Uncubed
           

Senior Staff Product Security Engineer

Lookout, San Francisco, CA

Everything is OK


Lookout is a cybersecurity company for the post-perimeter, cloud-first, mobile-first world. Powered by the largest dataset of mobile code in existence, the Lookout Security Cloud provides visibility into the entire spectrum of mobile risk. Lookout is trusted by hundreds of millions of individual users, enterprises and government agencies and partners such as AT&T, Verizon, Vodafone, Microsoft, Apple and others. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, India, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit www.lookout.com.  

Lookout is a modern startup for the modern world, run by apps! As part of Lookout’s engineering team, you will have an opportunity to take on some of the most interesting challenges in one or more core areas of intellectual property and fundamental building blocks that form Lookout’s category-defining Personal and Enterprise products. In order to tackle these challenging problems, you must be open-minded to explore new  areas as well as evolve key existing systems, such as high scale cloud systems, mobile platforms(iOS/Android) development, detection engines, analysis systems cloud backend micro-services, front-end/UI, Data Engineering, Machine Learning, Threat research and CI/CD. If you enjoy building cutting edge products leveraging the latest technologies, tools and development methodologies, and want to make an immediate impact through your work, come check us out.

Lookout’s users and product developers trust our Information Security team to provide them with the most secure experience. We're looking to hire Product Security Engineers to ensure that our products are designed and implemented to the highest security standards. You will have incredible communication skills and experience analyzing products from a security perspective.

You immerse yourself in all aspects of security, especially as it relates to building secure microservice-based cloud products, DevSecOps and stopping attacks in the cloud.  You are looking for an opportunity that will try your technical skills and challenge your creativity. You are ready to face a wide range of security questions, many of which have not been considered before.  Production servers, networks, endpoint devices, and data are safe in your hands. You are a subject matter expert who wants to implement tactical solutions and contribute to innovative solutions to big picture issues.

Responsibilities:

You’ll be tasked with improving security across all aspects of Lookout’s products throughout their lifecycle, from design and architecture to code to deployment in an infrastructure, mostly in Amazon Web Services, running complex highly security-sensitive services at significant scale.  You will be challenged every day.

  • Harden our products from attack by implementing strong Agile Security Development Lifecycle (SDL) tools and processes
  • Provide subject matter expertise on network architecture, DevSecOps, building secure software and implementation security controls in an Agile environment
  • Push the boundaries of security technology to enable defensible products in large scale production infrastructure and networks.
  • Perform security assessments of applications, and solutions in production, corporate and cloud infrastructures
  • Define and implement security standards and guidance for engineering teams, including automation and technical controls to enforce
  • Build frameworks to provide secure defaults to engineering teams and tools that will automatically scan and detect security problems.
  • Provide training to engineering teams on application security related topics.
  • Evangelize security within Lookout.

Requirements:

  • BS in Computer Science, Computer Engineering of Electrical Engineering
  • 8 + years of practical experience with security architecture, design and implementation in large scale products and cloud infrastructure, including 3+ years of experience in application security related field (architecture reviews, code reviews, application penetration testing, security engineering).
  • Significant software development experience, developing and delivering complex applications. Mobile applications and backends, microservice architectures, delivering to Enterprise customers a plus.
  • Experience in a DevOps and Security (DevSecOps) focused environment. Experience integrating security tooling with CI/CD pipelines
  • Hands on experience with AWS and AWS security controls (IAM, Lambda, Cloudtrail, KMS)
  • Deep familiarity with Secure Development Lifecycles
  • An expert in two or more of the following domains: cryptography, authentication and security protocols, web application security, mobile application security, cloud based services, and threat modeling.
  • Expert knowledge of cryptographic protocols

Desired qualifications and skills:

  • Expert knowledge of Linux operating systems
  • Development experience in Ruby or Java.
  • Experience with writing and using network automation tools, and scripting languages (ruby/python preferred)
  • Excellent written and verbal communication skills.
  • Excellent teamwork and leadership skills.
  • Security Certifications are a plus
  • Familiarity with compliance frameworks and standards (FedRamp, PCI, etc.) is preferred

About Lookout

Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen -- predicting and stopping mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

Lookout

Want to learn more about Lookout? Visit Lookout's website.