Security is of paramount importance at mParticle and is baked into everything we do. We are looking for a highly skilled Security Engineer to help us continue to iterate and innovate quickly while maintaining the highest standards of security.
Our clients include marketing and engineering functions for some of the largest mobile apps and sites in the world and our platform processes nearly one third of the world’s smartphone traffic.
We value both breadth and depth of knowledge and you will have the ability to influence every area of our security posture. Our ideal candidate will have well-rounded security knowledge, strong software engineering skills, and an ability to think both defensively and offensively.
What you'll do:
- Be a security subject matter expert across the business
- Collaborate with other engineers in security code reviews to identify and fix issues in our applications
- Develop tooling to automate manual security processes
- Lead security-related projects from inception to successful completion
- Perform hands-on internal assessments of both the mParticle platform and our cloud infrastructure
- Provide effective incident response, remediation, and forensics services when required
- Assist the compliance team to ensure continued compliance with SOC 2 and ISO 27001
You should have:
- Minimum of two (2) years prior experience in a security engineering role or as a penetration tester
- Solid understanding of the OWASP Top 10 such as SQLi, XSS, CSRF, and business logic flaws across large code bases
- Strong knowledge of cryptography principles and authentication infrastructure (e.g. SAML, oAuth)
- Experience with securing and monitoring AWS or similar cloud environment
- Performed hands-on security threat modeling, risk assessment, and operational security analysis
- Prepared and presented detailed, written and verbal technical information for both internal and external audiences
- Security assessment experience, penetration testing, incident response, forensics, network traffic analysis either internally or as a consultant
- Experience with Security architecture and risk mitigation
- Cloud administration (configuration, patching, deployment, change management)
- Experience of having worked in an environment where DevOps principles are practiced
- Relevant industry certifications are a bonus (CISSP, SANS/GIAC, CompTIA, Microsoft, Linux, Cisco)
Founded in 2013, mParticle is the leading customer data platform that unlocks the full power of data for businesses. The company empowers brands to accelerate their growth strategy to keep pace with their customers by providing the most advanced data platform for web and apps across all devices in the marketplace. A trusted partner among renowned brands such as NBC Universal, Spotify and Airbnb among many others, the mParticle platform has grown to manage over 1 billion mobile users each month, capturing over $5 billion in e-commerce transactions and processes over 250 billion API calls. Recognized as one of Crain’s 100 Best Places to Work three years in a row and named to Gartner’s “Cool Vendors in Mobile App Development” list, mParticle has 100+ employees and is headquartered in New York City with offices in San Francisco, Seattle, Florida, and London.
Here at mParticle we embrace the differences that make us unique. We are dedicated to building an inclusive environment that fosters respect and celebrates an array of backgrounds and perspectives.
Employment opportunities are available to all applicants without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.