Product Security Engineer - Distributed US
Databases are the beating heart of every business in the world.
Cockroach Labs is the team behind CockroachDB, an open source, distributed SQL database. We aim to build infrastructure that keeps pace with the world, so developers can focus on what matters most: building the best products. Join us on our mission to Make Data Easy. Are you ready to aim high and build to last?
About the Role
Cockroach Labs is looking for a passionate and experienced individual to help our security efforts. This is a hands-on and multi-functional role where you’ll be working with different teams across the company on a variety of projects related to security -- including software development, SRE, and infrastructure teams.
This position is a mix of application and infrastructure security, working with our database and cloud engineering teams to improve the security of the CockroachCloud product and CockroachCloud security operations.
In this role, you’ll also have an opportunity to make a significant impact by helping establish the culture and practices for security engineering at Cockroach Labs.
You Will
- Configure and monitor internal security event logging systems, including ongoing management of alerts
- Conduct CockroachCloud incident response and investigation
- Deploy and manage static analysis tools and other vulnerability management tools
- Work with the security team to provide response and remediation for operational security incidents
Expectations
In your first 30 days, you will become an integrated member of our engineering team. You’ll become familiar with our production systems, software development workflow, and application architecture for CockroachDB and CockroachCloud. We believe that it's essential for you to take this first month to become familiar with our technology and our company.
In your second month, you’ll become a point person for an area of our security program and become fully integrated into our day to day security operations. You’ll take ownership of the response and resolution of security incidents.
In your third month, you’ll focus on gaining familiarity with our security roadmap and roadmap for security features in CockroachDB/CockroachCloud and will start contributing to development and monitoring of our security event logging system in addition to other security projects.
You Have
- Significant previous experience (3+ years) in an application or cloud security role
- 2+ years of experience in a software development role OR in a production operations role
- 1+ years of hands-on experience with AWS or GCP
- Deep understanding of networking concepts and cloud security best practices
- Working knowledge of application security and common application security vulnerabilities such as OWASP Top 10
The Team
Reporting to Ken Liu - Director of Engineering
Ken Liu is an experienced engineering leader, having managed engineering teams at several high-growth startups in NYC over the past 6 years. Prior, he worked in various industries as a software engineer including Novartis Pharmaceuticals, IEEE, and BMW. In his free time, he spends most of his energy keeping up with his two kids but occasionally likes to relive the 90s by rollerblading.
Benefits
- 100% health insurance coverage (for you and your dependents!)
- Paid parental leave (with baby bucks)
- Flex Fridays
- Flexible time off & flexible hours
- Education reimbursement
- Relocation support
Cockroach Labs is proud to be an Equal Opportunity Employer building a diverse and inclusive workforce. If you need additional accommodations to feel comfortable during your interview process, please email us at [email protected].