Software Engineer, Vulnerability Management

United States

Applications have closed
Lacework logo

Lacework

Need better insight into the security of your cloud environments? Learn how Lacework can automate cloud security, prioritize risks, and help you scale.

View all employer listings

At Lacework, we strive to provide a supportive, collaborative environment where people are empowered to do the best work of their careers.

Our team members enjoy solving complex problems, big sky thinking, and obsess over getting the details right—all while building bonds of teamwork and friendships that last a lifetime. We love what we do and are proud of our work to secure clouds and container environments for thousands of users worldwide.

Lacework

Lacework is the data-driven security platform for the cloud. The Lacework Cloud Security Platform, powered by Polygraph, automates cloud security at scale so our customers can innovate with speed and safety. Polygraph is the only security solution that can collect, analyze and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. Customers all over the globe depend on Lacework to drive revenue, bring products to market faster and safer and consolidate point security solutions into a single platform. Founded in 2015 and headquartered in San Jose, Calif, with offices all over the world, Lacework has raised $600M in funding and is backed by leading investors like Sutter Hill Ventures, Altimeter Capital, Liberty Global Ventures and Snowflake Ventures, among others. The company is in the hyper-growth phase and is being led by an experienced team who collectively have decades of experience taking nascent companies to hyper-scale and building robust & profitable businesses.

The Role

We are looking for a software engineer in the Vulnerability Management team to accelerate one of Lacework’s core security application roadmaps. The ideal candidate is a software engineer who is passionate about cloud security, systems engineering, big data, and directly addressing customer-facing issues. This team focuses on delivering products while solving engineering challenges at scale. Given the fast-moving nature of this space, candidates should have a learner’s mindset and a curiosity for cloud infrastructure and the surrounding challenges with securing it. 

What You Will Accomplish

  • Develop an in-depth understanding of the Lacework platform and customer value proposition
  • Understand the competitive product landscape and Lacework differentiation
  • Drive projects/technical initiatives related to vulnerability scanning and reporting
  • Create a rich set of capabilities to support a “shift-left” strategy for policy-based vulnerability management (CI / CD integration, admission controllers, etc)
  • Influence and define delivery timelines in alignment with our field and product teams while balancing speed, accuracy and precision
  • Build instrumentation, observability, and analytics into the vulnerability services to support data-driven decisioning and incident response
  • Work with leadership to track key performance, cost, and efficiency metrics as service level objectives (SLOs)
  • Partner with our security modeling team to mutually enhance our detection quality and vulnerability reporting
  • Build strong cross functional partnerships (field teams, CTO office, Tech Alliances, etc)
  • Demonstrate good communication skills and present work to company leadership and at company-wide events
  • Actively participate in recruiting and mentor new members of the team
  • Strive to use readily available, general and scalable methodologies and tools; stay current with latest tools and techniques

Minimum Qualifications

  • Degree in quantitative field (e.g. Computer Science, Engineering, Mathematics, Statistics, Operations Research or other related field)
  • 6+ years of experience with SaaS development and deployment using modern cloud platforms
  • Experience developing data-intensive applications
  • Hands-on design and development of Go and/or Java-based microservices
  • Exposure to modern software delivery release models and associated tooling (CI/CD, monitoring, observability) 
  • Experience working with ambiguity, driving design and implementation to conclusion with limited supervision

Preferred Qualifications

  • Advanced degree (Master’s or PhD or equivalent experience) in quantitative field
  • Knowledge of industry standard DevOps toolchains (continuous integration systems, build artifact registries, k8s control plane)
  • Exposure to Redis or other in-memory database (memcached or etcd)
  • Familiarity with cloud-based data warehouses (Snowflake, Redshift, etc)
  • Familiarity with Rust for high-performance applications
  • Experience with modern DevSecOps practices and trends
  • Experience working in Cloud Security or Infrastructure Security
  • Experience recruiting and mentoring other Engineers
  • Cloud certifications or other demonstrable cloud domain knowledge

 

Lacework is an Equal Opportunity Employer. It is the policy of Lacework to provide equal employment opportunity to all persons, regardless of age, race, religion, color, national origin, sex, political affiliations, marital status, non-disqualifying physical or mental disability, age, sexual orientation, membership, or non-membership in an employee organization, or on the basis of personal favoritism or other non-merit factors, except where otherwise provided by law

Tags: Analytics AWS Azure Big Data CI/CD Cloud Computer Science DevOps DevSecOps GCP Incident response Java Kubernetes Mathematics Microservices Monitoring PhD Polygraph Redis Rust SaaS SLOs Strategy Vulnerability management

Perks/benefits: Career development Startup environment Team events

Region: North America
Country: United States
Job stats:  5  0  0

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.