Software Engineer, Security - New York, NY

Posted 13 Hours Ago
Be an Early Applicant
New York, NY
Hybrid
174K Annually
3-5 Years Experience
Cloud • Software • Database
Our mission is to enable every developer to build world-changing applications.
The Role
The Software Engineer, Security role involves working with various teams to enhance cloud security. The candidate will design and automate fault-tolerant security solutions, guide teams on security practices, and contribute to improving the company's security posture. Responsibilities include managing security risks, participating in incident response, and influencing product development based on security needs.
Summary Generated by Built In

Databases are the beating heart of every business in the world.

Cockroach Labs is the creator of CockroachDB, the most highly evolved cloud-native, distributed SQL database on the planet that scales fast, survives anything, and thrives anywhere. We created CockroachDB to unshackle teams from the constraints of their database. Join us on our mission to simplify how businesses build and operate world-changing applications!

About the Role

Cockroach Labs is looking for passionate individuals to support our cloud security efforts. This is a hands-on role where you’ll be working with different teams across the company on a variety of technical projects related to the security of our infrastructure and cloud solution. We are looking for creative individuals, capable of combining software and systems engineering to design, develop, and automate fault-tolerant security solutions. A successful candidate will combine the technical know-how with an empathetic and compassionate approach to engaging with the product and engineering teams across Cockroach Labs. 

In this role, you’ll join a small but growing platform infrastructure security team, using your experience and skills to significantly influence the culture and practices for security engineering at Cockroach Labs.

You Will

  • Provide guidance to leadership, engineering teams, and product teams, on security related topics.
  • Design solutions to complex security problems, while balancing organizational needs and priorities.
  • Leverage security based subject matter expertise to mature the capabilities of the  security team at Cockroach Labs.
  • Define and evangelize security and vulnerability management practices within Cockroach Labs.
  • Support the ongoing process to mature the Cockroach Labs security posture, tooling, process, and overall capabilities, focusing on highly scalable and resilient security systems.
  • Act with compassion and empathy while engaging with the product and engineering teams to further the security posture of the company.
  • Influence product and engineering product feature and function decisions based on security needs of the company.
  • Support the ongoing process to pay down technical debt and reduce technical risk exposure as it relates to security risks.
  • Bring expertise in the field of cloud security in relation to AWS, GCP, and Azure cloud domains.
  • Participate in on-call rotation for security incident response process.
  • Support Cockroach Labs engineering infrastructure security through:

Expectations

In your first 30 days, you will become an integrated member of our engineering team. You’ll become familiar with our production systems, software development workflow, and application architecture for CockroachDB and CockroachCloud. We believe that it's essential for you to take this first month to become familiar with our technology and our company.

In your second month, you’ll focus on gaining familiarity with our security challenges, focusing on security challenges in both our cloud solution as well as in our overall system architecture and infrastructure. You’ll contribute to our engineering team security culture by preparing a security-focused presentation to the engineering team.

In your third month, you’ll become a point person for a major security project, taking direct ownership of a key solution and being a partner with the larger security and engineering organization to drive the project forward.

You Have

  • The qualifications below are ideal, but not all required. We strongly encourage candidates who do not have all the qualifications listed below to apply.

    • Previous experience (7+ years) in security architecture, security engineering, application security, systems engineering, or site reliability engineering (SRE)
    • 2+ years of experience in a security architect role
    • 3+ years of experience in Threat modeling, system risk assessment, or system safety thinking (e.g. STAMP/STPA)
    • 2+ years of experience with information security related compliance frameworks (PCI, SOC, FedRamp, ISO, GDPR, etc.)
    • Hands-on experience with AWS, Azure, or GCP, ideally with a focus on securing public cloud environments
    • Overseen a vulnerability management program to proactively identify, classify, remediate, and mitigate vulnerabilities.
    • Hands-on experience with open-source security (OSS), static application security testing, and dynamic application security testing tools.
    • Knowledge of Kubernetes, HashiCorp suite of tools, infrastructure-as-code (IaC), or alternate cloud or CI/CD platform tooling
    • Solid understanding of networking concepts and cloud security best practices
    • Knowledge of application security and common application security vulnerabilities such as OWASP Top 10
    • The desire and capability to take a structured approach to solving large scale, complex problems
    • The ability to take a caring and empathetic approach to relationship building and problem solving

