Staff Security Engineer - Cloud Infrastructure
London / UK Remote
Forter provides a new generation approach to meeting the challenges facing modern enterprise e-commerce. From attracting and retaining the right shoppers by reducing friction and boosting consumer confidence across the entire purchase journey, to fighting sophisticated fraudsters and reducing chargeback losses, only Forter provides a fully automated, real-time Decision as a Service™ platform. Behind the scenes, Forter’s machine learning technology combines advanced cyber intelligence with behavioral and identity analysis to create a multi-layered detection and decisioning mechanism. Across all our client's sites, we have created a network of over 800 million buyer identities globally. Our success so far in the marketplace has allowed us to achieve a total series F valuation of over $3 Billion. Our investors include: Tiger Global, Bessemer, Sequoia Capital, March Capital, Salesforce Ventures.
We're looking for a Staff Security Engineer to join our global Security and Infrastructure team. The Staff Security Engineer will improve the company’s security standing by developing security features for use in the company’s cloud infrastructure.
What you'll be doing:
- Develop and take ownership of automated security tools for internal company use, beginning identity and access management (MFA, Temporary privileges, Secret management)
- Represent the Security Team as point of contact and source of knowledge in Design Review meetings across Engineering
- Perform threat analysis, define security controls and security KPIs for implementation and tracking across the organization.
- Define automated tooling for sensitive (GDPR, CCPA) data discovery, classification, and management
- Select and deploy tools from external vendors for continuous application and infrastructure security scanning, tracking, and resolution (SAST, IDS, IPS, DDoS, etc.)
- Design, build, evangelize, and maintain security infrastructure and tools that all Forter's engineering teams will enjoy using.
- Implement security features, fixes, encryption, networking and data protection.
- Mentor others designing secure applications, providing security requirements during design reviews, and ensuring correct implementations during code reviews.
- Perform quarterly risk assessments and prepare recommendations for how to invest security resources.
- Work very well cross-functionally, think rigorously, and make hard decisions despite tradeoffs.
- Work in brownfield environments, imagining the next evolution of legacy systems alongside new ones.
What you'll need:
- 12+ years developing complex software projects (Python / Ruby / Go / NodeJS / etc.)
- 5+ years working with infrastructure as code tools (Cloudformation / Terraform / Pulumi / etc.)
- Extensive experience working with public clouds (AWS / GCP / Azure)
- Extensive knowledge of every layer of the stack (Hardware / OS / Network / Application / Database / Storage / etc.)
- Hold yourself and others to a high bar when working with production
We would especially love to hear if you:
- Contributed significantly to any open-source application security tooling.
- Have production experience with CNCF technologies like Kubernetes, Istio, Prometheus, Vault, Consul, etc.
- Have experience developing multi-cloud SAAS platforms.
- Have experience with threat modeling, performing security audits, penetration testing, and SAST tools.
- Have experience with certifications, privacy laws, and compliance programs such as PCI-DSS, SOC II, ISO27001, and GDPR.
We believe DevOps is not a job title. It is a culture.
Each team at Forter owns and maintains the performance, availability, security, and privacy of their systems, databases, and applications. Teams perform backups, manage capacity, fix security vulnerabilities, and perform required upgrades (OS, libs, etc.). They also participate in on-call rotations to handle outages and incident response.
We believe that head-count is a vanity metric. More doesn't necessarily mean better and people matter! We prefer smaller teams of talented and cohesive teams over more working hands.
We believe in continuously increasing the IQ and EQ of our teams by building an organization that will draw such people to us. We care immensely about how the team works together, and we're not scared of hard conversations. The friction of opinions or business constraints is something we need to deal with when trying to make an impact.
We don't have QA, architects, or a CTO team. We have neither a NOC nor a SOC team. Our teams are part of the system that we build, so we optimize the processes and tools to fit them. Most of our teams have a generalist-mindset, but our vast system allows people to develop expertise in the areas about which they are most passionate.
At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company.
Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.
Explore more Information Security career opportunities
- Open SOC Analyst Jobs
- Open Principal Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Vulnerability Analyst Jobs
- Open Information Security Architect Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open Senior Infrastructure Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open IAM Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Personnel Security Officer Jobs
- Open Sr. Product Security Engineer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Senior Incident Response Analyst Jobs
- Open Chief Information Security Officer Jobs
- Open Cybersecurity Analyst Jobs
- Open Staff Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Information Security Officer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Cyber Security Architect Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Cybersecurity Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Kubernetes-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Machine Learning-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open Encryption-related jobs
- Open Docker-related jobs
- Open Threat detection-related jobs
- Open IPS-related jobs
- Open TCP/IP-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open Unix-related jobs
- Open DevSecOps-related jobs
- Open GDPR-related jobs
- Open PowerShell-related jobs