Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Staff Cloud Security Engineer

Optimizely

Staff Cloud Security Engineer

San Francisco, CA
Full Time
Paid
  • Responsibilities

    Job Description

    Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will grow our software security program that facilitates security being baked into all of the products and infrastructure built at Optimizely. The responsibilities are a blend of security engineering and software engineering. If you’re a security engineer looking to get into a leadership position, this is a great opportunity for you to have impact across an entire engineering organization and support a world-class software security program.

    HOW YOU WILL MAKE AN IMPACT

    • Support the software security program in Optimizely Engineering- ensure that security is baked in to everything we build at every step of the software development lifecycle
    • Grow a culture of security in Engineering - we do fun things like security happy hours, pizza and t-shirts
    • Perform security reviews of technical design documents
    • Measure and grow security maturity across engineering
    • Triage security issues and provide recommended fixes
    • Support our bug bounty program
    • Facilitate independent security assessments and penetration tests
    • Evaluate new tools, processes, and frameworks; Drive adoption of the best ones
    • Review and respond to new security threats
  • Qualifications

    Qualifications

    • Software engineering background at a SaaS company. You may not be coding often, but you will need to be comfortable reviewing and discussing code with software engineers
    • Familiarity with cloud security, particularly AWS Security concepts. You will be collaborating with the Site Reliability Engineering team to bake AWS and GCP security best practices into our infrastructure based on Kubernetes and Terraform.
    • Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response. You will act as the Security Partner for one or more Engineering teams to facilitate these practices.
    • Able to influence without authority and have excellent teamwork skills
    • Exceptionally clear communication skills- you'll need to communicate effectively and build relationships with all levels and roles at Optimizely

    DESIRED EXPERIENCE

    • Implementing software security programs like the Security Development Lifecycle
    • Discussing security with customers
    • Implementing controls for information security compliance programs including PCI, ISO 27001 and SOC 2
    • Worked in a fast growth startup environment

    REQUIRED EXPERIENCE

    • Bachelor’s Degree in Computer Science or a related field
    • Implementing software security programs like the Security Development Lifecycle at a SaaS company

     

    Additional Information

    At Optimizely, we embody inclusion and embrace diversity.   We believe in work/life balance and bringing our true selves to work.  To that end, we offer best-in-class perks and benefits that support our Optinauts along their career journey with us.  Read more about our culture at optimizely.com/careers.

    Optimizely is an equal opportunity employer and makes employment decisions on the basis of merit.  Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines.

    Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

  • Industry
    Transportation / Trucking / Railroad