The Team

Reporting to Adam Brennick - Director of Security, Risk, and Compliance

Adam Brennick has a diverse background, having supported security and compliance efforts across companies in multiple industries. Prior to his security and compliance-focused work, he held program manager, project manager, and IT manager roles at larger organizations, including MobileIron, IGT, Flex, and Dell. When he is not working on securing Cockroach Labs, Adam enjoys spending time with his two young kids, golfing, and playing retro video games.

Reporting to Mike Geehan - Senior Director of Engineering

Mike Geehan is responsible for the safety and security of CockroachDB Cloud and surrounding infrastructure. Mike joined Cockroach Labs from a DC based start-up, and prior to that spent time in larger tech companies in a wide range of roles. Mike is focused on team development. Enabling and growing his team is paramount to the success of the team, and hence the business as a whole. Mike is based in Houston, Texas, and outside of work is focused on his family, his bikes, and in getting a cycling related non-profit organization off the ground.

Our Benefits

  • Competitive Health Insurance Coverage (for you & your dependents!)
  • Paid Parental Leave (with baby bucks)
  • Flexible PTO 
  • Learning & Development Budget
  • Relocation Support (as applicable)

Cockroach Labs is proud to be an Equal Opportunity Employer building a diverse and inclusive workforce. If you need additional accommodations to feel comfortable during your interview process, please email us at [email protected].

The annual anticipated base salary range for U.S. candidates for this role is USD $174,000 to $230,000, plus commission if a sales role. We set standard ranges for all U.S.-based roles based on function, level, and geographic location, benchmarked against similar stage growth companies. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location.  Actual salaries may vary and fall outside of this range depending on factors such as a candidate’s qualifications, geographic location, skills, experience, and competencies. In addition, we are often open to a wide variety of profiles, and recognize that the person we hire may be less experienced (or more senior) than this job description as posted. Salary is one component of the Cockroach Labs’ total rewards package, which includes stock options, health insurance, life and disability insurance, funds towards professional development resources, flexible PTO, paid holidays, and parental leave, to name a few! Salaries for candidates outside the U.S. will vary based on local compensation structures.

Top Skills

Software Engineering
The Company
New York, NY
450 Employees
Hybrid Workplace
Year Founded: 2015

What We Do

Named after resilience and continuity, Cockroach Labs is the creator of CockroachDB, the planet's most highly evolved cloud-native, distributed SQL database. The goal is simple: to enable companies of all sizes across the world to build mission-critical apps and scale fast, survive anything, and thrive anywhere. Currently, CockroachDB is deployed at some of the world's top enterprises including Bose, Comcast, Netflix, and some of the largest names in banking, retail, and media.

Cockroach Labs was founded by a dedicated team of engineers and is backed by seasoned investors including Altimeter, Benchmark, GV, Firstmark, Index Ventures, Redpoint Ventures, Sequoia Capital, Tiger Capital, and Workbench.

Why Work With Us

Maintaining a human-centered culture has been a top priority at Cockroach Labs since day one. Even as we grow, we remain focused on building diverse, inclusive spaces that inspire innovation and creating opportunities to connect while encouraging employees to find their own unique balance of personal & professional commitments.

Gallery

Gallery

Similar Companies Hiring

Alchemy Thumbnail
Web3 • Software • Information Technology • Cryptocurrency • Blockchain
New York, NY
200 Employees
Spark Advisors Thumbnail
Software • Sales • Other • Insurance • Healthtech
New York City, NY
80 Employees
bet365 Thumbnail
Software • Gaming • eSports • Digital Media • Automation
New York, NY
6100 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account