Iterable is hiring a
Senior Cloud Security Engineer

Summary

Join our vibrant Security Engineering team to move the current state of security to the next level at Iterable. We're looking for individuals to join our team to improve cloud security capabilities, support peers in building an amazing product through creating an environment which fosters security by design.

Requirements

• Experience providing cloud security subject matter expertise and guidance to people external to a security team
• Solid understanding of cloud security vulnerabilities defense techniques and security best practices, including AWS security practices and present-day threats
• Knowledge of system and infrastructure hardening and monitoring best practices in a cloud environment
• Experience with modern cloud infrastructure including EC2, EKS, Kubernetes, workload orchestration, data stores (relational DBs, NoSQL and document DBs), object stores(S3) and event streaming
• Strong working knowledge of AWS services and security concepts including AWS Organizations, AWS Identity (SSO), Identity and Access Management (IAM), Service Control Policies (SCPs), Virtual Private Clouds, Elastic Load Balancers, AWS CloudTrail, and Security Groups
• Proficiency in an AWS-compatible programming language, such as Python, Ruby, Java, or Go

Responsibilities

• Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices, document and ensure security issues are appropriately remediated
• Leverage subject matter expertise of systems and infrastructure to propose solutions and drive architectural improvements which address classes of security vulnerabilities
• Develop and implement cloud and infrastructure security architecture and contribute to overall strategy and roadmap plans
• Participate in the selection, design, development, implementation, and management of automated security testing tools, such as cloud security posture management and image vulnerability scanners
• Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure deployments via Terraform, AWS CloudFormation, or similar, are secure and compliant with standards and guidelines
• Coordinate and participate in penetration tests of our cloud services

Benefits

• Paid parental leave
• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Days (additional paid holidays)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Monthly Employee Wellness allowance
• Monthly Professional Development allowance
• Pre-tax commuter benefits
• Complete laptop workstation