Senior Security Engineer

PagerDuty

Job title:

Senior Security Engineer

Company

PagerDuty

Job description

PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud.Visit our to explore life at PagerDuty, discover opportunities, and sign-up for job alerts!PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-focused team! As a Senior Security Engineer, you will be a key contributor to leading security initiatives around foundational infrastructure supporting the PagerDuty SaaS offerings through architecture reviews, threat modeling sessions, and defining product security standards and platform protections supporting PagerDuty’s security mission. Since we own and operate what we build, you’ll collaborate closely with engineers across many product development teams. You will work closely with our internal development teams to ensure we deliver secure, highly reliable, and scalable solutions to our customers. This is an exciting opportunity to build lovable security solutions that make developers and customers happy. The ideal candidate will come from a large enterprise environment focused on establishing security standards, coordinating with product development teams, and developing strategies for Secure by Default security architectures and tooling. Things that make you smile: secure product architectures, providing an engaging Developer Experience for security adoption, and cute animal memes.KEY RESPONSIBILITIES

  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections.
  • Establish criteria for and conduct comprehensive security reviews during various stages of product development, ensuring security vulnerabilities are identified and addressed.
  • Perform regular threat assessments and coordinate with third-party services for penetration testing to identify potential security threats and ensure the robustness of security measures.
  • Mentor and help guide team members to ensure product and business objectives are considered for project implementations by fostering a strong writing culture with project charters and design documents.
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the rest of the team to design and implement robust security frameworks. Strong appetite for challenging problems with a high degree of ownership.
  • Participate in our team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences.
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to ensure easy adoption.
  • Establish and maintain baseline standards and hardened configurations for platform components, including container images and Kubernetes deployments.
  • Continuously enhance security frameworks by focusing on IAM strategies, product security standards, and platform protections, tailored for environments leveraging Kubernetes and AWS infrastructure within a microservices architecture.

BASIC QUALIFICATIONS

  • 5+ years of experience as a full-stack Security Engineer in a cloud-native, micro-service SaaS, PaaS, or IaaS environment, preferably in AWS.
  • Must have experience in securing containerized environments, including network security, identity management, and deployment strategies within cloud platforms such as AWS and Kubernetes.
  • Familiarity with cloud-native product technologies including:
  • Cloud Infrastructure security (such as AWS GuardDuty, AWS CloudTrail, Secrets Manager, AWS Control Tower, Azure Security Center )
  • Vulnerability detection (such as Qualys/Nessus, Wiz, Snyk)
  • SIEM (such as SumoLogic, LogRythm, or Splunk)
  • Container Security (such as Kubernetes, EKS)
  • CI/CD Discipline (such as CircleCI, Buildkite, Helm, Terraform, Chef)
  • Security Incident Response & Risk Management
  • 4 years of experience and proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails).
  • Have exceptional written, oral communication, and interpersonal skills.
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines.

PREFERRED QUALIFICATIONS

  • Current or past experience with obtaining and maintaining FedRAMP authorization.
  • Experience working at a SaaS company larger than 1000 employees and 100M in revenue.
  • Ability to analyze complex problems, develop solutions under guidance, and assist in implementing these solutions with a growing set of change management skills.
  • Possesses a strong sense of ownership and a keen discernment for excellence in securing systems within a SaaS environment, demonstrating the ability to distinguish what constitutes truly robust and effective product security.
  • Demonstrated history of mentoring and coaching.
  • Familiarity with Corporate security needs and solutions, and ability to provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO mandates.

The base salary range for this position is 139,000 – 207,000 CAD. This role may also be eligible for bonus, commission, equity, and/or benefits.Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.Not sure if you qualify?Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you’re new to the corporate world, returning to work after a gap in employment, or simply looking to take the next step in your career path, we are excited to connect with you.Where we workPagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible workplace. We also provide ample opportunities for in-person and virtual connection, like team offsites and volunteering events.How we workOur values are deeply embedded in how we operate and the people we bring on board. You will see our values ingrained in how we support our customers, collaborate with our colleagues, develop our products and foster an inclusive and empathetic work culture.

  • Champion the Customer | Put users first to design great products and experiences.
  • Run Together | Build strong teams that amplify our impact on users.
  • Take the Lead | Disrupt and invent to be the first choice for users.
  • Ack + Own | Take ownership and action to deliver more efficiently to users.
  • Bring Your Self | Bring your best self to build empathy and trust with users.

What we offerOne way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations.Your package may include:

  • Competitive salary and company equity
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Paid parental leave – up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days – scheduled company-wide paid days off in addition to PTO
  • HibernationDuty – an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge
  • Paid volunteer time off – 20 hours per year
  • Company-wide hack weeks
  • Mental wellness programs

About PagerDutyPagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. The PagerDuty Operations Cloud revolutionizes how critical work gets done, and powers the agility that drives digital transformation. Customers rely on the PagerDuty Operations Cloud to compress costs, accelerate productivity, win revenue, sustain seamless digital experiences, and earn customer trust. More than half of the Fortune 500 and more than two thirds of the Fortune 100 trust PagerDuty including Cisco, Cox Automotive, DoorDash, Electronic Arts, Genentech, Shopify, Zoom and more.Led by CEO Jennifer Tejada, PagerDuty’s Board of Directors is 50% female and 62% URP representation. We strive to build a more equitable world by investing 1% each of company equity, product, and employee volunteer time.PagerDuty is Great Place to Work-certified™, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2.Go behind-the-scenes on Instagram.Additional InformationPagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status.PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email [email protected] and we will work with you to meet your accessibility needs.PagerDuty uses the E-Verify employment verification program.

Expected salary

Location

Toronto, ON

Job date

Sat, 11 May 2024 06:35:36 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (globalvacancies.org) you saw this job posting.

To apply for this job please visit jobviewtrack.com.

Job Location