As a Staff Product Security Engineer you will partner with different stakeholders across the organization to secure our cloud infrastructure, improve our secdevops function, and complete secure design reviews for our products . We work closely with engineers across various domains of the Pinecone infrastructure, driving a culture of empowering engineers to have strong security ownership of their products and services through the development of security resources and tools that help promote a secure by default model. Not only will you partner with engineering teams to identify security risks that can impact our overall security posture, we work alongside them and collaborate to develop security solutions and standards to mitigate these risks to our customers and their data. 

As pinecone grows, this role will eventually lead the Product Security Engineering department and function as the backup for the head of security.

What You’ll Do

• Solve our most challenging security problems in cloud, code, and system design.

• Discover the top security challenges we face and partner with teams across the company to be hands-on in implementing your security recommendations.

• Empathize with the full spectrum of our customers and our engineers by advocating for effective solutions that scale with the needs of our business and our customers. 

• Build security controls that detect, prevent, and correct cloud, infrastructure, and code vulnerabilities in our complex and challenging environment.

What you’ll need

• Strong Experience with administration and securing of one or more cloud environments (Google Cloud Platform, AWS, Azure)

• Clear understanding of cloud computing services/deployment architecture and infrastructure as code

• Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies or development of new products and their features

• Ability to communicate ideas and proposals concisely, both verbally and written, to senior staff members

• Experience Implementing SecDevOps across Organizations

• Container (Kubernetes/Docker) and service mesh (istio, linkerd) experience

• Experience with software vulnerabilities, how CVEs are reported, and how they relate to specific system packages and remediations

• Fluent in one or more Programming skills

• A wealth of experience with information security standards & methodologies

• Ability to distill complex security problems and drive toward creative solutions

• Strong organizational and relationship skills

Bonus Points if you have

• Exposure to machine learning applications

• Familiarity with SOC2, NIST, and ISO standards

• CISSP Certification

• Web server/client architecture and implementation experience (OpenAPI/Swagger, gRPC)