Case Study

How Jobcase Optimizes Cloud Security in a DevOps World

Jobcase is a “people-first’ social platform with a mission to empower the world’s workers, and with over 105 million members and 25 million unique visitors per month, Jobcase is succeeding in helping people manage and improve their work lives. The company has been helping many frontline workers during the COVID-19 pandemic, providing resources for navigating unemployment and creating filters for remote-only work.

Transitioning to DevOps

Patrick Hetherton, VP of Technical Operations at Jobcase, has spent the past four years helping Jobcase transform to a modern IT strategy. Traditionally, the operations team builds infrastructure and the development team writes code, with little overlap. The development and operations teams were using Ansible playbooks and manual setup, which was very time consuming.

As Jobcase matured rapidly, the team realized they needed more integration between teams to increase visibility and optimization. They created a unified software development (Dev) and IT operations (Ops) team, aimed at shortening the development lifecycle and driving more secure cloud operations.

Jobcase shared the following tips for successful DevOps:

  • Filter out irrelevant noise before pushing it down to development
  • Adopt automated scripts to save time
  • Understand that it’s impossible to eliminate all vulnerabilities in the development stage

Adopting CloudHealth Secure State

The Jobcase team adopted CloudHealth Secure State (CHSS) to increase their knowledge about security, with a focus on understanding member privacy and encryption. Each team at Jobcase operates differently with unique needs, so the question was: how can we work with each team to understand their specific security concerns?

CHSS allowed Jobcase to build out their foundation for success. As a total AWS shop, being able to easily tie all of the services together between AWS and CloudHealth was a huge benefit for Patrick’s team. Jocase uses CHSS to create custom security checks to quickly identify risks and respond immediately with remediative action. Jobcase also integrated CHSS alerts with Slack so they could be notified of security threats through that platform 24/7.

Leveraging CloudHealth automation

Automation is a key piece of Jobcase’s cloud security journey and the team consistently keeps the mantra: “rapid, reliable, repeatable” top-of-mind when creating new automation policies. As automation helped the team scale security controls, communication was important to ensure efficiency.

Patrick emphasized that building and implementing automation policies takes time and collaboration is key:

“It’s a marathon, not a sprint. We go back and forth with the development teams a lot to make sure we’re addressing their needs and concerns while still being able to turn out a quality product quickly.”

Patrick Hetherton
VP of Technical Operations, Jobcase

Optimizing through COVID-19

There have been mass layoffs across the globe due to COVID-19, and Jobcase makes the job search seamless during this difficult time with a four-pronged approach: Personalization, Tools, Community, and Advocacy.

“Obviously during the pandemic there’s been a large focus on frontline workers and making sure they’re supported,” Patrick shared. Through job search personalization, resume building tools, and an online community, Jobcase is able to accommodate any type of job search, including remote-only jobs and night shifts.

“We’ve had to pivot very quickly in these times and CloudHealth has been a good mix of security and velocity that has kept us going to make sure Jobcase is meeting the needs of its customers.”

Patrick Hetherton
VP of Technical Operations, Jobcase

Check out Jobcase's full CloudLIVE session to learn how the team optimizes cloud security.