Principal Cloud Security Engineer - Segment (L5)
Remote - US
At Segment, we believe companies should be able to send their data wherever they want, whenever they want, with no fuss. Unfortunately, most product managers, analysts, and marketers spend too much time searching for the data they need, while engineers are stuck integrating the tools they want to use. Segment standardizes and streamlines data infrastructure with a single platform that collects, unifies, and sends data to hundreds of business tools with the flip of a switch. That way, our customers can focus on building amazing products and personalized messages for their customers, letting us take care of the complexities of processing their customer data reliably at scale. We’re in the running to power the entire customer data ecosystem, and we need the best people to take the market.
As a Cloud Security Engineer at Segment, you’ll be partnering with various engineering teams to develop and implement a comprehensive, multi-year cloud security roadmap to ensure Segment is consistently exceeding the expectations of our customers. You’ll also be responsible for enabling the engineering teams to move fast without sacrificing security by providing mentorship, risk tradeoffs, developing usable tooling and other controls through software. Security is the most important thing happening in engineering, and will always have strong support and high internal visibility by company leadership.
Who we are:
We’re a small team of experienced security engineers with diverse technical and non-technical backgrounds. We’re a passionate group of individuals who enjoy challenging traditional, prescriptive security techniques of the past and adapting or creating them to work with Segment’s modern development technologies and practices. We talk about our methods and accomplishments in public blogs, at conferences, and in presentations. If you want to be this kind of security person and work with a team that's like you, to create innovative security solutions for distributed systems and architecture, we'd love to hear about your approach and introduce you to our team.
A little more about our team:
- We said goodbye to our bastions
- We removed long lived access to our AWS accounts
- We scaled our security services with AWS organizations
- We trained our engineers how to perform their own threat model
- We talked about monitoring your ephemeral infrastructure with osquery at QueryCon
- We discussed our overall approach to our security engineering program at LASCON
- Our CISO’s approach to Building a Security Team and Program
- We deleted every employees’ AWS keys!
- We help organize the OWASP SF chapter, the AppSec California, B-Sides SF, and Day of Shecurity conferences
What we do:
- We treat usable security controls as a fundamental engineering problem and build software and process based solutions to solve it
- We regularly embed with other engineering teams to secure their most ambitious projects such as Segment Functions.
- We value and actively foster a strong security culture here at Segment. We cannot truly push Security left unless our engineers understand why security is important.
- We’re proud of the code we write, and believe we can build automation to enable our engineers to be secure and remain productive.
Who we are looking for:
- You are regularly able to convert highly ambiguous and systemic cloud-security problems into a actionable, clear, and impactful roadmaps
- You are hands-on, you write software, and you can articulate prioritized, actionable security work for Engineering and you to accomplish together
- You have a strong history of improving the security posture at your previous companies through high impact and cross functional projects.
- You have experience consistently and sustainably raising the security bar with your engineering peers
- You're focused, driven and can get challenging projects across the finish line.
- You're empathetic, patient and love to help your teammates grow.
- You understand a broad range of security technologies and how they work, not necessarily all of the details.
- Bonus: GCP Cloud Security and IaC experience
What You Get Out of It:
- A welcoming and collaborative environment with people who love security
- Mentoring and support to work on the things that are important to you
- The opportunity to give back to the security community through open-source projects, blogging, conference talks, etc.
- The ability to contribute to building a new platform to enable the holy grail of customer data — the single view of the customer.
Projects We’re Working On:
- Embedding on mission-critical projects right from the start, to work side-by-side with Eng to prevent security problems from even existing
- Automated monitoring and remediation of security issues in Segment’s massive AWS, GCP and Kubernetes environments
- Previously, we used Okta and Terraform to delete all employee AWS keys and better manage our AWS multi-account strategy.
- Scaling our security controls on multi-account with AWS organizations.
- You have 8+ years of engineering experience in a production-cloud environment.
- You’re a capable subject-matter expert on security issues and technologies.
- You have working knowledge of service-oriented architectures and software development, as well as experience with different tools and technologies fit for a cloud environment.
