Product Security Engineer, Cloud

Why Red Canary
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attack. Our combination of market-defining technology, processes, and expertise is preventing breaches every day.
Red Canary’s Information Security team is chartered with protecting our customers by protecting Red Canary.
Why You Matter
Some of the best security teams in the world depend on our software to protect their organizations, and in turn expect the highest standards of security for our platform.
Delivering excellent, secure software is paramount to the Red Canary mission. You will mature Red Canary’s product security program to ensure secure outcomes for software development and delivery at scale. Under your guidance, the Red Canary product security model will be viewed as the standard by which all other security providers are measured.
The program you will join enables rapid development of Red Canary’s features for our customers, by providing repeatable secure patterns and seamless guardrails.
Who You Are
You command deep understanding of modern cloud security architectures, the threats facing these environments, and strategies to mitigate them. You are an experienced security engineer with a passion for security operations and continuous improvement.
You are passionate about weaving elegant security into software and systems at scale. You are comfortable designing and implementing security best practices at every stage of the systems development lifecycle, from design through production. You are comfortable working with cutting edge technologies, and understand where each tool fits (or does not) in a layered security architecture approach.

What You’ll Do

• Operate across multiple product teams, developing security architecture patterns for implementing new solutions and products. 
• Engage in application and domain-specific threat modeling, and attack surface analysis and reduction.
• Develop and execute a continuous testing program.
• Work alongside engineers, performing peer review and mentoring as needed.
• Design, build, and maintain defensible architectures for cloud-centric environments based on industry best practices.
• Monitor and triage security events, leading incident response teams as necessary.
• Propose improvements to processes and systems, briefing leadership at all levels.

Preferred Qualifications

• Strong experience with the security nuances involved with distributed Cloud computing, including standards and best practices
• Strong foundation in core information security principles and concepts (TLS, authentication, etc.)
• Familiarity in public cloud security deployment and implementation issues (AWS, Azure, etc)
• Experience with industry tools and technologies such as Kubernetes, Docker, CICD pipelines, etc.
• Working knowledge of common languages such as Ruby, Python, Go, etc.
• Excellent communication, and the ability to explain complex security topics in simple terms

Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.