Staff Application Security Engineer

Cloudsmith is looking for an exceptional Staff Application Security Engineer to join our platform team.

Reporting to our VP of Engineering, this is a hands-on role that provides amazing career opportunities alongside tangible input into our company's success.

With a proven technical background, you'll be unafraid to push boundaries with your ideas and be a real advocate for consistently improving and developing our platform.

Platform security,

Monitoring, response and stability are paramount aspects of this role and your experience will help us to define processes, workflows and architectures that help us to scale.

About You, The Ideal Candidate

You are passionately technical with empathy for your fellow Human beings. You’re not afraid to get your hands dirty with new types of software or programming languages, and you’ve got professional experience already. You don’t shy away from tasks and can collaborate plus communicate your ideas to others. You have specialities and preferences in your craft, but you’re adaptable. A passion for quality and solving interestingly difficult problems is essential.

A University degree is less important than relevant experience, but you’ll probably have an aptitude and outlook equivalent to the experience of a graduate (if not a degree). We want to see that you’re a voracious and passionate learner, that you love on-boarding new skills and technology, and you find joy in solving difficult but enjoyable challenges. You will have built things that made you proud; such as complex projects you’ve completed, open-source projects you’ve contributed to (or created), or other hobbies that involve software or hardware.

In short, your qualities:

1. Smart. 🙌
2. Gets Things Done 💥
3. An Awesome Human Being. 😎

Requirements

Your responsibilities

• Developing our security vision and nudging systems and processes in that direction
• Ensuring our security and IT programs meet or exceed industry best practices and have appropriate executive support
• In our production environment, implement security controls and measure progress against objectives, including data flows with key partners
• This includes recruiting new team members and building out career paths for staff.
• Defining and promoting the security and IT roadmap for the organization and integrating with MissionWired’s overall technology and program roadmap;
• Running security operations, including monitoring and alerting of system health and improving security controls;
• Incident response planning and execution, including pre-incident functions like log aggregation and monitoring; and
• Program management of security projects across the organization including engineering, Legal, HR, Operations, and IT.

Your Experience

• Experience working on security incidents, including working with executive leadership, outside counsel, incident response firms, and ecosystem partners;
• Experience helping teams and organizations refactor their workflows and the tools they use to align with a “secure by default” strategy;
• Experience developing and maintaining a comprehensive information security program using an established framework;
• Hands-on experience with enterprise and production systems and technologies such as Okta, G Suite, AWS, and GCP;
• An ability to work well with a range of people from extremely technical team members to non-technical business leaders; and
• A track record of assessing threats, vulnerabilities, and risks from a business as well as a technical perspective and the ability to develop and champion affordable, efficient, and timely security architectures and solutions that support the organization.

Nice to Have

• Experience identifying and managing technical, security, and process debt;
• A background in securing tech organizations at multiple levels of scale, from small ephemeral startups to large, well-resourced organizations;
• Experience communicating information security concepts to a broad range of technical and non-technical audiences;
• Demonstrated success in establishing executive relationships and influencing executive decision making of business and technology leaders.

Benefits

For excellent candidates like you, expect an incredible opportunity and compensation:

• Extremely competitive salary
• Share options! Own a piece of Cloudsmith
• 30+ days annual leave (incl. public holidays), plus 10 days full sick pay
• Flexible working policies
• Private health insurance
• Dental insurance
• Income protection
• Great pension contributions
• Budget for getting setup (£3k to include a powerful laptop)
• Extra perks, like free conference days, or support for additional self-learning (e.g. AWS certs)

About The Location

We’re based in Belfast / Northern Ireland, but like us and the entire team right now, you’ll be fully remote with 24hr access to a BT1 office location in Belfast. Our preference is for you to be within 1-2 time zones of GMT.

About Equal Opportunity

We’re an equal opportunities employer who does not discriminate against age, sex, gender, pronouns, race, disability, pregnancy, marital or parental status, political ideology, creed, sexual orientation, or religious background, etc. Your ability and passion are infinitely more important to us.

Covid-19

Cloudsmith is committed to supporting Covid-19 vaccinations.

We encourage our employees and their family members to get vaccinated, as it is the best way to limit the spread of COVID-19 and keep you, your family, our workforce and communities healthy.