Staff Cloud Security Engineer

About the Team:

The IoT Software team writes Orb software and firmware using Rust, C, and Python.  Frequent collaborators include the Hardware (bring-up, manufacturing, adding new sensors, etc.), AI (neural networks controlling the autofocus, etc.), and Cloud teams.  IoT Software team members are primarily located in Berlin and San Francisco, although some work remotely.

About the Opportunity:

As a Staff Cloud Security Engineer, you will be responsible for overseeing and relentlessly enhancing the security of our AWS-based backend systems. While this is a hands-on role, staying abreast of the latest security techniques and tools to intelligently deploy what is most appropriate for these systems is essential.

In this role, you will:

• Own backend security—end-to-end—and lead key security initiatives.
• Work hands-on, designing, building, maintaining, and upgrading our backend security.
• Design solutions and processes to identify, mitigate, and eventually resolve ever-changing security risks and vulnerabilities.
• Research threats and attack vectors that impact our applications and infrastructure.
• Proactively influence and enable Engineering teams to solve security challenges at scale while balancing usability, stability, and performance through mentoring and sharing application security best practices and standards.
• Provide security guidance on a constant stream of new backend/core infrastructure and technologies, diving deep into architectural details to ensure the perpetual in-depth hardening of our systems.
• Conduct Security architecture reviews, penetration testing, and source code reviews of key services, infrastructure, and underlying technologies.
• Research the latest security tools and techniques.

About You:

• Experience with AWS and many of its services.
• Experience conducting regular threat modeling assessments.
• Experience securing production and development systems.
• Experience operating static and dynamic security analysis tools, e.g., AWS Trusted Advisor, AWS GuardDuty, AWS Inspector, etc.
• Familiarity with fraud detection, intrusion detection, vulnerability/patch management, and the like.
• Familiarity with infrastructure as code (HashiCorp Terraform).
• Working knowledge of Go.
• Solid written and verbal communication skills.
• Imaginative, proactive, and independent; balanced in terms of exploration, implementation, and system-level thinking.