Security Engineer 5 - Product & Application Security

Summary

Join PagerDuty's diverse team as a Staff Security Engineer 5 and leverage your expertise in securing applications within a cloud-native environment. You will lead projects, identify security gaps, and collaborate with various teams to enhance our security posture. This role requires extensive experience in infrastructure and cloud security, along with strong communication and problem-solving skills. You will mentor junior engineers and contribute to a security-aware culture. PagerDuty offers a competitive salary, comprehensive benefits, flexible work arrangements, and opportunities for professional growth. We encourage applications even if you don't meet every requirement.

Requirements

• 7+ years of experience in infrastructure security, including IaaS, PaaS, and SaaS, and network security
• 5+ years of experience with cloud-native security and cloud-native application security best practices
• Experience with Linux operating systems, scripting languages (Python), configuration languages (YAML, JSON), and technologies like Terraform/Cloudformation and tools like Chef or Ansible
• Experience with AWS cloud security best practices and technologies such as AWS IAM, AWS Organizations, AWS Shield, and AWS GuardDuty
• Excellent written and verbal communication skills
• Ability to concisely describe intricate security challenges
• Ability to solve security problems constructively
• Proven track record of leading successful security engineering projects
• Past experience with application security, security testing, code reviews, and identity and access management
• Past experience with threat analysis, threat hunting, and proactive security practices
• Prior experience with Application Security, Secure SDL for cloud-native services
• Experience with containerized applications and technologies like Docker and Kubernetes
• Experience working in a continuous delivery/continuous deployment environment

Responsibilities

• Lead, design, implement, and configure security controls for SaaS applications in a cloud-based infrastructure environment
• Lead complex projects requiring in-depth knowledge across technical, solutions, and business areas, collaborating across the broader engineering organization
• Identify threats, vulnerabilities, and security gaps, recommending enhancements to improve product and infrastructure security
• Support security operations to protect the confidentiality, availability, and integrity of customer data and build/maintain customer trust
• Partner with product/engineering, corporate operations, and employees to foster a security-aware culture
• Provide thought leadership on modern security operations and lead the infrastructure security organization in building trust through security
• Participate in the team's on-call rotation, triaging and addressing security issues
• Mentor and grow application security engineers

Preferred Qualifications

Certifications such as AWS Security Specialty, (ISC)2 CCSP, (ISC)2 CISSP

Benefits

• Competitive salary
• Comprehensive benefits package from day one
• Flexible work arrangements
• Company equity
• ESPP (Employee Stock Purchase Program)
• Retirement or pension plan
• Generous paid vacation time
• Paid holidays and sick leave
• Dutonian Wellness Days & HibernationDuty - company-wide paid days off in addition to PTO
• Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
• Paid volunteer time off: 20 hours per year
• Company-wide hack weeks
• Mental wellness programs