Security Engineer
Company: Foursquare
Location: Chicago
Posted on: June 26, 2022
Job Description:
Foursquare is the leading independent location technology and
data cloud platform, dedicated to building meaningful bridges
between digital spaces and physical places. Our proprietary
technology unlocks the most accurate, trustworthy location data in
the world, empowering businesses to answer key questions, uncover
hidden insights, improve customer experiences, and achieve better
business outcomes. A pioneer of the geo-location space,
Foursquare's location tech stack is being utilized by the world's
largest enterprises and most recognizable brands.Foursquare's
flexible building blocks include technology to maximize marketing
impact and drive incremental real-world engagement (Attribution,
Audience, Proximity, SDK); data to deeply understand points of
interest and real-world behavior patterns (Places and Visits), and
tools to conduct advanced analysis, data enrichment, unification
and visualization (Unfolded Studio).About The TeamFoursquare is
seeking an experienced Security Engineer to lead efforts and
implement solutions to keep our users' and customers' data private
and our systems secure.The Security team works with infrastructure
and feature engineering teams to identify and mitigate risks to the
business. We propose, design, plan and implement strategic and
tactical security improvements - from remote access systems for
employees, to authorization rules on our production fleet, to
forward-thinking policy initiatives. Our infrastructure and feature
engineering teams will be active and supportive partners, but the
Security Team organizes and leads these efforts across the entire
organization. We are trusted to stay one step ahead of malicious
actors in a rapidly-changing threat landscape.As part of the
Security Team, your work will be instrumental in ensuring both the
safeguarding of our users' data and Foursquare's future business
success.Our Tech Stack
- Languages: Java, Scala, Python, Clojure, Ruby
- Tools for pipeline orchestration: Airflow, Luigi
- Frameworks: Spark, MapReduce, Scalding, Spring Boot
- Infrastructure: AWS, Hadoop, Kubernetes, Docker
- Other technologies: Postgres, Hive, HBase,
MongoDBResponsibilities
- Propose, design, plan, and implement strategic and tactical
security improvements across the organization, including surfacing
non-obvious risks and attack surfaces.
- Organize and lead cross-team efforts with infrastructure and
engineering teams
- Mitigate security risks and attack surfaces using a combination
of policies and technological measures.
- Establish and promote security recommendations and best
practices, as well as provide security expertise across our entire
tech stack.
- Build security automation and guardrails using Test-Driven
Development, Infrastructure as Code, and serverless
frameworks.
- Respond to Security Events, including isolating, mitigating,
and investigating active threats. Conduct post-mortems to elevate
the security posture of the company.
- Advocate for the security culture of the organization,
including collaborating with stakeholders across the
company.Qualifications
- 3+ years of experience in security engineering
- 1+ years of experience in securing cloud environments
(preference to AWS) with a deep understanding of Identity and
Access Management
- Thorough understanding of common access control patterns
(especially RBAC), AuthN/AuthZ models, SSO standards (SAML 2.0,
OAuth)
- Experience developing and implementing employee remote access
policies and systems
- Working knowledge of network security with a focus on cloud
networking
- Strong written and verbal communication skills
- Solid background using Linux and *nix operating systems
- Proficiency in at least 1 programming or scripting language
(preference to Python or Java), with a strong emphasis on
Test-Driven DevelopmentNice To Have
- Security research, penetration testing, or other red team
experience
- Other cloud security experience (GCP, Azure, Oracle Cloud
etc.)
- Experience with container orchestration systems such as
Kubernetes
- Security incident response experience including real-time
mitigation of ongoing attacks
- Experience in designing, architecting, and deploying large
technical projects, with a focus on security
- Experience with Infrastructure as Code frameworks such as
Terraform or AWS CDK.
- Experience with serverless frameworks such as AWS Lambda.
- Proficiency in conducting security investigations, including
log forensics and preservation of evidence.
- Experience with understanding, predicting, and managing human
factor risks.Perks And Benefits
- Learning and development programs from individual contributors
to managers
- Individual, professional coaching for all full-time
employees
- Flexible time off - rest and recharge when you need it!
- Comprehensive and competitive health, vision, dental, life
insurance
- 401(k) with company match
- Home office setup: you get all necessary hardware and internet
reimbursement
- Family planning programs via Carrot and Maven
- Employee Resource Groups to help you stay connectedFoursquare
is proud to foster an inclusive environment that is free from
discrimination. We strongly believe in order to build the best
products, we need a diversity of perspectives and backgrounds. This
leads to a more delightful experience for our users and team
members. We value listening to every voice and we encourage
everyone to come be a part of building a company and products we
love.Foursquare is an Equal Opportunity Employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, sexual orientation, gender identity,
national origin, disability, protected Veteran status, or any other
characteristic protected by law.
Keywords: Foursquare, Chicago , Security Engineer, Engineering , Chicago, Illinois
Didn't find what you're looking for? Search again!
Loading more jobs...