus if you've worked with Wazuh, but ELK/Datadog/Grafana experience translatesNice to have:Experience with Wazuh (our SIEM platform)Familiarity with policy-as-code frameworks (OPA, Sentinel, Checkov)Experience with container security scanning (Trivy, Snyk Container, Aqua, etc.)Background in incident response from an infrastructure perspectiveExperience securing IoT backend infrastructure or high-volume device API trafficExperience with ISO 27001 or similar compliance frameworksRelevant certifications (AWS Security Specialty, CKS, etc.)Who you are:You default to automation over manual processesYou think in terms of blast radius and defense in depthYou can explain infrastructure security concepts to application developers without condescensionYou're comfortable being the first person in a role and building the playbookYou stay current on cloud security threats and vulnerability disclosuresYou're excited to grow — this role has a clear path to senior as the security program maturesPura's Story We're passionate about creating spaces that inspire, elevate, and transform everyday life. We believe scent is more than just a pleasant background—it's an integral part of Scent Design, transforming homes into meaningful, personalized spaces. Our smart home fragrance diffusers allow users to design their own scent experiences with premium, clean fragrances.After 10 years of innovation, we've been recognized by Inc. and Utah Business as one of the best places to work, and we continue to push the boundaries of technology and fragrance. Join us in our pursuit of reimagining what's possible with scent design.Pura's CultureOur culture is built on a foundation of innovation, collaboration, inclusivity, and being good humans. We believe in fostering an environment where creativity thrives, empowering each team member to contribute their unique perspectives and skills. Our commitment to sustainability and integrity drives our decisions, ensuring that we not only create exceptional products but also contribute positively to our community and the planet. We celebrate diversity and prioritize open communication, cultivating a supportive atmosphere where everyone feels valued and inspired to push boundaries. Together, we're not just building a brand—we're creating a movement that redefines the role of fragrance in our lives.Join the Pura Team! We're looking for individuals who believe in the power of fragrance and technology to transform lives. If you're ready to be part of a dynamic, fast-growing company at the forefront of an exciting industry, we'd love to hear from you.Pura provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.*All candidates are subject to a background check. Powered by JazzHRwVqe98SHJa

