Security Engineer

Factory

$120K — $160K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years experience as a Security Engineer focused on product security, especially in cloud environments.
  • Proficient in TypeScript and Python for secure coding.
  • Expertise in application security, network security, security operations, and incident response.
  • Experience with container security, particularly Docker and Kubernetes.
  • Familiarity with AWS services (VPC, EC2, Lambda, RDS, S3) and IaC security practices.
  • In-depth understanding of CI/CD tools like GitHub Actions or Jenkins.
  • Knowledgeable in security compliance frameworks (ISO 27001, SOC 2, GDPR) and experience with security assessments.

Responsibilities

  • Design and manage security measures to protect cloud infrastructure, applications, and data.
  • Collaborate with engineering teams to integrate security into the software development lifecycle.
  • Stay updated on security threats and mitigation strategies.
  • Conduct code reviews to find and fix security vulnerabilities.
  • Develop automated security testing procedures to uncover risks.
  • Respond to security incidents and participate in incident response efforts.
  • Document security processes and lead security awareness training programs.

Benefits

  • The team operates in-office 5 days a week in San Francisco, close to Caltrain.
Full Job Description
You will play a critical role in developing and maintaining the security foundation of our platform. You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD, and terraform orchestration will be crucial in identifying and mitigating potential security vulnerabilities.

What you will do and achieve:
  • Design, implement, and manage security measures for the protection of our cloud infrastructure, applications, and data, focusing on both preventative controls and rapid response capabilities.
  • Collaborate closely with our engineering teams to integrate security practices into the software development lifecycle, including secure coding standards, automated security testing, and secure architecture design.
  • Stay up-to-date on the latest security threats, vulnerabilities, and mitigation strategies.
  • Conduct security code reviews to identify and remediate security vulnerabilities.
  • Develop and implement automated security testing procedures to identify vulnerabilities and risks, recommending and implementing appropriate mitigation strategies.
  • Respond to security incidents and participate in incident response procedures.
  • Document security processes, procedures, and best practices.
  • Lead security awareness and training programs, empowering all team members to recognize and prevent potential security threats.
Qualifications
  • Minimum 5+ years of experience as a Security Engineer with a focus on product security, with a strong background in securing cloud-based environments (AWS, Azure, GCP) and understanding of Infrastructure as Code (IaC) security practices.
  • Strong coding skills with proficiency in TypeScript and Python.
  • Expertise in various security domains such as application security, network security, security operations, and incident response.
  • Experience with container security (Docker Security, Kubernetes Security).
  • Familiarity with a wide range of AWS services, including but not limited to VPC, EC2, Lambda, Amazon RDS, and S3.
  • In-depth knowledge of CI/CD pipeline tools and practices, ideally with experience in GitHub Actions or Jenkins.
  • Knowledgeable in security compliance frameworks and regulations (e.g., ISO 27001, SOC 2, GDPR) and experience with security assessments and third-party audits.
  • Proficiency with security tools and technologies, such as firewalls, IDS/IPS, vulnerability scanners, WAF, SIEM, and encryption solutions.
  • Demonstrated ability to influence security strategies and drive improvements within a team.
  • The team goes into the office 5 days a week in San Francisco (walking distance to Caltrain).

Similar Jobs

More Jobs at Factory

More Information Technology Jobs

Find similar Security Engineer jobs: