Senior Security Engineer

About the Role

As part of Lattice's SRE team, you will focus on security and privacy engineering for components of our services with an emphasis on threats from all sources. You will collaborate with our product engineers to improve their development experience and the resiliency of our application code. Hopefully you are someone who is a humble expert with a sense of urgency. Our SRE team is really looking for someone that is skilled at taking complex topics and making them simple paired with a team focus and ability to work in a matrixed organization.  

What you'll do 

As our first Lead Security Engineer, you will be responsible for establishing SecOps best practices as a new discipline for our engineering organization, identifying opportunities and obstacles to ensuring infrastructure and application security, and defining our roadmap for making the necessary investments. Success in this role includes charting the path forward for Lattice’s security needs throughout the SDLC. You’ll have a large amount of autonomy and an ability to make a significant impact in a successful, growing startup!

Improve automation of product security testing

Evaluation and implementation of new technologies, tools and programs that impact security and engineering

Help implementing security related features into the product

Review and alter software development processes with stakeholders to address security and compliance requirements

Interpret security tools and penetration testing results and describe issues and fixes to developers

Provide vulnerability remediation guidance and mentoring to software engineers

Support privacy impact analyses for new product features

Develop company wide security projects to discover security defects in source code, dependencies, and/or other artifacts

Qualifications 

There’s no such thing as a perfect candidate. We expect you to possess some combination of the following:

5+ years of experience in application security or related fields

Ability to communicate effectively with business representatives in explaining security topics clearly

Experience with Cloud and virtualized technology in environments such as AWS or GCP

Ability to explain vulnerabilities and weaknesses in the OWASP Top 10 to any audience, and be aware of effective defensive techniques

Deep understanding of common web protocols and components (node.js, databases)

Deep understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML, and AWS IAM

Familiarity with dynamic and static analysis tools

Deep understanding of continuous integration / continuous deployment processes and tools

Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts

Why Lattice

We are rapidly growing across multiple dimensions, including our customer base, the scope of products we offer, and the size of the engineering team. Now is the opportune time for a strong candidate to join, take on outsized ownership, and continue to grow with us.

We invest in the personal and professional growth of every employee because we believe growth leads to both business impact and personal fulfillment

The opportunity to join an experienced and ambitious team that is passionate about solving customers’ needs and loves coming to work every day

Partner with 2,750+ companies around the world to make sure their employees are engaged and performing at a high level

A culture that encourages and promotes professional growth and development, with continuous learning reimbursements

Competitive salary, equity, and benefits

Hybrid work model with a mix of work from home and centrally located office

Flexible vacation/time-off policy

About Lattice 

Lattice is on a mission to build cultures where employees and their companies thrive. In an age where employees have more choice than ever before, businesses that put employees first are winning – and Lattice is building the tools to empower those people centric companies. Lattice is a people management platform that offers performance reviews, employee engagement surveys, real-time feedback, weekly check-ins, goal setting, and career planning in a way that allows companies to focus on employee development, growth, and engagement – yielding stronger employee retention, performance, and impact to the bottom line. Since launching in 2016 we have grown to over 3,100 customers globally, including brands like Slack, Pinterest, Reddit, and Asana.

---

Lattice is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Lattice is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.

By clicking the "Submit Application" button below, you consent to Lattice processing your personal information for the purpose of assessing your candidacy for this position in accordance with Lattice's Job Applicant Privacy Policy.