Staff Security Engineer

  • San Francisco, CA, USA
  • Full-time

Company Description

Optimizely is the world's leader in customer experience optimization, allowing businesses to dramatically drive up the value of their digital products, commerce and campaigns through its best in class experimentation software platform. By replacing digital guesswork with evidence-based results, Optimizely enables product and marketing professionals to accelerate innovation, lower the risk of new features, and drive up the return on investment from digital by up to 10X. Over 26 of the Fortune 100 companies choose Optimizely to power their global digital experiences. Optimizely’s impressive customer list includes eBay, FOX, IBM, The New York Times and many more global enterprises.

Job Description

Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will grow our software security program that facilitates security being baked into all of the products and infrastructure built at Optimizely. The responsibilities are a blend of security engineering and software engineering. If you’re a security engineer looking to get into a leadership position, this is a great opportunity for you to have impact across an entire engineering organization and support a world-class software security program.

  • Support the software security program in Optimizely Engineering- ensure that security is baked in to everything we build at every step of the software development lifecycle

  • Grow a culture of security in Engineering - we do fun things like security happy hours, pizza and t-shirts

  • Perform security reviews of technical design documents

  • Measure and grow security maturity across engineering

  • Triage security issues and provide recommended fixes

  • Support our bug bounty program

  • Facilitate independent security assessments and penetration tests

  • Evaluate new tools, processes, and frameworks; Drive adoption of the best ones

  • Review and respond to new security threats

 

Qualifications

About You

  • Software engineering background. You may not be coding every day, but you will need to be comfortable reviewing and discussing architecture and code with software engineers

  • Familiarity with cloud security, particularly AWS Security concepts

  • Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response

  • Able to influence without authority and have excellent teamwork skills

  • Exceptionally clear communication skills- you'll need to communicate effectively and build relationships with all levels and roles at Optimizely

Desired Experience

  • Implementing software security programs like the Security Development Lifecycle

  • Discussing security with customers

  • Implementing controls for information security compliance programs including PCI, ISO 27001 and SOC 2

  • Worked in a fast growth startup environment

 

Additional Information

Perks

  • Commuter and transportation benefits
  • Catered in-office lunch and dinner on weekdays
  • Full medical insurance with very low co-pay and deductible. HMO, PPO, and HSA options available
  • Full dental coverage including orthodontics
  • Full vision coverage including contacts
  • Dependents 100% covered for medical, dental, and vision
  • Wellness Grant
  • Unlimited vacation policy and seventeen weeks of paid parental leave
  • 401k benefit
  • Working with a great team and having a huge impact!

 

 

At Optimizely, we embody inclusion and embrace diversity.  Optimizely is an equal opportunity employer and makes employment decisions on the basis of merit.  Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines.

Privacy Policy