Cloud Security Engineer

New York, NY

Warby Parker

Warby Parker offers high-quality eyeglasses, sunglasses, contacts, and eye exams at an affordable price. Plus, for every pair of glasses or sunglasses sold, a pair of glasses is distributed to someone in need.

View company page

At Warby Parker, we’ve proven that businesses can scale, be profitable, and do good in the world. Now, we’re searching for a motivated Cloud Security Engineer to join our 80+ person in-house Engineering team to help take this mission to the next step.

In this role, you’ll be responsible for securing world-class software applications that power Warby Parker day in and day out. We build most of our technology in-house (think: e-commerce systems, business systems, and everything in between) by listening closely to customers and collaborators alike (from Finance to Supply Chain) and by being relentlessly iterative. Project to project, working here is an exciting opportunity to build products at the intersection of health, e-commerce, retail, and fashion. 

Our ideal candidate is a great collaborator, with a broad knowledge of security and systems system design, as well as AWS fundamentals. They have experience across a range of technical disciplines, including secure application design, information security (hardening, detection/response, etc.), networking, and infrastructure automation (e.g., SRE). We’re looking for someone who likes to dream up and implement creative solutions to a wide variety of real-world technical issues. So, if you're a motivated software engineer who takes your work seriously—but not yourself—you may be just the person we're looking for. Read on!

What you’ll do:

  • Champion cloud security at Warby Parker by working alongside both engineering and product teams to develop super secure products
  • Perfect our cloud security, ensuring our AWS infrastructure is well-protected
  • Assess the risk of applications and architectures through threat modeling, building attack trees, and communicating potential vulnerabilities relative to their business impacts
  • Collaborate across our Engineering teams to improve our tools and strategies, promoting a security-first mindset
  • Review third-party services and integrations (and, of course, the risk impacts associated with their use)
  • Become a collaborative resource for information security, for both technical and non-technical colleagues
  • Monitor, detect, respond to, and investigate security breaches

Who you are:

  • Backed by 3+ years of experience (or equivalent knowledge) in a security role, with at least 1 year of hands-on AWS experience
  • Deeply knowledgeable of AWS IAM, least-privilege access, security groups, VPCs and AWS networking best practices, and infrastructure security practices
  • Passionate about DevSecOps and promoting security culture across the company
  • Curious about technology, with a deep understanding of a variety of security-oriented systems such as Linux and Cloud
  • Equipped with a knowledge of application-security best practices and encryption
  • Experienced with Bash and Python (both the system and application)
  • Familiar with application security (OWASP Top 10, SANS 24, CERT) issues and tooling such as static, dynamic, and/or software component analysis
  • Not on the Office of Inspector General’s List of Excluded Individuals/Entities (LEIE)

Extra Credit:

  • Pertinent AWS Certifications
  • Experience with e-commerce security
  • Familiarity with HIPAA compliance

Some benefits and perks of working at Warby Parker:

  • Health, vision, and dental insurance
  • Flexible “My Time” vacation policy
  • Retirement savings plan with a company match
  • Parental leave (non-birthing parents included)
  • Cell phone plan reimbursement
  • Free eyewear, plus discounts for friends and family
  • And more—just ask!
 

About Us:

Warby Parker was founded with a mission: to inspire and impact the world with vision, purpose, and style.

We’re constantly asking ourselves how we can do more and make a greater impact—and that starts by reimagining everything that a company and industry can be. We want to demonstrate that a business can scale, be profitable, and do good in the world—without charging a premium for it. And we’ve learned that it takes creativity, empathy, and innovation to achieve that goal.

Since the day we launched in 2010, we’ve pioneered ideas, designed products, and developed technologies that help people see. We offer everything our customers need for happier eyes at a price that leaves them with money in their pockets, from designer-quality glasses and contacts to eye exams and vision tests. 

Ultimately, we believe in vision for all, which is why for every pair of glasses or sunglasses we sell, a pair of glasses is distributed to someone in need through our Buy a Pair, Give a Pair program. Over eight million pairs of glasses have been distributed in over 50 countries; that means eight million people now have the glasses they need to learn, work, and achieve better economic outcomes. 

At Warby Parker, you can look forward to company outings and events, volunteering and learning opportunities, and just great company filled with curious, kind folks. Dreaming up and sharing ideas aren’t responsibilities reserved for certain teams or leaders; the challenge (a really fun one) of innovation is on all of our shoulders. Teammates can also connect around common interests, backgrounds, and identities, no matter their home base, through our various employee resource groups. (We’re happy to say that the Human Rights Campaign has named us a Best Place to Work for LGBTQ+ employees!) That sense of community and belonging keeps us excited to walk through the door every day, wherever that door may be. 

We're driven to continue building a workplace, based on inclusive behaviors and equitable systems, where all employees can bring their authentic selves, feel engaged, and share their perspectives as a valued member of Team Warby. Transparency is what we’re all about, and our annual Impact Report and Racial Equity Strategy lay out how we’re sticking to these values. 

Tags: Application security Automation AWS Bash Cloud Compliance DevSecOps E-commerce Encryption Finance HIPAA IAM Linux OWASP Python SANS Strategy Vulnerabilities

Perks/benefits: Career development Flex hours Flex vacation Health care Parental leave Team events

Region: North America
Country: United States
Job stats:  9  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.