DEFEND PERISCOPE AND THE DATA OF OUR CUSTOMERS
Customers trust us with their most important data. They use Periscope to query everything from revenue metrics to the personally identifiable information of their users. You will lead the effort to constantly improve the security of Periscope's architecture, production systems, and corporate infrastructure.
You will own the overall security policies and implementation at Periscope. You'll be expected to design and deploy systems that are both highly secure and highly functional. Enabling everyone at Periscope to keep moving fast while continuously increasing the strength of our security may be your greatest challenge.
HOW YOU'LL RAMP
Within your first 30 days you'll...
- Spend time with the engineering and product team to get up-to-speed on our technology stacks and current security controls
- Identify immediate high-priority security issues and develop a plan to mitigate the issues
By Day 30, you'll...
- Have a solid fundamental understanding of our products, people, processes and technologies.
- Perform initial assessment on the strengths and weaknesses of the current stack through static analysis, automated scanning, and/or custom attacks
- Develop a plan to fix security risks at the technology and process level
- Review code and other production changes to ensure no security issues are introduced
- Work with HIPAA and SOC2 auditors to ensure compliance of Periscope's internal procedures
By Day 60, you'll…
- Deploy improvements to the production and deployment architectures
- Collaborate with third-party penetration testing vendors
- Perform offensive security testing against production
- Evangelize better security throughout the company
- Work with customer-facing teams on security questions from our customers
By Day 90, you'll...
- Implement continuous monitoring systems and tools to automatically identify potential security issues at at the code, application and infrastructure layers
- Create and manage our bug bounty program
- Promote a security-first culture and ensure that all employees at Periscope are able to protect Periscope from threats
WHAT YOU HAVE AND ACCOMPLISHED SO FAR:
- Experience working as a security engineer, consultant or similar position.
- Hands-on experience in configuring and hardening cloud-based infrastructure (AWS, Google Cloud, etc.).
- Demonstrated capability in secure coding (input validation, session management, etc.) and performing automated or manual static analysis.
- Hands-on experience in conducting penetration testing and vulnerability assessment at the network and application layers.
- Ability to dissect new systems or product requirements and identify and develop security requirements.
- Basic understanding on various on security processes (access management, incident management, data security, etc.)
- [BONUS] Security certifications such as CISSP, CEH, GWAPT, etc.
- We're a kind, curious, tight-knit bunch. We eat together, toast our shared accomplishments together, and often spend holidays and ski trips together.
- We are on-boarding rapidly! The team grew from 20 to 69 in 2016, and will grow to 140 and beyond in 2017.
- We believe strongly in a data-driven approach to all that we do. We're constantly measuring and optimizing everything about the business.
- We have close relationships with our customers. We see customers several times a month, and email with them several times a week.
- Speeding up metrics calculations by over 10,000X by implementing them as parallel bitwise operations on bitsets.
- Improving chart render speed by over 100X by reimplementing on top of Canvas instead of SVG.
- Auto-ETLing entire customer databases into our data cache while targeting < 1hr freshness on all customer data.
- Implementing cross-database query translation and cross-database joins.
- We want to know what it's like to work together; there are never any riddles or whiteboards.
- First you'll see Periscope and how customers use it. Later we'll code together online, or review your solution to an offline code challenge. And when you come on site to meet the team, you'll spend a couple hours pair programming in the Periscope codebase.
Periscope's most important feature is our phenomenal development speed. We deploy to production an average of 5 times per day. Much of this is cultural, and much of it is investing in anything that will reduce drag on the team, like fully automated testing, one-click test-and-deploys, and great whiskey. (Wait, what?)
We plan to double our team in the next six months. If you learn quickly and have that get-stuff-done attitude, we'd love to talk to you!
About Periscope Data
Periscope Data brings data teams and their stakeholders onto a single, unified platform. Our platform gives data professionals full control over the analytics lifecycle — including ingestion, storage, analysis, visualization and reporting — and non-technical users the ability to drill down into the data to quickly answer questions. With Periscope Data, teams can move faster, make better decisions, and support successful business outcomes. We’re here to create a more data-driven world, where everyone can understand and unlock the full potential of their data.
Want to learn more about Periscope Data? Visit Periscope Data's website.
Jobs You May Like
Director of International Technology
Taco Bell, Irvine
Senior Systems Engineer (DevOps)
QA Tester (Sony TRC Experience Required)
Survios, Culver City, CA
Senior Software Engineer - Growth
Wish, San Francisco, United States
Senior Software Engineer, iOS
Strava, Denver, CO
Dept, Amsterdam | Rotterdam