Director of Product & Cloud Security
New York City, United States
RoktRokt is the global leader in ecommerce technology & software solutions, driving more value per transaction with personalized experiences. Request a demo today.
Rokt is the global leader in ecommerce technology, helping companies seize the full potential of every transaction moment to grow revenue and acquire new customers at scale. Live Nation, AMC Theatres, PayPal, Uber, Hulu, Staples, Lands’ End, and HelloFresh are among the more than 2,500 leading global businesses and advertisers that use Rokt's solutions to drive more value through every transaction by offering highly relevant messages to their customers at the moment they are most likely to convert.
With our December 2022 secondary transaction, Rokt’s valuation increased to $2.4 Billion. We are expanding rapidly and globally – operating in 14 countries across North America, Europe and the Asia-Pacific region with the largest office in NYC and a major R&D hub in Sydney. With 50% annual growth and a vibrant company culture, Rokt has been listed in ‘Great Places to Work’ in the US and Australia. Our award-winning culture is guided by our eight core values: smart with humility, own the outcomes, force for good, conquer new frontiers, enjoy the ride, raise the bar, communicate with impact, and disagree then commit. These values help us attract, engage, and develop the right talent around the globe and ensure we foster an environment that helps us all do our best work. Keen to join a fast-growing company and a vibrant culture? Learn more at rokt.com.
[additional paragraph for ENG roles only at the end of the "About Rokt" section]
The Rokt engineering team builds best-in-class ecommerce technology that provides personalized and relevant experiences for customers globally and empowers marketers with sophisticated, AI-driven tooling to better understand consumers. Our bespoke platform handles millions of transactions per day and considers billions of data points which give engineers the opportunity to build technology at scale, collaborate across teams and gain exposure to a wide range of technology. We are expanding rapidly in our major R&D centers in NYC and Sydney. We are passionate about using intelligent systems to improve the transaction moment for retailers everywhere. Come join us and build the future!
Rokt is looking for a Security Engineer who can work with our product engineering teams to ensure security and privacy concerns are adequately addressed at every stage of the SSDLC.
You will be responsible for improving the security maturity of several dev teams. You will assist them by reviewing their system designs and infrastructure needs, performing rapid risk assessments, triaging vulnerabilities, implementing mitigating controls, improving automated test capabilities, increasing observability, documenting security requirements and architecture decisions, etc.
When not engaged with dev teams, you will innovate and engineer systems or tools that help scale our security processes and controls. You will establish additional automated test capabilities, build utility libraries or frameworks to address recurring vulnerability types, or engage in similar initiatives that can detect or prevent entire vulnerability classes through ‘paved road’ initiatives.
- Partner with product engineering teams to improve the security maturity of their services, support documentation, and automated CI/CD build, test and deployment processes
- Develop in-house libraries or frameworks to mitigate or test for recurring vulnerability classes
- Lead initiatives to develop in-house systems or tools to automate vulnerability discovery or block exploitation attempts
- Use a data driven approach to validate that security initiatives are successful or to identify strategic opportunities for improvement
- Mentor the security team to become SMEs across multiple technologies and security domains
- Share your knowledge by giving brown bags, tech talks, and evangelizing appropriate tech and security best practices
- Proven experience building code libraries or frameworks, CI/CD pipeline plugins, or other software solutions
- Strong understanding of modern web application technologies (esp. REST APIs, GraphQL, Protobuf, React, Angular) and related vulnerabilities
- Experience with secure design reviews, threat modeling and data privacy assessments
- Familiarity with Cloud infrastructure (esp. AWS, GCP, Kubernetes), infrastructure-as-code patterns (esp. Terraform), and CI/CD build and deployment pipelines
- Passionate about building security tools and practices that engineers love and that drive efficiencies through automation
- Safety is our highest priority. We actively invest in the growth of our people and the strengthening of our communities. Our NYC office is 100% vaccinated to keep our employees and community safe and healthy. We require all Rokt’stars and anyone else who will be onsite at the Rokt NYC office–clients, contractors, vendors, and suppliers–to show proof of vaccination and their booster shot.
