Senior Security Engineer

Sift Science San Francisco , CA 94118

Posted 3 months ago

About the team:

Sift is a highly collaborative environment committed to driving Digital Trust & Safety solutions that protect customers from fraudulent abuse, costing them time, money, and risk to brand reputation. That same drive is applied to securing our own platform; our customers trust with their data and we strive to continuously evolve and adapt our platform by constantly learning, applying the latest technologies, and most importantly, carefully listening to feedback.

What we're looking for:

As a Security Engineer at Sift, you will work across the enterprise to design and develop complex security solutions to protect against today's threats. This high impact role will be part of the Security organization and will be accountable for delivering the security foundation that allows Sift to aggressively move forward, applying the highest standards to protect our customers.

You will have the opportunity to actively monitor for security threats through detection creation and investigations, help secure our network boundaries from attacks and breaches, harden our security applications and infrastructure to protect our customers data and maintain customer confidence that they are secure when accessing the console.

What you'll do:

  • Directly contribute to Sift's growth by designing and developing security solutions

  • Leverage your defensive security skills to continuously evolve and mature Sift's security monitoring capabilities to detect active threats, including: detection creation, investigation and response, and threat hunting

  • Work across the organization to mitigate security events or incidents, establishing scope and impact, performing forensic activities, contributing to internal/external communications, and providing technical guidance to both mitigate the event in a timely manner, but also secure against future attacks

  • Contribute to post-mortem incident reviews for management and leadership, including root cause, remediation steps, and future improvements to protect a recurrence.

  • Work cross-functionally to identify exposed vulnerabilities across Sift applications and infrastructure through automated scanning and actionable reporting

  • Drive security best practices at the ground floor by participating in security reviews, threat modeling, and engineering reviews across the org to help identify potential risks before it reaches the customer

  • Participate in both technical and non-technical discussions as Security SME, building confidence by effectively communication how our solutions defend against active threats

  • Provide input on security initiatives to automate and scale security processes across engineering

What we're looking for:

  • 3+ years of hands-on experience developing and implementing enterprise wide security controls

  • Strong technical understanding of software and application security: (e.g. OWASP Top 10) in a continuous development environment

  • Experience managing SIEM infrastructure, log ingestion, detection creation, investigations and threat hunts

  • Clear understanding of Incident Response process with proven examples of contribution: discovery assessment, response, mitigation, root cause analysis, communication, and failure mitigation

  • Vulnerability scanning experience including scan automation, vulnerability assessments, current attack/defense methodologies, and remediation

  • Experience with various application security solutions/tools such as code analysis (static & dynamic), vulnerability scanning, pen testing

  • Strong communication skills

  • Experience driving threat modeling exercises across big data platforms responsible for managing sensitive data

  • Good understanding of Linux systems

  • Strong scripting skills for process automation

Bonus points:

  • Google Cloud Platform (GCP) experience, specifically around adopting and adapting out of box security controls

  • Bug bounty program development or participation

  • Experience in helping drive compliance programs (SOC2, PCI, etc), risk assessments and developing privacy & security engineering principles and best practices

  • BS in Computer Science or related field

A little about us:

Sift is the leading innovator in Digital Trust & Safety. Hundreds of disruptive, forward-thinking companies like Airbnb, Zillow, and Twitter trust Sift to deliver outstanding customer experience while preventing fraud and abuse.

The Sift engine powers Digital Trust & Safety by helping companies stop fraud before it happens. But it's not just another anti-fraud platform: Sift enables businesses to tailor experiences to each customer according to the risk they pose. That means fraudsters experience friction, but honest users do not. By drawing on insights from our global network of customers, Sift allows businesses to scale, win, and thrive in the digital era.

Benefits and Perks:

  • Competitive total compensation package

  • 401k plan

  • Medical, dental and vision coverage

  • Wellness reimbursement

  • Education reimbursement

  • Flexible time off

  • Catered meals

Sift is an equal opportunity employer. We make better decisions as a business when we can harness diversity in thought, experience, data, and background. Sift is working toward building a team that represents the worldwide customers that we serve, inclusive of people from all walks of life who can bring their full selves to work every day, so we can Win as One Team.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Engineer


Posted 2 weeks ago

VIEW JOBS 8/10/2019 12:00:00 AM 2019-11-08T00:00 Location: San Francisco, CA in more than 100 countries. With multiple successful products, and our vocal advocacy for blockchain technology, we have played a major part in mainstream awareness and adoption of cryptocurrency. We are proud to offer an entire suite of products that are helping build the cryptoeconomy, and increase economic freedom around the world. There are a few things we look for across all hires we make at Coinbase, regardless of role or team. First, we assess whether a candidate demonstrates our values: Clear Communication, Positive Energy, Efficient Execution, and Continuous Learning. Second, we look for signals that a candidate will thrive in a culture like ours, where we default to trust, embrace feedback, disrupt ourselves, and expect sustained high performance because we play as a championship team. Finally, we seek people with the desire and capacity to build and share expertise in the frontier technologies of crypto and blockchain, in whatever way is most relevant to their role. Read more about our values and culture here. Coinbase stores more digital currency than any company in the world, making us a tier 1 target on the internet. Given breaches are the number one cause of death amongst digital currency companies, security is core to our mission and has been a key competitive differentiator for us as we scale. As a Security Engineer, you will be responsible for building the security controls leveraged by Coinbase. You will develop and foster partnerships with key business groups to ensure that we're delivering the right tools and services to the right people at the right time. What you'll be doing: * Build/deploy/maintain security-critical services. * Partner with product teams on security-critical projects. * Help grow and mature the Coinbase Security Engineering program and team. * Developing measurable metrics to show growth in capabilities. * Champion the Security team within the organization. What we look for in you: * Significant experience as a software engineer. * Solid foundation in security topics such as Cryptography, Authentication/Authorization, etc. * Proficient in a modern high level language (Python, Ruby, Node, Go, etc.). * Deep understanding of AWS services and architectures. Nice to haves: * Experience working in a high security and/or highly regulated industry. * Experience in securing large Rails, NodeJS, and Golang codebases. * Experience in securing Digital Assets. Coinbase is committed to diversity in its workforce and is proud to be an equal opportunity employer and to review all of our job postings to minimize biased language. Coinbase does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Coinbase will also consider for employment qualified applicants with arrest and conviction records in a manner consistent with San Francisco's Fair Chance Ordinance and similar local laws. Coinbase San Francisco CA

Senior Security Engineer

Sift Science