Software Engineer - Security
Company: Factory
Location: San Francisco
Posted on: November 8, 2024
Job Description:
Factory is seeking a talented Security Engineer to join our
team. In this role, you will play a critical role in developing and
maintaining the security foundation of our platform. You will
conduct in-depth code reviews, implement security best practices,
and influence the overall security strategy. Your expertise in
TypeScript, Python, Kubernetes, CI/CD, and terraform orchestration
will be crucial in identifying and mitigating potential security
vulnerabilities.What you will do and achieve:
- Design, implement, and manage security measures for the
protection of our cloud infrastructure, applications, and data,
focusing on both preventative controls and rapid response
capabilities.
- Collaborate closely with our engineering teams to integrate
security practices into the software development lifecycle,
including secure coding standards, automated security testing, and
secure architecture design.
- Stay up-to-date on the latest security threats,
vulnerabilities, and mitigation strategies.
- Conduct security code reviews to identify and remediate
security vulnerabilities.
- Develop and implement automated security testing procedures to
identify vulnerabilities and risks, recommending and implementing
appropriate mitigation strategies.
- Respond to security incidents and participate in incident
response procedures.
- Document security processes, procedures, and best
practices.
- Lead security awareness and training programs, empowering all
team members to recognize and prevent potential security
threats.Qualifications
- Minimum 5+ years of experience as a Security Engineer with a
focus on product security, with a strong background in securing
cloud-based environments (AWS, Azure, GCP) and understanding of
Infrastructure as Code (IaC) security practices.
- Strong coding skills with proficiency in TypeScript and
Python.
- Expertise in various security domains such as application
security, network security, security operations, and incident
response.
- Experience with container security (Docker Security, Kubernetes
Security).
- Familiarity with a wide range of AWS services, including but
not limited to VPC, EC2, Lambda, Amazon RDS, and S3.
- In-depth knowledge of CI/CD pipeline tools and practices,
ideally with experience in GitHub Actions or Jenkins.
- Knowledgeable in security compliance frameworks and regulations
(e.g., ISO 27001, SOC 2, GDPR) and experience with security
assessments and third-party audits.
- Proficiency with security tools and technologies, such as
firewalls, IDS/IPS, vulnerability scanners, WAF, SIEM, and
encryption solutions.
- Demonstrated ability to influence security strategies and drive
improvements within a team.
- The team goes into the office 5 days a week in San Francisco
(walking distance to Caltrain).
#J-18808-Ljbffr
Keywords: Factory, San Jose , Software Engineer - Security, IT / Software / Systems , San Francisco, California
Didn't find what you're looking for? Search again!
Loading more jobs...