Senior Information Security Engineer

Summary

Join LastPass as a Senior Information Security Engineer and play a key role in enhancing our Edge Security posture, focusing on services like Web Application Firewall, Edge DNS, and Bot Management. You will research and implement trust and safety measures for LastPass products, configure and maintain Akamai security services, optimize security configurations, and ensure compliance with security policies. The role involves collaborating with cross-functional teams, responding to security incidents, and communicating effectively with stakeholders. This position requires strong experience in information security engineering, particularly with Akamai products, and excellent communication skills. LastPass offers a remote-first culture, competitive compensation, flexible PTO, generous parental leave, comprehensive health coverage, and continuous learning opportunities.

Requirements

• Strong experience in information security engineering, with focus on Edge security solutions (Akamai or Cloudflare or Fastly)
• Expert-level knowledge of Akamai products, including Kona Site Defender, Web Application Firewall, Bot Manager, and Edge DNS
• Proven experience in implementing and managing Akamai’s advanced security configurations, such as rate limiting, anti-bot measures, and DDoS protections
• Hands-on experience in optimizing Akamai configurations to balance security, performance, and end-user experience
• Knowledge of industry-standard security frameworks and best practices
• Strong problem-solving abilities, collaborative mindset, and proactive approach
• Effective communication skills across diverse stakeholder groups with varying backgrounds and technical expertise within LastPass
• Excellent written and verbal communication skills in English

Responsibilities

• Research, identify, and implement measures that address trust and safety concerns of new and existing LastPass products and services
• Configure and maintain Akamai security services such as WAF, Kona Site Defender, Edge DNS, and Bot Manager to protect web applications and APIs
• Proactively analyze, configure, and fine-tune security rules, custom rulesets, and access controls within Akamai products based on evolving security requirements
• Collaborate with development and network teams to optimize security configurations without compromising performance or user experience
• Regularly audit and review Akamai security configurations to ensure alignment with internal security policies, industry best practices, and compliance requirements
• Work closely with cross-functional teams to share security best practices, provide technical guidance, and support DevSecOps initiatives
• Implement strategies for proactive threat detection using Akamai tools, log monitoring, and anomaly detection to stay ahead of emerging threats
• Lead the response to incidents, including mitigating attacks through Akamai configurations, monitoring traffic patterns, and collaborating with the incident response team
• Collaborate with incident response teams to analyze and respond to security incidents promptly
• Implement proactive measures to prevent future incidents and enhance the resilience of our systems
• Communicate effectively with stakeholders to convey complex security concepts and requirements

Preferred Qualifications

• Certifications such as CISSP, CISM, or related certifications in information security
• Akamai Certifications
• Experience with machine learning frameworks and tools for building anomaly detection models
• Knowledge of regulatory requirements and standards related to information security
• Experience with penetration testing and ethical hacking
• Experience working with global teams
• Background in Computer Science, Information Security, or a related field
• Proficiency in programming languages such as Python, PHP, or C#

Benefits

• Competitive compensation
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
• Generous Parental leave
• Comprehensive health coverage, dependents included
• Home office setup support
• LastPass families free account up to 5 members
• Continuous learning and development opportunities
• Remote first culture