Sr Cloud Security Engineer at Optimizely
Optimizely is the world's leader in customer experience optimization, allowing businesses to dramatically drive up the value of their digital products, commerce and campaigns through its best in class experimentation software platform. By replacing digital guesswork with evidence-based results, Optimizely enables product and marketing professionals to accelerate innovation, lower the risk of new features, and drive up the return on investment from digital by up to 10X. Over 26 of the Fortune 100 companies choose Optimizely to power their global digital experiences. Optimizely’s impressive customer list includes eBay, FOX, IBM, The New York Times and many more global enterprises.Job Description
Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will help drive our Cloud Security Program that enables security to be baked into all of our products and infrastructure built here at Optimizely. The responsibilities are a blend of Security Engineering, SRE and a sprinkle of Project Management. This opportunity represents an ability for someone to have an impact across an entire engineering organization and to be instrumental in building a world-class security program.
- Be an influential part of the infrastructure security program within Optimizely Engineering
- Grow a culture of security in Engineering
- Help to maintain our security awareness programs and ensure that our engineers stay informed annually of top security risks and best practices
- Create security policy, standards, procedures and guidelines for engineering to consume
- Perform security reviews of products and services
- Help to measure and grow security maturity across our engineering teams
- Triage security issues and provide recommended fixes
- Facilitate independent security assessments and penetration tests
- Evaluate new tools, processes, and frameworks; drive adoption of the best ones
- Engineering background at a SaaS company. You may not be coding from scratch, but you will need to be comfortable reviewing and discussing code with other engineers
- Familiarity with cloud security, particularly AWS Security concepts
- Experience with security functions such as understanding cloud architecture and performing design reviews, threat modeling, code and configuration reviews, and incident response
- You have great cloud security experience with an eye towards finding suspicious activities
- You have experience with SIEM and data analysis tools like ELK and Splunk
- You are able to read, and occasionally write in Python, Go, or another language
- You have experience in operations such as running and maintaining software and services, operating a large cloud deployment, or creating and triaging alerts around the health and security of your systems
- You enjoy continuously identifying important work and are able to engage other teams without explicit direction
- You can understand and translate controls for information security policy frameworks such as PCI, ISO 27001 and SOC 2
- You have worked in a fast-growth startup environment and thrived
- You are comfortable not knowing specific skills, and know when to proactively ask for help
- Bachelor’s Degree in Computer Science or related experience
- Implementing and operating security related tooling such as SIEM, OSquery, certificate management, and SOAR
- Ability to use automation tooling and frameworks such as Jenkins, AWS CodeDeploy, Chef, and Terraform
- Hungry to learn all things new and willing to work smart to get the job done
At Optimizely, we embody inclusion and embrace diversity. We believe in work/life balance and bringing our true selves to work. To that end, we offer best-in-class perks and benefits that support our Optinauts along their career journey with us. Read more about our culture at optimizely.com/careers.
Optimizely is an equal opportunity employer and makes employment decisions on the basis of merit. Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.