Opportunities at Craft portfolio companies


Sr. Security Engineer

The Boring Company

The Boring Company

Software Engineering
Las Vegas, NV, USA
Posted on Thursday, March 14, 2024
The Boring Company was founded to solve the problem of soul-destroying traffic by creating an underground network of tunnels. Today, we are creating the technology to increase tunneling speed and decrease costs by a factor of 10 or more with the ultimate goal of making Hyperloop adoption viable and enabling rapid transit across densely populated regions.
The Boring Company is hiring a security engineer to join the security engineering team to help protect and drive our mission. Our engineers are responsible for building innovative security solutions to protect against threats to our Systems. As a Sr. Security Engineer, you will focus on the "behind the scenes" technologies that ensure our networks and systems are up to industry and The Boring Company standards. You will be responsible for providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across The Boring Company to ensure that the technologies and systems we build in-house or purchase and deploy in-house are designed and maintained in a secure way that minimizes risk.
Design, build, and maintain technology solutions and systems that provide security for The Boring Company systems, networks, and data. This can include:


  • Authentication and identity services, including multi-factor solutions, network access control identity servers, and related authentication and authorization technologies.
  • Identity lifecycle management services and automation. Build and maintain scripts and automation that support the information security mission across The Boring Company, to be utilized by information security teammates and other partner organizations.
  • Network security systems and the backend infrastructure that powers such services.
  • Application level security controls (e.g. web application firewalls).
  • Cloud deployments security policy enforcement, centralized configuration management, monitoring, etc.
  • Serve as the subject matter expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
  • Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies. Materialize this as improvements which result in stronger and safer software and application deployments across The Boring Company, measuring in decreased risk and prevalence of issues.
  • Create solutions that are scalable, repeatable, maintainable, and secure.
  • Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.

Basic Qualifications

  • Development experience in any modern programming language (including but not limited to Python, C++, Rust, Go)
  • Experience developing security architectures and primitives (i.e. TLS, Zero-Trust)
  • 5+ years of professional experience in security engineering with a bachelor's degree in security engineering, cyber security, computer science, engineering, math, or other STEM discipline; OR 7+ years of professional experience in security engineering in lieu of a degree
We're a team of dedicated, smart, and scrappy people. Our employees are passionate about our mission and determined to innovate at every opportunity.
We offer employer-paid medical, dental, and vision coverage, a 401(k) plan, paid holidays, paid vacation, and a competitive amount of equity for all permanent employees.
The Boring Company is an Equal Opportunity Employer; employment with The Boring Company is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.