Staff Cloud Security Engineer

Job Description

Iterable is a cross-channel platform that powers unified customer experiences and empowers marketers to create, optimize and measure every interaction taking place throughout the customer journey. With Iterable, brands create individualized marketing touchpoints that earn engagement, solidify trust and galvanize loyal consumer-brand relationships.

Developed for the enterprise, Iterable is built from modern technologies that transform cloud, partner and tool-specific data into integrated, personalized engagements. No matter the audience size or degree of campaign sophistication, Iterable empowers brands to execute where it matters most—creating experiences and cultivating connections with over 2 billion people world-wide. Leading brands , like Zillow, DoorDash, Calm, Madison Reed, and Box, choose Iterable to power world-class customer experiences throughout the entire lifecycle.

Iterable's momentum grows daily and there has never been a more exciting time to join the team! We've been recognized as one of the Best Places to Work - SF for the past three years, one of the Best Places to Work in Colorado for the past two years, and were named as one of Colorado's Best Paying Companies . We've also been listed on Wealthfront's Career Launching Companies List for the past two years, rank sixth on the list of Top 25 Companies Where Women Want to Work and hold a top 20 spot among the SaaS 100.

We have a nationwide presence with offices in San Francisco, New York, and Denver, and London. As we scale, we continue to live by our core four, founding values - Trust, Growth Mindset, Balance, and Humility. To understand the Iterable story, explore our Culture and About Us page.

How you will make an impact:

Customers trust Iterable with sensitive information, expecting us to safeguard their data. Iterable's Security team leads a cross-functional effort across the company to ensure that all systems remain secure in support of Iterable's core values, and to provide assurance to our customers that we will be good stewards of their valued data. The Security team actively leads the effort to improve Iterable's security posture in concert with other groups as they develop or launch new features and services. As Engineers, we believe in security through automation, assessments, technical reviews and vulnerability evaluation. Our footprint spans across the entire company at all levels, throughout the complete development lifecycle. You'll report directly to the Director of Security Engineering.

We aim to create a compelling, well-documented, and holistically managed security program. We are looking for individuals to join our vibrant Security Engineering team to move the current state of security to the next level. We strive to improve our cloud security capabilities, and support our peers in building an amazing product through creating an environment which fosters security by design. To summarize, we want you to share and be a part of our grand plan!

One of our core values is “Growth Mindset,” and Iterable is a company where everyone can grow. If this is a role that excites you, please apply as we value applicants for the skills they bring beyond a job description.

In this role you'll get to:

• Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices, document and ensure security issues are appropriately remediated
• Leverage subject matter expertise of systems and infrastructure to propose solutions and drive architectural improvements which address classes of security vulnerabilities
• Develop and implement cloud and infrastructure security architecture and contribute to overall strategy and roadmap plans
• Participate in the selection, design, development, implementation, and management of automated security testing tools, such as cloud security posture management and image vulnerability scanners
• Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure deployments via Terraform, AWS CloudFormation, or similar, are secure and compliant with standards and guidelines
• Coordinate and participate in penetration tests of our cloud services

We are looking for people who have:

• Experience providing cloud security subject matter expertise and guidance to people external to a security team
• Solid understanding of cloud security vulnerabilities defense techniques and security best practices, including AWS security practices and present-day threats
• Knowledge of system and infrastructure hardening and monitoring best practices in a cloud environment
• Experience with modern cloud infrastructure including EC2, Kubernetes, workload orchestration , data stores (relational DBs, NoSQL and document DBs), object stores(S3) and event streaming
• Strong working knowledge of AWS services and security concepts including Service Control Policies (SCPs), Identity and Access Management (IAM), Virtual Private Clouds, Elastic Load Balancers, AWS CloudTrail, and Security Groups
• Proficiency in an AWS-compatible programming language, such as Python, Ruby, Java, or Go
• Some expertise with Lambda functions (language agnostic)

Perks & Benefits:

• Paid parental leave
• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Day (First Friday off every month)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Daily lunch allowance
• Monthly Employee Wellness allowance
• Quarterly Professional Development allowance
• Pre-tax commuter benefits
• Complete laptop workstation

For Colorado-based employment: The minimum salary for this position is $191,100/year. The compensation package includes equity, plus a range of medical, dental, vision, financial and other benefits. Additionally, perks such as daily paid lunches and generous stipends for health & fitness and learning & development, among others, are included.

Iterable is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Iterable does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Iterable also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Iterable will also consider for employment qualified applicants with arrest and conviction records.

Last Update: 10/5/2022