PubMatic is the leading marketing automation software company for publishers. Through real-time analytics, yield management, and workflow automation, PubMatic enables publishers to make smarter inventory decisions and improve revenue performance. Focused on serving the needs of premium publishers, PubMatic inspires buyer confidence by providing flexibility in audience discovery and planning media campaigns through its Media Buyer Console and APIs. The company's marketing automation software platform provides a global roster of comScore publishers with a single view into their advertiser relationships across every screen, every channel and every format. PubMatic was ranked by Deloitte as one of the fastest growing companies in the US for the fourth consecutive year in 2015. The company has offices worldwide, and is headquartered in Redwood City, California.

Within the Adtech environment, you have a deep understanding of the complex nature of security spanning infrastructure, applications and IT. You feel comfortable understanding security in the context of infrastructure, applications (Java, open source tools). You do not hesitate to dig into code to understand the subtle and obscure problems that can arise due to security vulnerabilities in the environment. You work with people, technical and non-technical alike, to understand security posture needed to help them understand, implement changes to address them. You provide best practices, guidelines, and feedback around security to PubMatic. You have your finger on the pulse of security across the industry; you have knowledge of our platform internally as well as from what happens externally.

You have a cool head under pressure. When a technical fire occurs, you understand that putting it out should always avoid collateral damage. When you cause a fire (as everyone inevitably does), you take responsibility for it and work with the team to figure out the right way to put that fire out. You believe blaming is a waste of time: when something goes wrong, you figure out why it happened and how to prevent it from happening again in the future. Better yet, you look for how things went right in the first place and improve upon those.

About you:

As a member of security team, you seek out feedback on your findings, designs and ideas and provide the same to others. You constantly ask 'What am I missing?' and 'How will this NOT work?' You don't shy away from what you don't know; you readily admit that you don't know everything, and use every resource available within and outside the company to learn what you need to know.

Responsibilities

• Work closely with users, Network, Systems, database teams, and engineering teams to under securtity proactively vulnerabilities and identify and resolve complex security issues
• Design, recommend, and implement security improvements by evaluating current systems and procedures, researching trends, and anticipating requirements
• Protect systems by defining access privileges, control structures, and resources
• Identify abnormalities, flag problems, and report violations
• Perform periodic system penetration testing
• Perform analysis and correlation of security events from multiple sources including but not limited to events from AV, network and host based intrusion detection systems, firewall logs, system logs (Linux, Windows, Mac), Domain Controller Logs and artifacts in hosted and collocated environments
• Perform regular vulnerability scans of environment and recommend prioritized remediation of vulnerabilities found
• Evaluate, recommend and lead the effort to implement a Data Loss Prevention solution
• Uncover security violations and inefficiencies by conducting audits
• Upgrade system by implementing and maintaining security controls
• Provide a quarterly report on the status of PubMatic physical, data, and application security; include recent improvements and future recommendations
• Create and update annual security strategy report
• Attend educational workshops and read industry publications to grow technical knowledge and stay current on trends
• Define, implement and maintain corporate security policies and procedures
• Acquire a complete understanding of a company’s technology and information systems
• Plan, research and design robust security architectures for any IT project
• Oversee security awareness programs and educational efforts
• Respond immediately to security-related incidents and provide a thorough post-event analysis
• Research security standards, security systems and authentication protocols

• 10-12+ years of IT and applications experience (5+ year of security experience preferred)
• B.S. in Computer Science OR equivalent technical experience
• Experience in Network Security, Information Security Policies, and Network Protocols
• Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space
• Ability to correlate security events, system artifacts and IOCs and make accurate conclusions and timely remediation’s
• Exceptional customer service skills

• CISSP Certification

• GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)

All your information will be kept confidential according to EEO guidelines.