- You’ve practiced your CloudSec craft most recently in cloud datacenters and with container technology, and you have experience in at least one of AWS, GCP or Kubernetes
- You are excited to work across the stack on different security challenges and initiatives
Segment is an equal opportunity employer. We believe that everyone should receive equal consideration and treatment in all terms and conditions of employment regardless of sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, race, color, religion, creed, national origin, ancestry, age (over 40), physical disability, mental disability, medical condition, genetic information, marital status, domestic partner status, military or veteran status, height, weight, AIDS/HIV status, and any other protected category under federal, state or local law. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
About us (Twilio):
Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.
In accordance with applicable law, the following represents Twilio's reasonable estimate of the range of possible compensation for this role if hired in Colorado. Please note that this information is provided for those hired in Colorado only, and this role is open to candidates outside of Colorado as well.
$146,240 - $182,800
Rest of Colorado:
$127,960 - $159,950
Additionally, this role is eligible to participate in Twilio's equity plan.
An overview of Twilio’s benefits offered is listed below:
Twilio is committed to delivering a comprehensive benefits program that provides support needed for you and your loved ones. It’s likely that you don’t think about benefits every day; however, they are an important component of your total compensation, and we want you to understand the options available to you so that you can make the most of your benefit dollars. At the time of this posting, this role is eligible to participate in the following benefits, which Twilio reserves the right to modify at any time for any reason in accordance with applicable law:
Healthcare Insurance and Leave
- Prescription Drug
- Flexible Spending and Health Savings Accounts
- Leave programs for all of life’s moments: maternity, parental/bonding, as well medical leave to care for yourself or a loved one
- Short and Long Term Disability Insurance
- Life and Accidental Death & Dismemberment Insurance
- 401(k) Retirement Savings Plan with a match
Reimbursement Programs & Stipends
- $65 per month work-from-home stipend
- Up to $50 per month for wellness expenses and activities
- Up to $30 per month to use towards books
Explore more DevOps, Cloud and SRE career opportunities
- Open Sr. DevOps Engineer Jobs
- Open Manager of DevOps & Engineering Infrastructure Jobs
- Open Linux Infrastructure Developer Jobs
- Open Staff, Product Manager - Global Infrastructure Jobs
- Open Site Reliability Engineer II Jobs
- Open Senior Software Engineer - Site Reliability - Toronto Hub Jobs
- Open Automation Engineer Jobs
- Open Senior Test Automation Engineer Jobs
- Open Senior Automation Engineer Jobs
- Open Reliability Engineer Jobs
- Open Sr. Site Reliability Engineer Jobs
- Open Lead Site Reliability Engineer Jobs
- Open Data Platform Engineer Jobs
- Open Senior DevOps Engineer - Pleasanton Hub Jobs
- Open Principal Cloud Architect Jobs
- Open Cloud Security Engineer Jobs
- Open DevOps Infrastructure Engineer Jobs
- Open DevOps Security Engineer Jobs
- Open Senior DevOps Engineer - New York Hub Jobs
- Open Senior Software Engineer, DevOps Jobs
- Open Senior DevOps Engineer - Boston Hub Jobs
- Open Staff DevOps Engineer Jobs
- Open Staff Software Engineer (L4), Segment Infrastructure Jobs
- Open Data Infrastructure Engineer Jobs
- Open QA Automation Engineer - Workforce Engagement Management Jobs
- Open Kafka-related jobs
- Open REST-related jobs
- Open Unix-related jobs
- Open CloudFormation-related jobs
- Open Prometheus-related jobs
- Open Elasticsearch-related jobs
- Open S3-related jobs
- Open Jira-related jobs
- Open PowerShell-related jobs
- Open Golang-related jobs
- Open Virtualization-related jobs
- Open High availability-related jobs
- Open TCP-related jobs
- Open EC2-related jobs
- Open VMware-related jobs
- Open JS-related jobs
- Open Redis-related jobs
- Open MongoDB-related jobs
- Open TCP/IP-related jobs
- Open Node-related jobs
- Open Grafana-related jobs
- Open Gitlab-related jobs
- Open PostgreSQL-related jobs
- Open NoSQL-related jobs