Staff Security Engineer

As the Staff Security Engineer you will be responsible for Application, Cloud, and Enterprise Security assessment and recommendations, and will implement external integrations as well as in-house projects to accomplish state-of-the-art security tooling, and practices, for all their products. You will work closely with Engineering, Information Security, Data, and several other functions to ensure security is part of their technology’s design and development workflows. You can use processes like code reviews, security architecture reviews, and mentorship, among others, to accomplish this.

To thrive in this role you must have a solid experience and knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, and BGP) and cloud-native security architecture on AWS, GCP, or Azure. You will have an opportunity to implement modern development and deployment processes used by consumer technology organizations. You will need to have a diverse range of security experience at the enterprise level (information, application, network, and IT) and experience protecting against and mitigating real-world attacks (DDoS, XSS, session-hijacking, SQL injection, CSRF, etc)

Here’s what you can expect as a Staff Security Engineer:

• Architect, evaluate, build, and support security-focused tools and services
• Contribute code that improves security throughout their products
• Build mitigations and remediations for security vulnerabilities with your fellow engineers
• Identify and assess security risks, model threats, and develop mitigation plans
• Perform application security software and configuration reviews spanning a wide range of digital technologies (web, mobile, embedded)
• Perform Cloud Infrastructure reviews to ensure we build in a safe-by-default manner, minimizing access risks
• Support third-party audits of our application, including SOC2 and Pen Tests
• Empower developers to do their job securely without creating unnecessary friction
• Educate your fellow engineers about security in application code and infrastructure
• Advance your personal knowledge of application and Cloud security to stay on the bleeding edge