- Work with the greatest talent in town. Our recruitment process is tough but diligent. We’re constantly aiming to implement our value of “raise the bar” and set high standards for our Rokt’stars. This is essential in our high-performing, high-grow culture where we strive to bring in the brightest and best talent. Our teams thrive by challenging the status quo and we encourage all of our teams to unleash their desire to achieve something bigger.
- Join a community. At Rokt we’re a community of curious explorers. We’re not afraid of venturing into uncharted territories. We work together as one single, aligned team. We value diversity and transparency which is why we support a number of internal employee resource groups including an EDI steering committee, Rainbow Rokts that empowers our LGBTQIA+ Rokt’stars, Womxn who Rokt that promotes gender equality in tech, and more.
- Accelerate your career. We want you to unleash your full potential. This is why we have an annual ‘Level Up’ allowance of $5,000 that gives Rokt’stars the ability to take courses, attend events, go to training, and more to help our great employees become even better leaders.
- Take a break. When you work hard, we know you also need to rest. We offer generous time off and parental leave policies, as well as mental health and wellness days for all employees. We even incentivize individuals to utilize their PTO with “High 5” days, an additional 5 days of PTO when you’ve used 75% of your allotted annual paid leave. We also offer a paid Rokt’star Sabbatical for employees who have been with us for 5 years or more.
- Stay happy and healthy. In order to unleash our potential, we want to ensure you’re able to keep your wellbeing a priority. This means you can enjoy a well-balanced, catered lunch 5x a week in the office along with healthy snacks. We also want you to feel at home when coming into work which is why we’re a dog-friendly office so you can bring your furry friend to work with you. As part of your wellbeing benefits, we offer a wellness stipend so you can enjoy the gym on us! In the US, access generous retirement plans like a 4% dollar-for-dollar 401K matching plan and get fully funded premium health insurance for your entire family!
- Become a shareholder. All Rokt’stars have stock options. If we succeed, everyone is rewarded.
- See the world! We want our Rokt’stars to enjoy the ride. As we aim to bring meaning and fun to our everyday work, we host global all-staff events in amazing locations (Phuket, Thailand in January 2020, Hawaii in May 2022, and Whistler in 2023). As we strive to build a community of curious explorers, we also offer generous relocation packages for those interested in moving to another Rokt office. We have bustling offices in great cities including: New York,Seattle, Sydney, London, and Tokyo.
- We believe we’re better together. We love spending time together and are in the office most days (most teams are in the office 3-4 days per week). We also get that you need to balance your life and your commitments so you have flexibility to manage your own hours and can spend up to a week of every quarter working from anywhere.
- We believe in equality. Rokt is an Equal Opportunity Employer and we know our collective strength comes from how different we all are. We encourage you to apply for one of our open roles—irrespective of socio-economic status or background, age, gender identity, race, religion, sexual orientation, color, pregnancy, carer/family responsibilities, national and social origin, political opinion, marital, veteran, or disability status.
Compensation range: 230,000-300,000, plus equity and benefits
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: 401(k) matching Career development Equity Fitness / gym Health care Home office stipend Insurance Paid sabbatical Parental leave Pet friendly Relocation support Startup environment Team events Wellness
More jobs like this
Remote United States | … Remote United States | Remote Atlanta, GA Full TimeExecutive Executive-levelUSD 107K - 236K * USD 107K+ *
Chief Information Security OfficerApplication security CISA CISM CISSP Cloud Compliance +16
401(k) matching Career development Health care Medical leave Paid sabbatical +2
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 57K - 106K * USD 57K+ *
Director of Threat Intelligence - 100% US REMOTE ONLYCISM CISSP Computer Science Cyber Kill Chain GCIH Incident response +6
401(k) matching Career development Competitive pay Equity Flex hours +5
New York City New York City Full TimeExecutive Executive-levelUSD 289K - 353K USD 289K+
Federal Reserve System
Program Director, Cybersecurity Risk and PolicyBanking Clearance Compliance Privacy Security Clearance Strategy
401(k) matching Career development Flex hours Flex vacation Health care +5
San Francisco, CA, United … San Francisco, CA, United States Full TimeExecutive Executive-levelUSD 269K - 329K USD 269K+
Head of Compliance, Emerging BusinessesAnalytics Banking Blockchain C Compliance Crypto +4
Career development Equity Flex hours Flexible spending account Flex vacation +7
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs