Security Engineer

Company Description

PubMatic (Nasdaq: PUBM) is an independent technology company maximizing customer value by delivering digital advertising’s supply chain of the future. PubMatic’s sell-side platform empowers the world’s leading digital content creators across the open internet to control access to their inventory and increase monetization by enabling marketers to drive return on investment and reach addressable audiences across ad formats and devices. Since 2006, our infrastructure-driven approach has allowed for the efficient processing and utilization of data in real time. By delivering scalable and flexible programmatic innovation, we improve outcomes for our customers while championing a vibrant and transparent digital advertising supply chain.

Job Description

You have a deep understanding of the complex nature of security spanning infrastructure, applications, and IT, and you are always ready to get more context of infrastructure, & web applications (java, open-source tools).

Security is embedded in your every thought. You work with technical and non-technical people to understand the security posture needed to help them understand and implement changes to address them.

You love stitching different security solutions and helping teams with ultimate security posture visibility.

About you

As a security team member, you seek feedback on your findings, designs, and ideas and provide the same to others. You constantly ask, 'What am I missing?' and 'How will this NOT work?' You don't shy away from what you don't know; you readily admit that you don't know everything and use every resource available within and outside the company to learn what you need to know.

Responsibilities

• Design, recommend, and implement security improvements by evaluating current systems and procedures, researching trends, and anticipating requirements.
• Work closely with users, networks, Systems, CorpIT, Databases, Big Data, Engineering and business teams to identify and resolve complex security issues.
• Build out and lead application security practice
• May directly manage operational support and maintenance of security-related processes, controls, or products.
• Protect systems by defining access privileges, control structures, and resources
• Identify abnormalities, flag problems, and report violations.
• Perform periodic system penetration testing
• Perform analysis and correlation of security events from multiple sources, including but not limited to events from AV, network, and host-based intrusion detection systems, firewall logs, system logs (Linux, Windows, Mac), and Domain Controller Logs and artifacts in hosted and collocated environments.
• Continuously evaluate PubMatic's existing application security practices, define and measure application security-related activities, and demonstrate concrete improvements to the application security program within the organization.  
• Perform regular vulnerability scans of the environment and recommend prioritized remediation of vulnerabilities found
• Evaluate, recommend and lead the effort to implement a Data Loss Prevention solution
• Uncover security violations and inefficiencies by conducting and participating in IT audits
• Upgrade the system by implementing and maintaining security controls
• Provide a quarterly report on the status of PubMatic physical, data, and application security; include recent improvements and future recommendations.
• Create and update the annual security strategy report
• Ensure compliance with regulatory and industry standards for application security
• Attend educational workshops and read industry publications to grow technical knowledge and stay current on trends as it pertains to the AdTech environment
• Define, implement and maintain corporate security policies and procedures
• Acquire a complete understanding of a company's technology and information systems
• Plan, research and design robust security architectures for any IT project
• Oversee security awareness programs and educational efforts
• Respond immediately to security-related incidents and provide a thorough post-event analysis
• Research security standards, security systems, and authentication protocols

Experience

• 10-12+ years of IT and applications experience ( 6+ year of security experience preferred)
• B.S. in Computer Science OR equivalent technical experience
• Experience in Network Security, Information Security Policies, and Network Protocols
• Strong knowledge of Python, other scripting languages, and Cyber Security solutions
• Familiar with emerging technologies in security monitoring, event correlation, and alert/detection space.
• Understanding of Agile/Scrum way of working
• Strong understanding of web and mobile application security vulnerabilities and concepts
• Ability to influence others and move toward a common vision or goal
• Ability to work effectively at all levels of the organization and maintain strong relationships

Preferred Qualifications

• CISSP Certification
• OSCP | GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)

Qualifications

Experience

• 10-12+ years of IT and applications experience ( 6+ year of security experience preferred)
• B.S. in Computer Science OR equivalent technical experience
• Experience in Network Security, Information Security Policies, and Network Protocols
• Strong knowledge of Python, other scripting languages, and Cyber Security solutions
• Familiar with emerging technologies in security monitoring, event correlation, and alert/detection space.
• Understanding of Agile/Scrum way of working
• Strong understanding of web and mobile application security vulnerabilities and concepts
• Ability to influence others and move toward a common vision or goal
• Ability to work effectively at all levels of the organization and maintain strong relationships

Preferred Certifications

• CISSP Certification
• OSCP | GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)

Additional Information

Coronavirus notice: PubMatic is actively working to ensure candidate and employee safety. Currently, all our hiring and onboarding processes will be carried out remotely through virtual meetings until further notice. 

Base Compensation Range: $180,000 - $200,000
In accordance with California law, the above salary range provided is PubMatic’s reasonable estimate of the base salary for this role. The actual amount may vary, based on non-discriminatory factors such as experience, knowledge, skills and abilities. In addition to salary PubMatic also offers a bonus, restricted stock units and a competitive benefits package.

Return to Office: PubMatic employees around the world have returned to our offices via a hybrid work schedule (3 days “in office” and 2 days “working remotely”) that is intended to maximize collaboration, innovation, and productivity among teams and across functions.  

Our benefits package includes: RSU Grants, mobile & internet allowance, enhanced technology bundle, lunches – twice a week, work anniversary bonus, a day off for your birthday and Origin – a Financial Wellness Benefit.  

Diversity and Inclusion: PubMatic is proud to be an equal opportunity employer; we don’t just value diversity, we promote and celebrate it.  We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. 

All your information will be kept confidential according to EEO guidelines. 

Learn more about us: https://pubmatic.com/careers/our-people/ 

#LI-RP1