Sr. Security Engineer
WE ARE VERITONE
We are driven by the belief that Artificial Intelligence is mankind’s greatest invention. It is the key to building a safer, more vibrant, transparent, and empowered society. We are determined to be an active contributor to shaping our future for the better. We care about the ethical implications of AI and the prosperity and well-being of all individuals, as well as the growth and continued successes of our employees, customers, and partners.
Veritone’s mission today is more important than ever. We’re here to democratize AI and enable every organization and every person with the power of AI. What started in 2014 with the idea of providing unified access to hundreds of cognitive engines through one common software infrastructure, evolved to the world’s first AI operating system, aiWARE, which orchestrates a diverse ecosystem of cognitive engines to power intelligent automation for both commercial and government organizations. As we progress, we will continue to move humans from “in” to “on” to “out of the loop” to help them accelerate workflows, save time and costs, and uncover new insights and opportunities.
The Senior Security Engineer (SSE) will help build and manage services that detect and automate the mitigation of cybersecurity threats across Veritone’s infrastructure. You’ll work with other engineers within and outside of the team to develop innovative security solutions at scale. Our services protect the Veritone cloud for all customers, internal and external and preserves our customers’ trust in our products and brand.
WHAT YOU’LL DO
The SSE will work with multiple teams to design, implement, and configure automated security and monitoring controls across multiple cloud environments. Building a strong security conscious culture, the SSE will help implement security programs, principles, tooling, and best practices in CI/CD pipelines, software and firmware, and deployed infrastructure and applications.
The SSE will also be expected to respond to security incidents via the incident response program as well as perform initial triage for security bugs reported via our bug bounty program. The SSE will lead the effort in generating queries and alerts based on our ELK stack.
WHAT YOU'LL NEED
To be successful in this role you need to have a thorough understanding across varied security trends within the DevSecOps world and build implementation strategies and plans to keep us at the forefront of technology while solving daily challenges. The candidate will build and configure delivery environments supporting CI/CD tools, provide knowledge of container security tools, container orchestration, infrastructure-as-code (e.g., Ansible, Terraform/Terragrunt, CloudFormation), and have familiarity with modern CI/CD tooling and specifically how security integrates with these tools.
Summary Of Essential Job Functions
- Help define and operationalize security standards, policies, and procedures
- Broad understanding and experience in threat intel platforms and how they integrate into the larger stack
- Automate vulnerability assessments and other security related tasks
- Identify new security threats by conducting continuous monitoring, developing queries and responding to alerts as identified
- Perform incident response, remediation, and resolution of security events or incidents
- Support compliance activities as needed
- Serve as the subject matter expert (SME) on Cloud security
- Stay current on emerging security threats, vulnerabilities, controls and practices
- Mentor less experienced members of the team
- Collaborate closely with the multiple technology and cross-functional groups within the organization
- Ability to develop automation scripts for deployment and automation activities
- Ability to triage bug reports, security findings and general security issues identified through SAST/DAST activities
- Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives
- Experience coordinating and performing vulnerability assessments using automated and manual tools
- Understanding of Key Management Systems including secrets management and encryption
- Experience configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools
- Experience with security automation and machine learning
WHO YOU ARE
- 5 years security experience working within a DevSecOps environment
- 3 years of hands-on experience in cloud environments such as AWS, Azure, GCP
- 2 years experience monitoring and securing container orchestration platforms
- Understanding of threat intel and threat hunting to assist in keeping the infrastructure secure
- Advanced knowledge of security controls and best practices across a full stack such as networking, Linux, MySQL, ELK, EDR, SIEM, Logging platforms, WAF, APIs, Tenable, Qualys, Vulnerability scanners (SAST/DAST/IAST), etc.
- Understanding of security risk assessments and frameworks (e.g., SOC2, HITRUST, ISO 270XX, NIST CSF, NIST 800-XX, COBIT, etc.), regulations (e.g., GDPR, CCPA), and industry best practices.
- Strong communication skills including the ability to create and maintain written documentation.
- Understanding of security testing and automated test frameworks
- Understanding of Jenkins/GitLab pipelines and how/where security fits in
- Experience across vulnerability management platforms
BONUS POINTS IF
- Bachelor’s in Computer Science or solid knowledge of CS fundamentals (OOP, design patterns, algorithms, etc...)
- Experience and a desire to work in a fast-paced environment.
- Desire to work on the next generation of Artificial Intelligence applications.
WHAT WE OFFER
- A competitive compensation package
- Equity Grant(s)
- Employe Stock Purchase Plan (ESPP)
- Remote first + Hybrid workplace
- VERI Communities (Affinity Groups) & Belonging
- Empowerment to build your career journey at Veritone
- Flexible (Paid) Time Off
- Benefits Program: medical, dental, vision, 401K matching, and more!
- Mental health awareness and support
- An opportunity to be a part of the next big thing in artificial intelligence!
- Loves learning & continuous growth; stays current on marketing trends
- Can juggle multiple projects, priorities, and deadlines with a positive attitude
- Comfortable in a fast-paced, small company environment
- Collaborative and always contributing value
- Driven to win as a team
- Remote first workplace
- Check us out! https://vimeo.com/339909527
Veritone is a leading provider of artificial intelligence (AI) technology and solutions. The company's proprietary operating system, aiWARE, orchestrates an expanding ecosystem of machine learning models to transform audio, video and other data sources into actionable intelligence. We love to continuously grow while staying ahead of trends and creating structure in an unstructured world.
If you’ve made it this far and align with our goals, we look forward to reviewing your qualifications!
Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.
(Colorado Only*): Minimum annual salary of $124,000.00. This base pay is for illustrative purposes only and will be determined based on skills and experience comparable to the job requirements. This position may be eligible for additional compensation and benefits including but not limited to: incentive compensation; health benefits; retirement benefits; life insurance; paid time off; parental leave and benefits; and other employee perks and benefits.
*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in Colorado.
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Infrastructure Security Engineer jobs
- Open Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Security Consultant jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open SOC Analyst jobs
- Open Lead Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Security Analyst jobs
- Open Staff Application Security Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Information Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Security Researcher jobs
- Open Senior SOC Analyst jobs
- Open GCP-related jobs
- Open Pentesting-related jobs
- Open Network security-related jobs
- Open Clearance-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open ISO 27001-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open Forensics-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open SQL-related jobs
- Open DevSecOps-related jobs
- Open Security assessment-related jobs
- Open Splunk-related jobs
- Open PowerShell-related jobs
- Open OWASP-related jobs