Full-Time Principal Security Engineer
Job Description
THE CHALLENGE
Eventbrite is the leading global ticketing and event technology platform, powering over five million live experiences and 300 million tickets every year. We empower creators of events of all shapes and sizes – from music festivals, experiential yoga, political rallies to gaming competitions –– by providing them the tools and resources they need to seamlessly plan, promote, and produce live experiences around the world. While being a senior security leader, you’ll be leading the security requirements, standards and guidelines for the product and engineering organizations. You will establish the framework around security best practices that sets the foundation for the most complex and business-critical areas of the Eventbrite tech stack.
THE TEAM
The Security Team provides governance, operations, engineering, and technical support throughout the organization. The team works closely with all departments to ensure security measures are operating effectively and that risk is being managed appropriately. We are responsible for data and product security, compliance, back office security, and business enablement. Our goal is to ensure security is operating at the highest levels while unlocking the business to move faster.
THE ROLE
As part of the Security Team, you will lead the product security efforts around our platform with a focus on infrastructure/cloud, and secure development practices. In this position, you will be working closely with development and engineering teams to ensure the highest level of security standards are being met. In addition, you will bring a secure development lifecycle mindset that will establish foundational security requirements for the teams to consume. Lastly, in this role, you will be a trusted security advisor to both product and engineering teams and develop technical white papers, standards and guidelines, and other technical documentation where needed. As a leader in the security space, you will help inspire, mentor, and lead by example as we strive to make a positive impact on our customers and the business.
THE SKILLSET
- 7+ years of experience building applications at scale in at least one popular programming language, such as Python, Java, Kotlin, Go, Rust, Ruby, etc
- Extensive security experience with cloud services in AWS, including establishing Control Tower type governance
- Experience securing microservices and/or Service Oriented Architecture
- You have experience with securing container environments like Docker
- Experience securing APIs, both internal service and HTTP APIs
- Experience securing CI\CD pipelines.
- Experience with SAST, DAST, and IAST-type code scanning & automation
- Experience developing metrics and insights to help drive remediation
- Extensive experience with vulnerability management and remediation lifecycles, working closely with development teams to remediation issues
- Experience with WAF, IPS, IAM, DLP, endpoint, logging, key & configuration management technologies
- Experience improving security/engineering standards, tooling, and processes
- You enjoy mentoring and teaching colleagues at all levels, while also learning from them
- Expertise with infrastructure provisioning tools like CloudFormation, Terraform, Chef, Puppet, or others
- Familiarity with continuous integration tools like Jenkins or CircleCI
- Ability to take initiative and produce results with great communication and collaboration skills – we put a lot of emphasis on being team players
How to Apply
https://www.eventbritecareers.com/jobs/principal-security-engineer-remote-united-states-a762c67d-ada2-464e-a2a8-6b1db8b57d0353 total views, 0 today