Senior Security Engineer

Why Glassdoor?

When you work for Glassdoor, you help people everywhere get ahead in work and life. That’s because we’re moving fast to become the leading community for workplace conversations. Every day, we foster radical transparency by giving professionals a platform to connect authentically and anonymously. Think real talk with real people — plus company reviews and ratings, salary info, job listings and more. 

Join us as we make worklife better, together.

As our company grows and we expand our team, Glassdoor is looking for an exceptional Senior Security Engineer with expertise in securing cloud environments. You’ll be joining a team where you have real ownership and a charter to champion best practices, drive change and determine future policy and architecture. You’ll also contribute to the security domains of application, governance and compliance, incident detection and response, and infrastructure security -- so you’ll never end up working in a silo.

You will assess threats and vulnerabilities, analyze data and code, define measurable objectives, and drive implementations of security solutions. You will also be responsible for building and implementing testing tools and methodologies, including manual and automated processes, deployment, and monitoring.

What You'll Do:

• Design, deploy, manage and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more
• Partner with teams throughout Glassdoor on technology initiatives to improve security and bring standard methodologies to our products and services
• Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
• Define, implement, and tune detective capabilities and data sources to detect and remediate malicious activity
• Work with engineering and operations teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
• Analyze security data and report on threats and incidents across various platforms and environments.
• Mentor team members, junior and senior, in state-of-the-art incident response practices
• Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
• Assist with security incidents that the company may face in alignment with our response processes
• Assess risk arising from third parties, vendors and partners in our ecosystem and design controls to mitigate such risks
• Document security processes and standards.

What You'll Bring:

• 8+ years of experience with security engineering in e-commerce, internet, or social networking settings
• Background in Computer Science, Information Systems
• Hands-on expertise operating in an AWS environment with mastery of architecture and security capabilities in the cloud
• Mastery of multiple security domains such as intrusion detection, incident response, malware analysis, and forensics.
• Strong knowledge of UNIX operating systems
• Advanced programming abilities in Python or similar language
• Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten
• Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
• Experience working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams, and law enforcement throughout the incident lifecycle.
• Strong verbal and written communication skills, solid team player, with demonstrated abilities in analysis and problem-solving
• A commitment to add to our culture of DEI

Nice To Have:

• Experience achieving and maintaining compliance with SOC2, NIST 800-53, and other security frameworks
• Security certifications (CISSP, CEH, etc…)
• Experience with Network Security
• Experience detecting abuse and large-scale attacks in a diverse environment.
• Experience with Docker, Kubernetes, and other tools to enhance future operations
• Database Security

Compensation and Benefits  

Base Salary Range*: $140,200 - $149,900

*Glassdoor base salaries are targeted to the market 75th percentile for technical roles and the 65th percentile for non-technical roles. In other words, 65-75% of comparable organizations in our industry will pay less.

Annual Bonus Target**: 10%

**Bonuses are paid in 6-month intervals, aligning with bi-annual performance reviews

Generous Restricted Stock Units (RSU): 

***Restricted Stock Units (RSU) are awarded at hire and may be refreshed annually. Additionally, as a pay-for-performance company, RSU grant awards are presented bi-annually to exceptional performers.

You can learn more about our compensation philosophy here and see salary ranges for all Glassdoor jobs here.

Health and Wellness: 100% employer-paid premiums for employee medical, dental, vision, life, short and long-term disability, select well-being programs, and 80% employer-paid premiums for all dependents.* Generous paid time off programs for birthing and non-birthing parents are provided, along with paid injury/illness leave and paid family emergency leave.

*Coverage begins at the start of employment. After 48 months of continuous employment, 100% of all premiums for you and your dependents can be employer-paid!

Work/Life Balance: Open Paid Time Off policy, in addition to 15-20 paid company holidays/year

Investing in Your Future: 401(k) plan with a company match up to $5,000 per year, subsidized fertility and family planning services, and discounted legal assistance services. 

Our Commitments

• Come as you are: At Glassdoor diversity is not a slogan; it’s a core factor in our success. We welcome your background, experience and ideas because you help us understand and better serve our world. You make us stronger.
• Grow your career: Glassdoor is small enough for you to see the impact of your contributions, while large enough to offer significant resources and endless opportunities to grow. This is a great place to make a career.
• Find your people: Ask anyone who works here: it’s the people who make the difference. We are a group of well-rounded humans who support one another and work hard together to bring the Glassdoor mission to life.
• Discover flexibility: With flexible hours and a where-to-work policy, Glassdoor allows you to take on professional and personal responsibilities — enhancing both productivity and your well-being. 

Glassdoor is committed to equal treatment and opportunity in all aspects of recruitment, selection and employment without regard to race, color, religion, national origin, ethnicity, age, sex, marital status, physical or mental disability, gender identity, sexual orientation, veteran or military status or any other category protected under the law. Glassdoor is an equal opportunity employer; committed to creating a community of inclusion, and an environment free from discrimination, harassment and retaliation.

Where-to-Work Policy
Being a remote-first company, Glassdoor employees can live anywhere Glassdoor is a registered company. Requests to move must be approved by an employee’s manager and the People team. While we will try our best to support relocation requests, some requests may not be approved due to various tax, legal, or other restrictions.

Enjoy Remote and Explore: Employees authorized to work in their current location may Work Away for up to a total of 30 (thirty) working days in a calendar year without permanent relocation and compensation change. Employees on visas may work Work Away for up to a total of 20 (twenty) working days in a calendar year without permanent relocation and compensation change. The amount of time and location for Work Away must be approved by the employee’s manager and People Operations team at least two (2) weeks in advance of travel.