Although we’re proud of our history, we’re just as excited about the future. We want to create a world-class culture and company that attracts, develops, engages and retains elite talent.
At SalesLoft, our information security team is pivotal to our company’s success. You will be a key member of our security engineering team, responsible for the protection of SalesLoft’s critical technology and data resources.
On a day-to-day basis, you will be responsible for ensuring the effective design, implementation and maintenance of controls to protect SalesLoft systems and data. Specifically, you will:
- Implement a threat modeling program to identify weaknesses in preventive, detective, and responsive security controls
- Identify indicators of compromise (IOCs) and create alerting mechanisms to the security operations team to initiate investigation
- Ensure appropriate levels of logging are in place on critical systems to enable real-time monitoring and forensic analysis
- Implement a security incident and event management (SIEM) solution to correlate events across systems and ensure timely detection of events or conditions that present possible security risks
- Tune SIEM and other detection systems to optimize “signal to noise” ratio
- Implement and perform threat hunting to proactively identify anomalous or unauthorized use of SalesLoft assets
- Serve as an escalation point in the security operations workflow to detect and respond to threats to SalesLoft assets in real time
- Train and share knowledge with security team members to improve skills around threat modeling, threat hunting, and incident response
- Respond to actual or suspected security incidents in a manner that minimizes impact, leads to continuous improvement, and complies with relevant laws and regulations
- Stay abreast of industry trends to ensure the security program evolves as needed
- Assist the governance, risk and compliance team in demonstrating SalesLoft’s controls to customers, auditors, and other relevant stakeholders.
In addition to working with amazing colleagues who exemplify our ‘team over self’ core value, you will also have the opportunity to design and build new ways to help keep our systems and data safe. You will have an opportunity to make a difference.
WHAT WE’RE LOOKING FOR:
We are seeking a bias-towards-action, results-oriented engineer to serve as a technical expert on our security engineering team. Specifically, you will play a pivotal role in helping us implement industry leading security controls and processes that will scale with the business.
If you’re looking for an opportunity to learn more, do more, and become more than previously possible… if you’re passionate about innovation, growth and serving customers and thrive in a fast-paced, developmental environment, then becoming an information security engineer is the career path for you!
SalesLoft’s security team comprises seasoned and up-and-coming infosec professionals who are all aligned on one vision and mission:
- Vision: Every seller is loved by the buyers they serve (#saleslove)
- Mission: Equip companies to maximize revenue by creating a fantastic buying experience
The security engineering team consists of practitioners who strive to find and fix potential weaknesses in SalesLoft’s control environment while also looking for threat indicators and mitigating risks across the organization. They are also the epitome of our core values - Customers First. Team Over Self. Focus on Results. Bias Towards Action. Glass Half Full.
THE SKILL SET:
- 5 years of experience in a security architect or production technology operations role
- Professional working knowledge of the following technologies:
- SIEM technologies (e.g., Splunk, SumoLogic)
- Ability to thrive in a dynamic, fast-paced startup environment
- Experience building and participating in threat modeling and threat hunting programs
- SIEM management and implementation experience
- Familiarity with information security compliance standards relevant to SalesLoft (including GDPR, SOC 2, ISO 27001)
- Ability to multi-task with strong attention to detail
- Track record of working with security configurations for sensitive data and systems
- Industry certifications (e.g., CISSP, AWS Security Specialty, etc.) a plus