Staff Security Engineer, Platform Engineering
What do we do?
At Teachers Pay Teachers (TpT), we’re unlocking the power of educator-created content. TpT gives educators access to a trusted, one-of-a-kind community. We are the world’s first marketplace of our kind and founded by a teacher, for teachers as the go-to platform for teacher-created content for nearly 15 years. We are currently serving more than 7.5 million users and more than 85% of U.S. teachers. TpT is focused on building the next generation of e-learning experiences for millions of students and teachers across the world. If you haven’t heard of TpT yet and want to learn more, just ask any teacher!
Who we are looking for:
We’re a team of good people doing great things. We listen first. We love our work. And we are all teachers and learners in whatever we do. We believe that productivity is never an accident. It’s the result of a commitment to excellence, intelligent planning, passionate teamwork, and focused effort. We want every day to be fun and to matter.
Role:
As a Staff Security Engineer, you will be a force multiplier, enabling our teams to build safe and secure products for educators globally. In this role you will partner closely with teams that are rapidly iterating on our portfolio of products by developing the tools, patterns, frameworks and best practices that will enable us to deliver first-class data privacy and security in our products. As an expert in securing technical systems, you will also be called upon to provide valuable input into the selection, use and governance of internal systems and tools.
As part of this role you will work closely with senior leaders to iterate on a technical security strategy, define success criteria, and implement solutions - all while we continue to grow and scale our team and products.
Responsibilities:
- Responsible for setting a clear technical security strategy and roadmap that takes into account TpT’s strategic direction and minimizes the overall cost of our security program
- Spearhead the implementation of technical controls and develop the tools, libraries, frameworks and best practices that will allow TpT engineers to build secure products at scale
- Own engineering-wide programs, such as periodic penetration testing, vulnerability management or bug bounty programs
- Provide an expert voice in prioritization discussions to ensure risks are adequately managed
- Contribute to and lead conversations about system design and architecture
- Track internal and external risks and trends to keep TpTers abreast of new developments, and translate this awareness into actionable plans for TpT’s security roadmap
- Train and mentor engineers on web application security best practices and techniques
- Lead security incident response and recovery
- Define technical requirements based on our security obligations as well as from regulations including COPPA, FERPA and PCI. Guide our Engineering teams on how to best meet those requirements
- Ensure security and regulatory requirements are met, and that there is appropriate follow-through on security incidents and events
- Evaluate vendors and software to ensure they meet our security and data privacy standards
Qualifications:
- At least 8+ years of relevant experience
- Experience building and architecting secure services at scale
- Experience with secure coding practices
- Track record of using qualitative and quantitative data to prioritize and drive decision-making
- Strong knowledge of potential web application security, including vulnerabilities and their mitigations
- Ability to communicate risks effectively with candor and empathy
- Experience with technologies we use in our stack including Kubernetes, Docker, Terraform, Chef, Node.js, React, AWS
Extra credit for experience with:
- OSS Contributor
- Knowledge of Ed-Tech
Benefits & Perks:
At TpT, we believe the positive experience of employees is essential to growth, both individually and collectively. To achieve our mission of ‘Empowering Educators to Teach at Their Best,’ we must also empower the members of our TpT Team to work at their best. To that end, two of our core company values are “We Learn and Grow Together” and “We Enjoy the Journey.” We’ve committed to these values and to our employees through investing in added benefits and perks:
- Comprehensive Medical, Vision & Dental Benefits
- Free Telemedicine Membership - 24/7 access to trusted medical advisors
- Generous PTO and Wellness Days
- 5 Week “Recharge Leave” after 5 Years, to refresh and celebrate the impact you’ve had at TpT
- Generous Parental Leave (for new parents) for time to adjust to parenthood, plus additional six weeks for the birth parent
- Onsite Mother’s Room
- ‘Employee Resource Groups’ (ERGs) to promote employee inclusivity and belonging
- Engineering Learning Fridays (ELF), to provide a space each week for Engineering teams to collaborate and learn from each other
- ‘Professional Development’ Stipend, to support the professional growth of employees (including - but not limited to - subscriptions, books, lectures, etc.)
- Annual Company Events (Camp TpT, Field Day, Hackathons, Holiday Party, Summer Picnic, Classroom Visits, etc.)
Here at TpT we value Diversity & Inclusion and encourage people to bring their most authentic selves to work. We cultivate an environment where people are recognized and celebrated for their individuality.
Any TpT applicant who requires reasonable accommodations during the interview process should contact the TpT People Ops Team ([email protected]) to make the need for an accommodation known.
Finally, if you’re a California resident, California law requires that we provide you notice about the collection and use of your personal information. We encourage you to read it carefully. You can find our full notice here.