Senior Manager, Security Engineering
Palo Alto, California, United States
The Company You’ll Join
At Carta we create owners and make private markets liquid.
We live in a world where some people live on the equity stack and enjoy exponential wealth growth and preferential tax treatment; others live on the debt stack and may work their entire lives for a company and retire only with the cash they’ve managed to save from their paychecks. Our contribution to solving the wealth inequality problem is moving people from the debt stack (payroll) to the equity stack. By making it as easy to issue equity to employees as it is to put them on payroll, we can create more owners.
At Carta, we are helpful, transparent, fair, and kind. We are relentless executors, unconventional thinkers, and masters of our craft.
To learn more, here is what one of our investors wrote about leading our Series F.
The Team You’ll Work With
This role leads the Security Engineering Team within Security. You will lead a team building the services and tools to secure our Cloud and Product environment and build or buy important pipeline controls to make a secure paved path for developers. Our risk models put teams in charge of owning risk, making us a trusted partner and reporter. To complete this mission we need people who are passionate about automation and security - half devops and half security professional. We believe in creating teams not rockstars, progress with a path to perfection, and creating an environment that fosters research. We measure success not by how many bugs you find or tasks you complete, but by how much risk you reduce in the organization by enabling teams to do those things and automating the rest.
The Problems You’ll Solve
Some of the problems you’ll help us solve are:
- How do you build a team of security professionals focused on automation?
- What are the important measurements that will show the team is making a difference?
- How do we change the application framework to make security the easiest path?
- What techniques and games will enable development teams to threat model their products?
- What tools and information can we provide to ensure developers can effectively peer review code themselves?
- How do you encourage developers to continuously think about security using gamification and giving them results where they live - in the pipeline?
The Impact You’ll Have
With the power to change the product, the pipeline, and our developers onboarding, you’ll lead a team that is able to help us continue our security ownership program and you’ll have the chance to build something new using your research. We are becoming the partner of engineering releasing quality software and we need curious minds to help us keep paving the way.
An experienced technical manager who is able to:
- Work with our partners in the organization to build a 3-Year roadmap.
- Lead a team of engineers ranging from junior to senior levels.
- Be the point of escalation when customers or auditors need extremely technical details.
- Speak to risks around application, container, or cloud security vulnerabilities, remediations, and preventions.
- Understand Threat Modeling and general software development practices, the associated risks, and the components of a modern product security program.
- Build and document good practices that make the team resilient.
- Encourage their team to grow professionally, beyond fire-fighting.
Carta is a Series F company and is backed by top-tier VCs like Andreessen Horowitz, Lightspeed Venture Partners, Meritech Capital, and more.
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, connect with us via email at firstname.lastname@example.org. As a company, we value fairness, helpfulness, transparency, leadership and build our teams around these values. Check out our careers page to get to know us better as you think about your next step at Carta.