Head of Security

About Glean We’re on a mission to bring people the knowledge they need to make a difference in the world. 

Glean was founded by a seasoned team of former Google search and Facebook engineers, who wondered why we don’t have an easier way of finding what we need at work. In our personal lives, we have tools to help us find pretty much whatever we need. Why don’t we have that at work? And that was the beginning of Glean.

Glean searches across all your company’s apps to help you find exactly what you need and discover the things you should know. We’re a diverse team of curious and creative people who want to help each other get big things done—so we can help other teams do the same. 

We're backed by some of the Valley's leading venture capitalists—including Sequoia, Kleiner Perkins, Lightspeed, and General Catalyst—and have assembled a world-class team with senior leadership experience at Google, Slack, Facebook, Dropbox, Rubrik, Uber, Intercom, Pinterest, Palantir, and others.

Role

Security is a vital component of Glean. The ideal candidate will have strong expertise in product security (SSO, web authentication and authorization, no elevation of privilege etc), cloud platform security (GCP especially relevant) and enterprise/IT security (ensuring that corp IT is not a vector for attacks). 

What you will do and achieve

• Work with CISOs of our customers to explain the product’s security features, and facilitate the security review processes with customers
• Be responsible for compliance certifications like SOC2, ISO and FedRAMP.
• Be the owner of application, platform and corp security for the company. We understand that security is a shared responsibility for the company. There will be strong engineers working with you on these aspects of the solutions but you will be the primary owner and security will be your primary focus.
• Own the monitoring and technology for anomaly/intrusion detection as well as incident response.
• Be the security reviewer for other features the team works on and promote security best practices in the company
• Conduct various exercises like tabletop exercises and threat modeling regularly 
• Work with external pentest firms to conduct periodic pentests.
• Be responsible for defining our IT security solution and best practices.
• Bonus: Implement security solutions, mitigations and detection mechanisms in the product, as well as new security products on the platform.

Who you are

• BA/BS in computer science, or related degree
• 5+ years as a security engineer

Key knowledge and skills

• Thrive in a customer-focused, tight-nit and cross-functional environment - being a team player and willing to take on whatever is most impactful for the company is a must.
• A proactive and positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features.
• Strong familiarity with cloud native development practices in GCP (or AWS/Azure).
• Strong familiarity with driving IT security and compliance

Benefits

• Competitive compensation
• Healthcare
• Flexible work environment
• 401k
• Unlimited PTO
• Transparent culture
• Learning and development opportunities
• Company events
• Free meals

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.