Platform Security Engineer

The Security Engineering Team within the Platform Security organization is responsible for the strategic selection, implementation, management, and optimization of cybersecurity tools and technologies that improve security capabilities of the organization's platform. This team is instrumental in fortifying the security posture, proactively identifying and responding to security threats, ensuring the resilience and protection of critical data, systems, and services.

Platform Security Engineer’s primary focus will be designing, implementing, and maintaining security measures to protect company’s environments from various threats.

In this position, your responsibility will be to:

• Discover, remediate, and validate security issues across cloud infrastructure per industry standard information security policies.
• Collaborate with fellow engineers to devise effective solutions tailored to our specific needs.
• Design, implement, operate, and maintain systems that improve the security of the company.
• Serve as a security subject matter expert to other teams.
• Facilitate threat-modeling sessions.

We expect you to have:

• 3+ years of experience in the security field.
• 1+ years of experience working with major or private cloud providers.
• Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go, if necessary.
• A fast learner who can pick up new ideas in software and security on the fly.
• Comfortable working independently.
• Good written and verbal communication skills in English.
• Experience with network, host, and application security practices.
• Solid general knowledge in distributed systems and Linux systems engineering.
• Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.

It would be an added bonus if you had:

• Confident in presenting your ideas and opinions in a manner that can be challenged, while responding well to feedback.
• Experience with in threat-modeling techniques.
• Experience in exploiting vulnerabilities in web applications, Linux kernels, containers, and networks.
• Experience in using and accessing security of Infrastructure as Code (Terraform).
• Experience with hardening Linux based systems (apparmor, seccomp, etc.).
• Experience with hardening Kubernetes.
• Relevant security certifications (CKS, OSCP, OSCE, etc.).
• Experience in designing, building, and maintaining security automation.
• Experience in designing, building, and maintaining Identity Aware Proxies or Bastion hosts.
• Experience in translating compliance and regulation requirements into technical specifications.
• Experience in securing bare metal workloads.

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!