Security Engineer
Redwood City, CA, United States
PubMatic
PubMatic maximizes customer value to deliver the programmatic digital marketing supply chain of the future and stay ahead of advertising technology trends.Company Description
PubMatic (Nasdaq: PUBM) is an independent technology company maximizing customer value by delivering digital advertising’s supply chain of the future. PubMatic’s sell-side platform empowers the world’s leading digital content creators across the open internet to control access to their inventory and increase monetization by enabling marketers to drive return on investment and reach addressable audiences across ad formats and devices. Since 2006, our infrastructure-driven approach has allowed for the efficient processing and utilization of data in real time. By delivering scalable and flexible programmatic innovation, we improve outcomes for our customers while championing a vibrant and transparent digital advertising supply chain.
Job Description
You have a deep understanding of the complex nature of security spanning infrastructure, applications, and IT, and you are always ready to get more context of infrastructure, & web applications (java, open-source tools).
Security is embedded in your every thought. You work with technical and non-technical people to understand the security posture needed to help them understand and implement changes to address them.
You love stitching different security solutions and helping teams with ultimate security posture visibility.
About you
As a security team member, you seek feedback on your findings, designs, and ideas and provide the same to others. You constantly ask, 'What am I missing?' and 'How will this NOT work?' You don't shy away from what you don't know; you readily admit that you don't know everything and use every resource available within and outside the company to learn what you need to know.
Responsibilities
- Design, recommend, and implement security improvements by evaluating current systems and procedures, researching trends, and anticipating requirements.
- Work closely with users, networks, Systems, CorpIT, Databases, Big Data, Engineering and business teams to identify and resolve complex security issues.
- Build out and lead application security practice
- May directly manage operational support and maintenance of security-related processes, controls, or products.
- Protect systems by defining access privileges, control structures, and resources
- Identify abnormalities, flag problems, and report violations.
- Perform periodic system penetration testing
- Perform analysis and correlation of security events from multiple sources, including but not limited to events from AV, network, and host-based intrusion detection systems, firewall logs, system logs (Linux, Windows, Mac), and Domain Controller Logs and artifacts in hosted and collocated environments.
- Continuously evaluate PubMatic's existing application security practices, define and measure application security-related activities, and demonstrate concrete improvements to the application security program within the organization.
- Perform regular vulnerability scans of the environment and recommend prioritized remediation of vulnerabilities found
- Evaluate, recommend and lead the effort to implement a Data Loss Prevention solution
- Uncover security violations and inefficiencies by conducting and participating in IT audits
- Upgrade the system by implementing and maintaining security controls
- Provide a quarterly report on the status of PubMatic physical, data, and application security; include recent improvements and future recommendations.
- Create and update the annual security strategy report
- Ensure compliance with regulatory and industry standards for application security
- Attend educational workshops and read industry publications to grow technical knowledge and stay current on trends as it pertains to the AdTech environment
- Define, implement and maintain corporate security policies and procedures
- Acquire a complete understanding of a company's technology and information systems
- Plan, research and design robust security architectures for any IT project
- Oversee security awareness programs and educational efforts
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Research security standards, security systems, and authentication protocols
Experience
- 10-12+ years of IT and applications experience ( 6+ year of security experience preferred)
- B.S. in Computer Science OR equivalent technical experience
- Experience in Network Security, Information Security Policies, and Network Protocols
- Strong knowledge of Python, other scripting languages, and Cyber Security solutions
- Familiar with emerging technologies in security monitoring, event correlation, and alert/detection space.
- Understanding of Agile/Scrum way of working
- Strong understanding of web and mobile application security vulnerabilities and concepts
- Ability to influence others and move toward a common vision or goal
- Ability to work effectively at all levels of the organization and maintain strong relationships
Preferred Qualifications
- CISSP Certification
- OSCP | GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)
Qualifications
Experience
- 10-12+ years of IT and applications experience ( 6+ year of security experience preferred)
- B.S. in Computer Science OR equivalent technical experience
- Experience in Network Security, Information Security Policies, and Network Protocols
- Strong knowledge of Python, other scripting languages, and Cyber Security solutions
- Familiar with emerging technologies in security monitoring, event correlation, and alert/detection space.
- Understanding of Agile/Scrum way of working
- Strong understanding of web and mobile application security vulnerabilities and concepts
- Ability to influence others and move toward a common vision or goal
- Ability to work effectively at all levels of the organization and maintain strong relationships
Preferred Certifications
- CISSP Certification
- OSCP | GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)
Additional Information
Coronavirus notice: PubMatic is actively working to ensure candidate and employee safety. Currently, all our hiring and onboarding processes will be carried out remotely through virtual meetings until further notice.
Base Compensation Range: $180,000 - $200,000
In accordance with California law, the above salary range provided is PubMatic’s reasonable estimate of the base salary for this role. The actual amount may vary, based on non-discriminatory factors such as experience, knowledge, skills and abilities. In addition to salary PubMatic also offers a bonus, restricted stock units and a competitive benefits package.
Return to Office: PubMatic employees around the world have returned to our offices via a hybrid work schedule (3 days “in office” and 2 days “working remotely”) that is intended to maximize collaboration, innovation, and productivity among teams and across functions.
Our benefits package includes: RSU Grants, mobile & internet allowance, enhanced technology bundle, lunches – twice a week, work anniversary bonus, a day off for your birthday and Origin – a Financial Wellness Benefit.
Diversity and Inclusion: PubMatic is proud to be an equal opportunity employer; we don’t just value diversity, we promote and celebrate it. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
All your information will be kept confidential according to EEO guidelines.
Learn more about us: https://pubmatic.com/careers/our-people/
#LI-RP1
Tags: Agile Application security Audits Big Data CISSP Compliance Computer Science Firewalls GCIH GIAC GPEN GSEC GWAPT Intrusion detection Java Linux Monitoring Network security OSCP Pentesting Python Scripting Scrum Security strategy Strategy Vulnerabilities Vulnerability scans Windows
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Salary bonus Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs