Senior Security Engineer

Summary

Join Vanta's Security organization as a Senior Security Engineer and own impactful projects that enhance our efficient and highly effective security team. You will participate in risk identification exercises, prioritize and plan projects, collaborate with cross-functional stakeholders, build and maintain programs for operational excellence, and support bug bounty and penetration testing programs. You will also collaborate with engineers, build and customize tools, establish a network of security champions, address development knowledge gaps through training, and provide input into architectural discussions. Vanta offers a supportive and inclusive work environment with opportunities for growth and impact at a high-growth company. We are committed to providing a competitive compensation and benefits package.

Requirements

• A track record of independent ownership of areas of responsibility
• Experience with threat modeling, red teaming, penetration testing, or other means of identifying security issues
• Some experience writing code, and an ability to read code to find security flaws
• Strong collaboration and communication skills, with deep developer empathy
• Highly organized project management skills

Responsibilities

• Participate in team exercises to identify potential security risks, including threat modeling and tabletop scenarios
• Contribute to complex prioritization discussions around which risks are the most important to solve next
• Plan projects to address the risks we prioritize, and coordinate with cross-functional stakeholders across the company to execute those projects
• Build maintainable programs to implement operational excellence where ongoing work is needed to achieve our goals (e.g. vulnerability management)
• Collaborate with engineers to review project plans and pull requests for potential security concerns and improvements
• Build, customize, and run tools to increase the maturity of our security program without adding undue friction to the company’s operations
• Support ongoing bug bounty and penetration testing programs
• Establish and maintain a network of security champions
• Understand security knowledge gaps of the development organization and help to deliver training to address gaps
• Provide input into architectural discussions to enable teams to innovate in a secure and repeatable manner

Benefits

• Industry-competitive compensation
• 100% covered medical, dental, and vision benefits with dependents coverage
• 16 weeks fully-paid parental Leave for all new parents
• Health & wellness and remote workplace stipends
• Family planning benefits through Carrot Fertility
• 401(k) matching
• Flexible work hours and location
• Open PTO policy
• 11 paid holidays in the US
• Offices in SF, NYC, Dublin, and Sydney