Senior Cloud Security Engineer

New York City

Peloton

Access high-energy workouts, instantly. Discover Peloton: streaming fitness classes to you live and on-demand.

View company page

ABOUT THE ROLE

Peloton inspires and motivates millions of people everyday. A key part of delivering on that mission is not only an amazing experience that our instructors and platforms provide, but also the data, telemetry, and insights that empower our customers to be the best version of themselves anywhere, anytime. Earning and maintaining our customers’ trust and safeguarding their data is key to everything we do. 

The Senior Cloud Security Engineer is instrumental in ensuring Peloton applications, services and systems are implemented and secured with industry best practices. The candidate is an expert in the area of technical analysis and design.  The candidate will help define the cloud security program, security policy and standards and will coordinate with engineering partners to ensure the security bar is upheld.

Reporting to the director of digital security, the candidate will work with multiple and diverse teams across Peloton including, but not limited to Product, Platform, and Ecommerce Engineering, Legal, Enterprise IT Operations and Security Response. They will coordinate the actions of each and ensure collectively we are working as “one Peloton” to protect our customers and the company. The role plays a critical function in constantly evolving Peloton’s risk assessment and security review capabilities, ensuring the underlying data related to security defects is used to constantly improve the security of Pelotons products and services. 

The ideal candidate is a proven cloud engineer that has both exemplary engineering and communication skills. They have extensive experience collaborating with internal engineering partners. They are a proven security technology and methodology expert that scales through enabling other engineering partners to make the right security design decisions and trade-offs.

YOUR DAILY IMPACT AT PELOTON

  • Work closely with product engineering/development teams as a security champion to drive security initiatives and be a point of contact for security concerns. 
  • Collaborate with the Security Automation and Tooling team and cloud security team to identify and implement security tooling to identify vulnerabilities and risks at scale.
  • Proficiency with containerization and orchestration technologies such as Docker, Kubernetes or equivalent
  • Proficiency in CI/CD using Jenkins, GitHub Actions or similar systems
  • Experience integrating security practices into all stages of the software development lifecycle
  • Provide remediation guidance to respective development teams for security related issues.
  • Have a pulse on the business and intelligently prioritize security initiatives across products and new upcoming features 
  • Develop and maintain security policies, standards and best practice documentation to guide engineering partners to build secure systems. 

YOU BRING TO PELOTON

  • 4+ years of hands-on experience in working with cloud/devops/security teams on design and implementation of best practices in cloud environments
  • 1+ years of experience working with teams to identify and remediate potential security gaps related to authentication, authorization, encryption, container configuration, bastion host setup, etc.
  • Working knowledge of one or more general purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, PowerShell.
  • Extensive experience and strong understanding of AWS services and cloud security controls including but not limited to such as IAM, KMS, VPC, Security Groups, AWS Inspector, Guard Duty and SCPs.
  • Knowledge and hands on skills with Docker, ECS, Kubernetes, and container security.
  • Technical depth to review infrastructure to identify risks. Capable of assessing underlying components, AWS cloud infrastructure configuration and security access controls. 
  • Understanding of MITRE ATT&CK, NIST CSF, CVSS and CWE criteria, enumeration and scoring. 
  • Knowledge and hands on skills with Docker, ECS, Kubernetes, and container security.
  • Working knowledge of one or more general purpose programming/script languages, preferably Python
  • Excellent relationship building skills across diverse cross-functional teams.
  • Exceptional written/oral communication skills.
  • Exceptional bias for action and ownership.

#LI-AC1

#LI-Hybrid

The base salary range represents the low and high end of the anticipated salary range for this position based at our New York City headquarters. The actual base salary offered for this position will depend on numerous factors including individual performance, business objectives, and if the location for the job changes. Our base salary is just one component of Peloton’s competitive total rewards strategy that also includes annual equity awards and an Employee Stock Purchase Plan as well as other region-specific health and welfare benefits.

As an organization, one of our top priorities is to maintain the health and wellbeing for our employees and their family. To achieve this goal, we offer robust and comprehensive benefits including: - Medical, dental and vision insurance - Generous paid time off policy - Short-term and long-term disability - Access to mental health services - 401k, tuition reimbursement and student loan paydown plans - Employee Stock Purchase Plan - Fertility and adoption support and up to 18 weeks of paid parental leave  - Child care and family care discounts - Free access to Peloton Digital App and apparel and product discounts - Commuter benefits and Citi Bike Discount - Pet insurance and so much more!  Base Salary Range$172,100—$223,800 USD

 

ABOUT PELOTON:

Peloton (NASDAQ: PTON), provides Members with expert instruction, and world class content to create impactful and entertaining workout experiences for anyone, anywhere and at any stage in their fitness journey. At home, outdoors, traveling, or at the gym, Peloton brings together immersive classes, cutting-edge technology and hardware, and the Peloton App with multiple tiers to personalize the Peloton experience [with or without equipment]. Founded in 2012 and headquartered in New York City, Peloton has millions of Members across the US, UK, Canada, Germany, Australia, and Austria. For more information, visit www.onepeloton.com.

At Peloton, we motivate the world to live better. “Together We Go Far” means that we are greater than the sum of our parts, stronger collectively when each one of us is at our best. By combining hardware, software, content, retail, apparel, manufacturing, Member support, and so much more, we deliver an exhilarating fitness experience that unlocks our members' greatness. Join our team to unlock yours.

Peloton is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. Equal employment opportunity has been, and will continue to be, a fundamental principle at Peloton, where all team members, applicants, and other covered persons are considered on the basis of their personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, disability, pregnancy, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital and civil partnership/union status, alienage or citizenship status, creed, genetic predisposition or carrier status, unemployment status, familial status, domestic violence, sexual violence or stalking victim status, caregiver status, or any other protected characteristic as established by applicable law. This policy of equal employment opportunity applies to all practices and procedures relating to recruitment and hiring, compensation, benefits, termination, and all other terms and conditions of employment.  If you would like to request any accommodations from application through to interview, please email: applicantaccommodations@onepeloton.com

Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Peloton does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Peloton recruiting team and/or hiring managers will be from an @onepeloton.com email address. 

If you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Peloton, please email applicantaccommodations@onepeloton.com before taking any further action in relation to the correspondence.

Peloton does not accept unsolicited agency resumes. Agencies should not forward resumes to our jobs alias, Peloton employees or any other organization location. Peloton is not responsible for any agency fees related to unsolicited resumes.

Apply now Apply later
  • Share this job via
  • or

Tags: Automation AWS C CI/CD Cloud CVSS DevOps Docker E-commerce Ecommerce Encryption GitHub IAM Java JavaScript Jenkins Kubernetes MITRE ATT&CK NIST PowerShell Python Risk assessment SDLC Strategy Vulnerabilities

Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Fertility benefits Fitness / gym Health care Insurance Medical leave Parental leave

Region: North America
Country: United States
Job stats:  2  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.