Match score not available

Lead Security Engineer (Remote)

extra holidays - extra parental leave

Remote:

Full Remote

Contract:

Full time

Experience:

Expert & Leadership (>10 years)

Work from:

United States

Offer summary

Qualifications:

10+ years in cybersecurity industry experience, Expertise in security infrastructure technologies, Experience with software development life cycles, Hands-on experience with Infrastructure-as-Code frameworks, Knowledge of GDPR and compliance processes.

Key responsabilities:

Lead and manage organizational security functions
Define and implement the security roadmap
Drive automation for improved security processes
Collaborate on security policies across teams
Integrate security into development workflows

AllTrails Information Technology & Services SME https://www.alltrails.com/

51 - 200 Employees

See more AllTrails offers

Job description

About AllTrails

AllTrails is the most trusted and used outdoors platform in the world. We help people explore the outdoors with hand-curated trail maps along with photos, reviews, and user recordings crowdsourced from our community of millions of registered hikers, mountain bikers, and trail runners in 150 countries. AllTrails is frequently ranked as a top-5 Health and Fitness app and has been downloaded by over 50 million people worldwide. AllTrails was selected as Apple's App of the Year in 2023!

Every day, we solve incredibly hard problems so that we can get more people outside having healthy, authentic experiences and a deeper appreciation of the outdoors. Join us!

Bay Area employees are highly encouraged to come into the office one day a week.

About the Role

As the Lead Security Engineer at AllTrails, you’ll play a pivotal role in our continued growth and expansion by leading and managing security functions across the organization. You'll also be deeply involved in our infrastructure and engineering projects to help deliver on our vision of fostering happy, healthy communities by connecting people to the outdoors and to each other. If this role sounds right to you and you're motivated by the idea of channeling your energy to help millions of people around the globe spend more time exploring the outdoors, then we want to talk to you.

What You’ll Be Doing:

Serving as an engineering leader and expert on security

Define and implement the security roadmap, ensuring compliance with company requirements and industry standards

Drive automation and toolchain improvements to enhance security processes

Collaborate across teams (Engineering/IT/Compliance) to maintain alignment on security policies, workflows, and service level agreements

Integrate security into development workflows and infrastructure using automation, infrastructure-as-code, and cloud security scanning techniques

Act as a hands-on leader in security tool integration, ensuring seamless integration into CI pipelines and deployment systems

Requirements:

10+ years of experience leading cybersecurity or corporate security programs, with a focus on securing large-scale web/cloud applications and infrastructure

Expertise in security infrastructure, including SIEM, firewalls, intrusion detection, identity and access management, and vulnerability management

Familiarity with various software development life cycles and product security programs

Proven experience in managing security incidents, including root cause analysis, executive briefings, and communication strategies

Experience leading bug bounty programs, penetration testing, and triaging security findings

Strong cross-functional collaboration skills with internal teams (business, engineering) and external incident response teams

In-depth knowledge of security compliance requirements, such as GDPR, and guiding organizations through compliance processes

Hands-on experience with Infrastructure-as-Code frameworks (e.g., Terraform) and automating security tools and processes (e.g., using Bash, Python)

Humility, empathy and open-mindedness - no egos

Believe that strong teams are built on trust and autonomy

Passion for the outdoors

Bonus Points:

Proficient with Github and integration of security tools into the CI/CD pipeline

Experience with infrastructure automation and how to enforce secure configurations in cloud infrastructure

Hands-on AWS and terraform experience

Technologies We Use:

AWS, GCP, Terraform, Kubernetes

Ruby, Python, Javascript/Typescript

MySQL Databases

Github Actions, BugCrowd, Jira

Our Commitment to You:

A competitive and equitable compensation plan. This is a full-time, salaried position that includes equity.

Physical & mental well-being: health, dental and vision benefits + monthly stipend for wellness expenses.

Trail Days: No meetings first Friday of each month to go test the app and explore new trails!

Unlimited PTO.

Flexible parental leave.

Remote employee equipment stipend to create a great remote work environment.

Annual continuing education stipend.

Discounts on subscription and merchandise for you and your friends & family.

An authentic investment in you as a human being and your career as a professional.

Nature celebrates you just the way you are and so do we! At AllTrails we’re passionate about nurturing an inclusive workplace that values diversity. It’s no secret that companies that are diverse in background, age, gender identity, race, sexual orientation, physical or mental ability, ethnicity, and perspective are proven to be more successful. We’re focused on creating an environment where everyone can do their best work and thrive.

AllTrails participates in the E-Verify program for all remote locations.

By submitting my application, I acknowledge and agree to AllTrails' Job Applicant Privacy Notice.