Senior Security Engineer
Technical Operations | Palo Alto, CA | Full Time
A Little About Us:
At Instart, we are building a world where digital experiences continuously adapt to become increasingly engaging with every interaction.
Instart is a Palo Alto based late stage startup backed by the who’s who of the VC world – Andreessen Horowitz, Kleiner Perkins, Greylock and Sutter Hill to name a few.
Today, we are the trusted digital experience management partner for Fortune 100 companies, who are leaders in their respective industries. Our team is made up of motivated individuals that help each other do remarkable things every single day. We have built an amazing platform that large enterprises around the world are using to drive the performance, consumer experience and security of their cloud, web and mobile applications.
Of course, because we are building groundbreaking applications and architecture that is transforming and disrupting application delivery at the enterprise level scale, we are facing new challenges in every facet of our business. So, we are looking for disruptive, transformative individuals ready to embrace these challenges with the same passion, vision, and dedication that we do.
A Lot About You:
Do you “Play to Win”?
As our Sr. Security Engineer, you will be working in conjunction with our Head of Security to provide a secure environment for both our employees and our customers. Your day to day would, at a minimum, include validating application and environment changes to confirm security best practices, execute on vulnerability scanning and penetration testing, remediating security gaps and findings, keep security policies and procedures up to date, and being an integral part of the incident response process.
Additionally, you will provide leadership in mentoring teams throughout the organization on secure practices, and then validating their compliance through scanning, manual reviews, or automated reviews.
- Review network and software changes and validate them against compliance standards (PCI, SOC2, etc)
- Perform regular penetration testing, vulnerability scanning, and remediate gaps found
- Work with the Head of Security in annual compliance audits
- Develop, update, and maintain security policies, procedures, and methodologies
- Assist in guiding security project both for the organization as well as for products and services
- Use common security tools and techniques to analyze network traffic and systems behavior in order to identify and track potential attacks and adversaries.
- Develop tools and scripts to automate vulnerability detection.
- Validate vulnerabilities found by automated tools, bug bounty programs, and manual testing and establish priority for mitigation.
- Suggest firewall and NIDS rules and configuration changes to the environment in order to mitigate observed attacks.
- Determine root cause of potential security events or incidents.
- Effectively communicate through written and spoken means with technical peers.
- Under the guidance of management, respond to security incidents.
- Own tracking and resolution of security incidents and mitigations.
- Occasional on-call work.
What Catches Our Eye:
- Bachelor’s degree or equivalent work experience.
- 3+ years of experience in information/computer security.
- 1+ years of experience as a security analyst.
- Demonstrable experience writing NIDS, SIEM and Firewall rules.
- Experience in writing SQL queries.
How to really impress us:
- Experience working with digital forensic tools a plus
- 2+ years of automated scripting knowledge
- UNIX / Linux experience
- SIEM knowledge a plus
- Compliance (PCI, SOC2) knowledge a plus
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.