Cloud Security Engineer

About Us:

Rent the Runway (RTR)  is transforming the way we get dressed by pioneering the world’s first Closet in the Cloud. Founded in 2009, RTR has disrupted the $2.4 trillion fashion industry by inspiring women with a more joyful, sustainable and financially-savvy way to feel their best every day. As the ultimate destination for circular fashion, the brand now offers infinite points of access to its shared closet via a fully customizable subscription to fashion, one-time rental or ownership. RTR offers designer apparel, accessories and home decor from 700+ brand partners and has built in-house proprietary technology and a one-of-a-kind reverse logistics operation. Under CEO and Co-Founder Jennifer Hyman’s leadership, RTR has been named to CNBC’s “Disruptor 50” five times in ten years, and has been placed on Fast Company’s Most Innovative Companies list multiple times, while Hyman herself has been named to the “TIME 100” most influential people in the world and as one of People magazine’s “Women Changing the World.”

About the Team:

We are currently growing our Information Security team in order to protect and scale our enterprise as well as meet ongoing compliance requirements.  Our team works closely with IT, Infrastructure, and Engineering, to ensure the security posture of Mission Critical Production Environments, build Security into the software development life-cycle, as well as deploy and maintain Security Tooling and processes.

About the Job:

The Cloud Security Engineer will report directly to the VP, IT, Security and Compliance and will be a driving force in setting the Security and Compliance roadmap for the Organization. You will be responsible for hands-on design, engineering, configuration and integration of Security solutions that provide confidentiality, integrity, availability, authentication, and non-repudiation to meet stated security and compliance objectives.  

What You'll Do:

• Work closely with the VP of Security to understand goals and determine security and compliance requirements
• Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity and availability of business data
• Design and implement application, network, and data security solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements
• Partner with engineering teams to integrate security controls into continuous integration, delivery and deployment processes 
• Maintain, Improve, and Implement, Security tooling.
• Expand upon existing documentation processes, procedures, and metrics
• Cyber incidents identification and activation of incident response procedures
• Build strong relationships with RTR’s cross functional teams and cultivate a culture of security awareness and ownership 
• Collaborate with the Infrastructure and SRE teams to instrument our Cloud environments

About You:

• You have 5+ years of experience providing technical leadership within the security domain, including managing delivery of complex projects, mentoring, acting as a role model for other engineers and evaluating complex tradeoffs and priorities.
• You have a degree in computer science, software engineering, or cybersecurity with 3+ years of programming experience with various languages like Java, C#, Python, C++, Go, Scala.
• You have an understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security.
• You have experience in DevOps Methodology and automating security controls into the CI/CD process.
• You have experience with CI/CD tools and workflows.
• You have working knowledge of Docker and Kubernetes.
• You have experience in configuration and maintenance of Splunk as a SIEM.
• You have a strong knowledge of web applications security practices.
• You have professional certifications in information security management, such as a CISSP or CISM.
• You have a strong familiarity with information security frameworks (e.g. NIST, CIS, or ISO) and experience architecting solutions to meet compliance requirements (e.g. PCI-DSS, GDRP, CCPA).
• You have experience formulating a clear and actionable plan, with experience executing against it.
• You can successfully work in a fast paced, agile environment.

Benefits:

At Rent the Runway, we’re committed to the wellbeing of our employees, and aim to create a workplace that fosters both personal and professional growth. Our inclusive benefits include, but are not limited to:

• Paid Time Off including vacation, paid bereavement, and family sick leave - every employee needs time to take care of themselves and their family.
• Universal Paid Parental Leave for both parents + flexible return to work program  - because we know your newest family member(s) deserve your undivided attention.
• Paid Sabbatical after 5 years of continuous service - Unplug, recharge, and have some fun!
• Exclusive employee subscription and rental discounts -  to ensure you experience the magic of renting the runway (and give us valued feedback!).
• Comprehensive health, vision, dental, FSA and dependent care from day 1 of employment - Your health comes first and we’ve got you covered.
• 401k match - an investment in your future.
• Company wide events and outings - our team spirit is no joke - we know how to have fun!
• Hybrid Work - when our corporate employees return to the office post COVID they will have the option to work remotely 2-3 days a week, in accordance with Company policies. 

Rent the Runway is an equal opportunity employer. In accordance with applicable law, we prohibit discrimination against any applicant or employee based on any legally-recognized basis, including, but not limited to: race, color, religion, sex (including pregnancy, lactation, childbirth or related medical conditions), sexual orientation, gender identity, age (40 and over), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed service member status or any other status protected by federal, state or local law.