Staff Security Engineer

Job Description

• Conduct in-depth code reviews to identify and remediate security vulnerabilities • Secure infrastructure across large cloud hosting providers (e.g., AWS, Azure, GCP) • Implement and maintain robust security configurations and policies for both cloud environments and Kubernetes-backed services • Orchestrate and secure GPU clusters to ensure high performance and security • Implement and maintain CI/CD pipelines with a strong focus on security • Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to identify vulnerabilities in production code • Review and secure infrastructure as code (e.g., Terraform, CloudFormation) • Conduct regular security assessments and audits of both application and infrastructure components to identify vulnerabilities and areas for improvement • Develop and enforce security best practices for infrastructure automation and orchestration • Guide engineering teams to build robust long-term solutions that consider security and privacy • Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact • Influence the security strategy and direction of both the Product Security and Infrastructure Security teams, advocating for best practices and continuous improvement • Educate and mentor team members on security best practices and emerging threats

Qualifications

• Proven experience as a Security Engineer with a focus on both product and infrastructure security • Proficiency in NodeJS, TypeScript, and Kubernetes • Strong understanding of modern Javascript application design • Production experience with Kubernetes-backed services • Hands-on experience with SAST and DAST tools and methodologies • Proficiency in cloud security configurations and policies, as well as infrastructure as code tools such as Terraform and CloudFormation • Experience with orchestrating and securing GPU clusters • Exceptional problem-solving skills with the ability to diagnose and resolve complex security issues independently • Excellent communication skills, with the ability to clearly present technical concepts and their implications to both technical and non-technical stakeholders • Demonstrated ability to influence security strategies and drive improvements within an organization • Relevant security certifications (e.g., CISSP, CEH, OSCP, AWS Certified Security Specialty, Certified Cloud Security Professional) are a plus • Experience in a staff or principal security role is preferred

Benefits

• Comprehensive health, dental and vision coverage • Retirement benefits • A learning and development stipend • Generous PTO • Additional benefits such as a commuter stipend