Lead Security Engineer
Remote · United States
Posted on Thursday, September 7, 2023
At Tecton, we are on a mission to bring Machine Learning to every customer and product interaction on the planet. We build an enterprise-grade, world-class Feature Platform – the infrastructure that powers real-time ML applications and systems in production.
Tecton’s founders developed the first Feature Store when they created Uber’s Michelangelo ML platform, and we’re now bringing those same capabilities to every organization in the world.
Tecton is funded by Sequoia Capital, Andreessen Horowitz, and Kleiner Perkins, along with strategic investments from Snowflake and Databricks. We have a fast-growing team that’s distributed around the world, with offices in San Francisco and New York City. Our team has years of experience building and operating business-critical machine learning systems at leading tech companies like Uber, Google, Meta, Airbnb, Lyft, and Twitter.
This is a foundational zero-to-one role within the Infrastructure Engineering team. You will own and drive Tecton’s security investments to the next level to provide a reliable, secure, high-performing, and scalable feature platform for our customers across AWS and Google Cloud.
- Lead and drive security projects from idea formulation, to design through implementation, partnering with engineering and cross-functional teams.
- Partner with pre- and post-sales teams on sensitive security engagements with customers and prospects, communicating directly with customers as needed.
- Design and operate scalable processes to provision cloud access and maintain the principle of least privilege across all infrastructure from deployment through to operation.
- Partner closely with product and compliance teams to define and execute security strategies for the Tecton platform.
- Perform internal architectural and design reviews through a security lens and provide timely, actionable requirements and recommendations.
- Establish security capabilities and controls to diminish security risks and meet security and compliance requirements.
- Design controls and processes to respond to potential security incidents or risks and develop mitigation solutions.
- Evaluate existing and new security technologies and products to improve overall security compliance.
- 5+ years of experience in cloud security, DevSecOps, or similar role with automation focus.
- Tech lead experience. Engineering management experience is nice-to-have.
- Strong hands-on skills. Can drill deep into the complex system design and implementation when needed.
- Experience with industry-standard security practices such as SOC 2, ISO 27001, PCI penetration testing, etc.
- Experience with infrastructure-as-code tools such as Terraform, Ansible, and Puppet.
- Expertise with AWS and Google Cloud building and troubleshooting robust and secure networks.
- Experience with container orchestration, such as Kubernetes.
- Knowledgeable in logging, monitoring, and alerting tools (Prometheus, ELK, Chronosphere, Datadog, etc.)
- Fluent in one or more programming languages such as Python or Golang.
- Experience with identity management including infrastructure access and SSO.
- Experience with penetration testing and API hardening.
- Knowledge of industry-standard security concepts and protocols like SAML, SCIM, OAuth, RBAC, and cryptography.
Tecton values diversity and is an equal opportunity employer committed to creating an inclusive environment for all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other applicable legally protected characteristics. If you would like to request any accommodations from the application through to the interview, please contact us at firstname.lastname@example.org.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.