Job Description Job Description Security Site Reliability EngineerJoin Us at Pura—Reimagining Fragrance for the FutureAt Pura, we believe life is better when it smells good. Fragrance has the unique power to transform spaces, elevate moods, and create lasting memories. But we know it can do even more. That's why we're pioneering the future of fragrance, combining cutting-edge smart home technology with premium, clean scents to create personalized, meaningful experiences in every home.We're not just a fragrance company—we're on a mission to change the way people experience scent. At Pura, we are redefining fragrance as a critical element of design, on par with color, texture, sound, lighting, and furniture. We call this Scent Design—transforming scent from an afterthought into an intentional, skillful component of every space. By blending artistry and science, Pura allows users to design their own “scentscapes” that enhance daily life and craft environments that feel as good as they smell.Why Join Pura? Our journey began with two innovators, Richie Stapler and Bruno Lima, and their shared vision of revolutionizing how we experience fragrance. Since then, Pura has grown into a company that sells a fragrance every 3.7 seconds, partnering with iconic brands like Curio, Anthropologie, and Disney. We've been recognized as the Fastest Growing Company in Utah, and we are passionate about making scent a core part of life's most memorable moments.Your Role at Pura: You'll be the first dedicated Security SRE at Pura, reporting to the CISO. This is a high-impact, high-autonomy role where you'll own the security posture of our AWS and GCP environments. You'll work alongside our AppSec engineer and Security Director to protect the infrastructure that powers millions of connected devices, our API backends, and our growing suite of internal tools.This isn't a "monitor dashboards and escalate" role. You'll be hands-on — hardening infrastructure, enforcing secure patterns in Terraform, establishing security oversight of patching processes, and responding to the accelerating pace of vulnerability disclosures driven by AI-powered security research.Our infrastructure is in good shape — 75%+ is managed via Terraform, secrets are centrally managed, and we have a solid engineering team handling reliability. What we need is someone who brings a security lens to all of it and makes our infrastructure defensible by default.What You'll Own:Own cloud infrastructure security across AWS and GCP — IAM policies, network segmentation, encryption at rest/in transit, and CIS benchmark complianceHarden our IaC (Terraform) patterns — create secure modules, enforce policy-as-code (OPA/Sentinel/Checkov), and prevent misconfigurations before they reach productionEstablish security oversight of patching — engineering owns patching execution; you verify coverage, flag gaps, and ensure critical vulnerabilities are remediated on scheduleImplement and manage cloud-native security tooling — GuardDuty, Security Hub, Cloud Armor, Config Rules, and similar servicesSupport our Wazuh SIEM — maintain and extend cloud log ingestion (CloudTrail, VPC Flow Logs, GCP Audit Logs) and help tune detection rules after initial setup by a detection engineering contractorCollaborate with engineering teams to make secure infrastructure patterns the path of least resistance, not a gateSupport ISO 27001 compliance efforts by maintaining evidence of infrastructure security controls (Vanta deployment planned Q3 2026)Respond to security incidents involving infrastructure — contain, remediate, document, and improveQualifications:Must have:3+ years in SRE, DevOps, or Infrastructure Engineering with a security focus (or security engineering with strong infrastructure skills)Hands-on experience with AWS (IAM, VPC, EKS/ECS, Security Hub, GuardDuty, CloudTrail, Config)Working experience with GCP (doesn't need to be as deep as AWS)Strong Terraform skills — you've written modules, not just applied themExperience with Kubernetes security — RBAC, network policies, pod security standards, image scanningSolid understanding of Linux systems administration and OS-level hardeningComfortable scripting in Go, TypeScript, Python, or Bash for automation and toolingExperience with centralized logging — bonus if you've worked with Wazuh, but ELK/Datadog/Grafana experience translatesNice to have:Experience with Wazuh (our SIEM platform)Familiarity with policy-as-code frameworks (OPA, Sentinel, Checkov)Experience with container security scanning (Trivy, Snyk Container, Aqua, etc.)Background in incident response from an infrastructure perspectiveExperience securing IoT backend infrastructure or high-volume device API trafficExperience with ISO 27001 or similar compliance frameworksRelevant certifications (AWS Security Specialty, CKS, etc.)Who you are:You default to automation over manual processesYou think in terms of blast radius and defense in depthYou can explain infrastructure security concepts to application developers without condescensionYou're comfortable being the first person in a role and building the playbookYou stay current on cloud security threats and vulnerability disclosuresYou're excited to grow — this role has a clear path to senior as the security program maturesPura's Story We're passionate about creating spaces that inspire, elevate, and transform everyday life. We believe scent is more than just a pleasant background—it's an integral part of Scent Design, transforming homes into meaningful, personalized spaces. Our smart home fragrance diffusers allow users to design their own scent experiences with premium, clean fragrances.After 10 years of innovation, we've been recognized by Inc. and Utah Business as one of the best places to work, and we continue to push the boundaries of technology and fragrance. Join us in our pursuit of reimagining what's possible with scent design.Pura's CultureOur culture is built on a foundation of innovation, collaboration, inclusivity, and being good humans. We believe in fostering an environment where creativity thrives, empowering each team member to contribute their unique perspectives and skills. Our commitment to sustainability and integrity drives our decisions, ensuring that we not only create exceptional products but also contribute positively to our community and the planet. We celebrate diversity and prioritize open communication, cultivating a supportive atmosphere where everyone feels valued and inspired to push boundaries. Together, we're not just building a brand—we're creating a movement that redefines the role of fragrance in our lives.Join the Pura Team! We're looking for individuals who believe in the power of fragrance and technology to transform lives. If you're ready to be part of a dynamic, fast-growing company at the forefront of an exciting industry, we'd love to hear from you.Pura provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.*All candidates are subject to a background check. Powered by JazzHRwVqe98SHJa

• 

• Government Careers