Senior Cloud Security and CSIRT Engineer

Yext (NYSE: YEXT) is building the next big thing in AI search, and the next big thing is answers.

With the explosion of information and data online, search has never been more important. However, while the world of consumer search has innovated over time, enterprise search has not. In fact, the majority of enterprise search is powered by outdated keyword technology that only scans for keywords and delivers a list of hyperlinks rather than actually answering questions. Yext, the AI Search Company, offers a modern, AI-powered Answers Platform that understands natural language so that when people ask questions about a business online they get direct answers – not links.

We have a big, audacious mission to transform the enterprise with AI search. To achieve that, we need bright minds and diverse perspectives to join our growing company and help us continue to disrupt an industry. Does this sound like you?

Yext is actively seeking a Sr. Engineer for the Cloud Security and CSIRT division reporting into the Cyber Security Office. This role will serve as a technical and business subject matter expert in various key areas relating to Cloud security posture and Cyber Security Incident Response operations across the firm. This role will enable the product, engineering, IT and security teams to make the right security & privacy decisions by performing reviews, assessments and providing guidance around security incident operations and escalation protocols, all the while recommending best practices. This role will also help assist other Cyber Security leaders drive the culture and awareness within Yext around Security practices and other compliance initiatives.

What You'll Do

• Design and implement security practices and baseline standards across the cloud environments such as AWS, GCP and Azure
• Act as the technical subject matter expert to perform threat modeling principles to apply security measures to protect information, network, and systems across all cloud domains.
• Architect, design, and support implementation of technical controls within the cloud and on premise.
• Create and manage technology roadmaps for the security domain and adopt best practices, guidelines, and standards.
• Participate in Incident management and triage of security incidents as necessary.
• Help drive a highly technical roadmap that will define how we keep out infrastructure secure.
• Build automated frameworks for teams using the CI/CD workflows.

What You Have

• In-depth understanding of how security controls can be implemented in AWS, GCP, Azure, Terraform, HashiCorp Nomad
• Previous experience with FedRAMP, ISO27k and SOC2 is a plus
• Hands-on experience responding to security incidents and leading incident response teams
• Practical knowledge of threat landscape, attacker techniques and mitigations
• Demonstrable record of delivering critical security solutions across multiple stakeholder groups, and complex priorities
• 3-5 years of relevant work experience in Security operations, IT Security or Security Engineering teams.
• Experience in security investigations, cloud security analysis, building tabletop scenarios, and ability to guide and mentor junior engineers.
• Self-motivated team player that is energetic, with excellent interpersonal and organizational skills
• Experience presenting to development and architecture teams on security recommendations

In today's dynamic threat environment, software firms are increasingly acknowledged as a highly-targeted industry for cyberattack due to the confidentiality and sensitivity of customer data, as well as the immediacy in which that data is needed to perform their operational duties. Given Yext’s vital role within the software ecosystem, protection of data is paramount in ensuring high-trust relationships with customers, partners and vendors.

#LI-JB1

Yext is committed to building an inclusive and diverse culture where every person is seen, heard and valued. We believe in equal employment opportunity and welcome employees and applicants of all races, colors, ethnicities, religions, creeds, national origins, ancestries, genetics, sexes, pregnancy or childbirth, sexual orientations, genders (including gender identity or nonbinary or nonconformity and/or status as a trans individual), ages, physical or mental disabilities, citizenships, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. It is Yext’s policy to provide reasonable accommodations to people with disabilities as required by law. If you have a disability that requires an accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.