Staff Security Engineer

What we do

What you'll do

• Infrastructure & Cloud Security - Drive initiatives to identify, implement and operate processes/technologies to manage risk across product and corporate infrastructure in a hybrid-cloud environment. This includes initiatives such as email security, server & container security and cloud security posture management.
• Threat Management - Lead the security threat detection and response strategy and operations by implementing processes and technologies to mature the same. Establish automated incident detection sensors and response playbooks. Manage technologies such as EDR and SIEM and engage with third party providers of services as needed. Lead the bug-bounty and annual penetration testing activities partnering with both internal and external stakeholders.
• Vulnerability Management - Perform manual and automated vulnerability assessments. Manage automated vulnerability scanning technologies and Analyze/triage vulnerabilities from across these technologies and infrastructure to prioritize appropriate mitigation. Partner with business groups to establish & mature vulnerability detection processes and remediation SLAs.
• SDLC Security - Improve the secure SDLC pipeline by maturing security practices at each stage of the SDLC from security and privacy by design (SbD & PbD) to automated assessments in the Ci/CD pipeline.
• Data Protection - Establish procedural and technical controls to manage the security and privacy of the business data collected and processed within the organization.
• Training & Mentoring - Provide security & privacy training including role specific training for groups across the organization and mentor other junior members in the team.

What you'll bring

Studies have shown that some candidates tend to apply to jobs only if they meet 100% of the qualifications. We encourage you to apply if you meet most of the criteria - even if you don’t match all of the qualifications, your skills and experience could be valuable in this role!

• 5+ years of hands-on relevant work experience in implementing Security & Privacy programs
• 2+ years of experience implementing infrastructure security and/or threat management technologies
• Strong experience with technologies such as Linux, Kubernetes/containers and at least one of the public cloud providers (AWS/GCP/Azure)
• Strong experience with EDR, CSPM, SIEM and other vulnerability management technologies
• Experience driving incident response operations and building threat management functions from detection to response to playbook automation, as well as working with managed service providers
• Experience working with cross-functional departments and partners to provide technical security & privacy guidance and recommendations
• Experience with security & privacy compliance and regulatory frameworks such as NIST, SOC2, ISO27001, ISO27701, GDPR & CCPA

Nice to haves:

• Industry certifications such as CISSP, OSCP, SANS GIAC, and AWS/Azure/GCP Security
• Experience working in a remote environment
• Experience working in a pre-IPO startup environment
  

What we offer

Kentik is a fully remote company that operates globally. We seek professionals that will help us thrive as an organization, and in turn, to broaden and enhance your career. We’re very thorough in the interview process to understand your skills and how they will relate to your successful growth here at Kentik. Our compensation philosophy encompasses a fair program for all in order to attract, engage and retain talented individuals who will drive our business and wow our customers.

The compensation range for this position is: $174,500 - $236,000. This range reflects the low and high end of the U.S. compensation range Kentik reasonably and generally expects to pay the hired candidate in this role. The actual compensation offered may be lower or higher than the stated range depending on various factors, including but not limited to:

• Experience with the skill sets required for success
• Demonstrated competencies and potential 
• A geographic market-based approach

In addition to a great career opportunity, Kentik offers stellar benefits for our employees, which include:

• 100% of premiums are paid by company for health, vision and dental coverage for you and your dependents
• Additionally, an annual Health Reimbursement Account (HRA) of $3,000 for an individual or $4,500 for a family
• Paid family & medical leave 
• Open PTO, a quarterly Wellness Day, and a minimum of 10 paid holidays
• 401(k) retirement account
• Home office reimbursement 
• Stock options

Note: Benefits are as listed for all US full-time employees. For compensation, international applicants will be treated equitably in relation to the laws applicable within the countries in which we operate.