Optimizely is the world’s leader in Progressive Delivery and Experimentation. Its platform includes technologies for modern software development, such as feature flags, progressive rollouts, A/B testing at scale, AI-powered personalization, and real-time analytics. Millions of experiments and feature flags have been run on our platform to understand what works — and what doesn’t — eliminating guesswork. The world’s greatest companies choose Optimizely to power their product development and experimentation teams, including Visa, H&M, StubHub, IBM, Atlassian, BBC, and many more.Job Description
Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will help drive our Cloud Security Program that enables security to be baked into all of our products and infrastructure built here at Optimizely. The responsibilities are a blend of Security Engineering, SRE and a sprinkle of Project Management. This opportunity represents an ability for someone to have an impact across an entire engineering organization and to be instrumental in building a world-class security program.
- Be an influential part of the infrastructure security program within Optimizely Engineering
- Grow a culture of security in Engineering
- Help to maintain our security awareness programs and ensure that our engineers stay informed annually of top security risks and best practices
- Create security policy, standards, procedures and guidelines for engineering to consume
- Perform security reviews of products and services
- Help to measure and grow security maturity across our engineering teams
- Triage security issues and provide recommended fixes
- Facilitate independent security assessments and penetration tests
- Evaluate new tools, processes, and frameworks; drive adoption of the best ones
- Engineering background at a SaaS company. You may not be coding from scratch, but you will need to be comfortable reviewing and discussing code with other engineers
- Familiarity with cloud security, particularly AWS Security concepts
- Experience with security functions such as understanding cloud architecture and performing design reviews, threat modeling, code and configuration reviews, and incident response
- You have great cloud security experience with an eye towards finding suspicious activities
- You have experience with SIEM and data analysis tools like ELK and Splunk
- You are able to read, and occasionally write in Python, Go, or another language
- You have experience in operations such as running and maintaining software and services, operating a large cloud deployment, or creating and triaging alerts around the health and security of your systems
- You enjoy continuously identifying important work and are able to engage other teams without explicit direction
- You can understand and translate controls for information security policy frameworks such as PCI, ISO 27001 and SOC 2
- You have worked in a fast-growth startup environment and thrived
- You are comfortable not knowing specific skills, and know when to proactively ask for help
- Bachelor’s Degree in Computer Science or related experience
- Implementing and operating security related tooling such as SIEM, OSquery, certificate management, and SOAR
- Ability to use automation tooling and frameworks such as Jenkins, AWS CodeDeploy, Chef, and Terraform
- Hungry to learn all things new and willing to work smart to get the job done
At Optimizely, we embody inclusion and embrace diversity through our values and actions. It is core to Optimizely’s culture, as well as our success, that we are an equal opportunity employer who makes employment decisions on the basis of merit. We are looking to create a diverse and multifaceted team where everyone is welcome. As part of this mission, we prohibit discrimination in any form. Read more about our culture and check out our fantastic benefits at optimizely.com/careers.
Psst... There’s no such thing as the perfect candidate! So don’t let imposter syndrome hold you back. Please apply if this is a role that would make you excited to come into work everyday - we look forward to receiving your application!
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.