Director, Security Engineering

About Extend:

Extend is modernizing the $100 billion-per-year extended warranty and protection plan industry using cutting-edge technology, and top-notch customer service. After a $260M Series C financing round, we are ready to continue to scale our organization and grow beyond our $1.6B valuation.

Our API-first solution allows any merchant to offer extended warranties and protection plans, both online and offline, while also providing a merchant's end customers with a vastly improved and modern support experience that eliminates many of the issues customers face today with legacy underwriters.

We are a venture-backed startup based in downtown San Francisco that is led by founders who have previously had multiple successful exits. Extend is simplifying the technology stack for the extended warranty industry.

• Successfully lead and ship high-profile software projects.
• Identify and oversee implementation of cybersecurity controls & processes over existing and new applications in cloud environments.
• Provide leadership and guidance to internal customers that enables them to make informed risk management decisions.
• Support staff by mentoring in security best practices.
• Strategize and oversee the vision, roadmap, trade-offs and delivery across the enterprise with a relentless focus on balancing security with simplification.
• Evangelize security engineering and security best practices.
• Communicate and interface comfortably with all organizational levels within Extend.

• 12+ years experience in a security architecting or security engineering role, 5+ as a manager (preferably managing other managers).
• Strong software engineering background with proven experience in AWS/Cloud First technologies/distributed systems utilizing platform-as-a-service (SaaS, IaaS, PaaS) and microservices architecture. 
• Full SDLC experience including use of version control tools, build management, unit testing, issue tracking software (i.e. GitHub, Confluence, JIRA), specifically debugging and managing prioritized defect queues.
• Demonstrable understanding of IAM/Authorization/Authentication principals.
• Strong understanding of Zero Trust and Least Privileged security concepts.
• Excellent communication and analytical skills. 

• CI/CD experience
• Knowledge of CDK
• Solid understanding of secure network and system design in both cloud (AWS) and conventional environments
• Advanced certifications such as CISM, CISSP, etc
• Experience with audits (SOC, internal), industry certifications (ISO), etc
• Understanding of Security Operations/Monitoring/Threat Hunting best practices

Life at Extend:

• Working with a great team from diverse backgrounds in a collaborative and supportive environment.
• Competitive salary based on experience, with full medical and dental & vision benefits.
• Stock in an early-stage startup growing quickly.
• Unlimited vacation policy.
• 401(k) with Financial Guidance from Morgan Stanley.

CCPA Disclosure