Senior Security Engineer - Vulnerability & Infrastructure at Rokt

Information Technology and Services, Engineering, Full-time, Sydney, New South Wales, Australia sydney engineering full-time
Description
Posted 1 months ago

Who we are

Rokt makes e-commerce smarter, faster, and better. When customers are buying online, they increasingly expect more personalized and relevant experiences. Rokt uses real-time data and decisioning to deliver the next best action for each person in each Transaction Moment™. Founded in Sydney in 2012, Rokt now operates in the US, Canada, UK, France, Germany, Australia, New Zealand, Singapore, The Netherlands, Spain, and Japan. Our clients include Live Nation, Staples, Groupon, GoDaddy, Expedia, Wells Fargo, Vistaprint, and HelloFresh. Rokt unlocks the hidden potential in every single Transaction Moment™.

With an annual revenue run rate of USD$150m+ and a vibrant company culture, Rokt was recently listed in Built In NYC's ‘Best Places to Work’ in New York. Our award-winning culture is guided by our four core values: Smart with Humility, Customer Obsessed, Conquer New Frontiers, and Enjoy the Ride. These values help us recruit, retain, and promote the right talent around the globe and ensure we have the right conditions to do our best work. Rokt closed our Series C in 2019, raising US$48m from TDM Growth Partners and existing investors. The investment supports our continued investment in research and development.

We are profitable, growing fast, and having fun transforming the world of e-commerce.

Learn more at rokt.com.

Requirements

About the role:

The security team is a dedicated team with the goal of ensuring that every user and their information is protected; Rokt’s platform and services are secure; and security best practices are promoted across the entire company.

As part of the team you will be able to collaborate on the definition of security guidelines and practices at Rokt, as well as advising our Security Champions on Secure SDLC best practices. Working closely with our SRE team, we develop tooling to prevent insecure code being released into our operating environments, as well as detection of configuration non-conformances and IoCs.

Outcomes & responsibilities:

Day-to-day responsibilities include:

  • Hardening our containers, servers, and networks against exploitation and privilege escalation.
  • Provide subject matter expertise on security requirements for certifications like ISO 27001, SOC2, PCI DSS.
  • Instrument systems and networks to enable rapid detection of and response to outliers, intrusions and abuse.
  • Implement security tests and practices inside Continuous Delivery/Continuous Integration environments.
  • Develop security tooling for detection and prevention.

In addition, you will be expected to:

  • Advise our Security Champions on Secure SDLC best practices.
  • Contribute to improving security guidelines and practices.
  • Mentor and develop junior team members.

Capabilities & requirements:

  • Strong understanding of software engineering principles. Development experience with Python or another general purpose programming language.
  • A security generalist background with experience in application security, encryption, hardening, cloud security and compliance.
  • Be motivated, self-driven in a fast (we truly mean fast) paced environment with a proven track record demonstrating impact across several teams, organisations and/or security areas.
  • Demonstrated experience with implementing security tests and practices inside Continuous Delivery/Continuous Integration environments.
  • Solid foundational knowledge of technologies around network security including Linux, PKI, DNS, load balancing, IPSec, TLS and HTTP.
  • BS degree in Computer Science, similar technical field of study or equivalent practical experience.

Benefits

  • Work with the greatest talent in town. Our recruiting process is tough. We hold a high bar because we have a high performing culture - we only want the brightest and the best.
  • Join a community. We believe the best things happen when we come together to solve complex problems and make meaningful connections with each other through interest groups, sports clubs, and social events.
  • Accelerate your career. Develop through our global training events, ‘Level Up’ investment, online training courses and our fantastic people leaders. Take your career to Rokt’speed - the average time between promotions is 12 months.
  • Take a break. When you work hard, we know you also need to rest. We offer generous time off and parental leave policies. We also offer a paid Rokt’star Sabbatical for employees who have been with us 3 years or more.
  • Stay happy and healthy. Enjoy catered lunch 3 times a week and healthy snacks in the office. Plus, join the gym on us! Access generous retirement plans like a 4% dollar-for-dollar 401K matching plan in the US. In the US, get fully funded premium health insurance for your whole family.
  • Become a shareholder. All Rokt’stars have stock options. If we succeed, everyone gets to enjoy the upside.
  • See the world! Along with our global all-staff events in amazing locations (Phuket, Thailand in January 2020), we also offer generous relocation packages for those interested in moving to another Rokt office. We have cool offices in great cities - Tokyo, New York, Singapore, Boston, Sydney.
  • We believe in equality. Rokt is an Equal Opportunity Employer and recognizes that a diverse workforce is crucial to our success as a business. We would love to hear from you - irrespective of socio-economic status or background, age, gender identity, race, religion, sexual orientation, color, pregnancy, carer/family responsibilities, national and social origin, political opinion, marital, veteran, or disability status.