Optimizely is the world's leader in customer experience optimization, allowing businesses to dramatically drive up the value of their digital products, commerce & campaigns through its best in class experimentation software platform. By replacing digital guesswork with evidence-based results, Optimizely enables product & marketing professionals to accelerate innovation, lower the risk of new features, & drive up the return on investment from digital by up to 10X. Over 26 of the Fortune 100 companies choose Optimizely to power their global digital experiences. Optimizely's impressive customer list includes eBay, FOX, IBM, The New York Times & many more global enterprises.
Security is in the foundation of over 3000 customers' trust in Optimizely. In this role, you will lead our software security program that facilitates security being baked into all of the products & infrastructure built at Optimizely. The responsibilities are a blend of security engineering, software engineering & project management. If you're a security engineer looking to get into a leadership position, this is a great opportunity for you to have impact across an entire engineering organization & build aworld-class software security program.
- Work with engineering teamsensure that security is baked in to everything we build at every step of the software development lifecycle
- Grow a culture of security in Engineering - we do fun things like security happy hours, pizza & t-shirts
- Maintain our software security awareness program & ensure 100% of engineers stay informed annually of top security risks & best practices
- Create security policy, standards, procedures & guidelines for engineering
- Perform security reviews of PRDs & technical design documents
- Measure & grow security maturity across engineering
- Triage security issues & provide recommended fixes
- Facilitate independent security assessments & penetration tests
- Evaluate new tools, processes, & frameworks; Drive adoption of the best ones
- Review & respond to new security threats
- Software engineering background at a SaaS company. You may not be coding often, but you will need to be comfortable reviewing & discussing code with software engineers
- Familiarity with cloud security, particularly AWS Security concepts. You will be collaborating with the Site Reliability Engineering team to bake AWS & GCP security best practices into our infrastructure based on Kubernetes & Terraform.
- Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response. You will act as the Security Partner for one or more Engineering teams to facilitate these practices.
- Able to influence without authority & have excellent teamwork skills
- Exceptionally clear communication skills- you'll need to communicate effectively & build relationships with all levels & roles at Optimizely
- Implementing software security programs like the Security Development Lifecycle
- Discussing security with customers
- Implementing controls for information security compliance programs including PCI, ISO 27001 & SOC 2
- Worked in a fast growth startup environment
At Optimizely, we embody inclusion & embrace diversity. We believe in work/life balance & bringing our true selves to work. To that end, we offer best-in-class perks & benefits that support our Optinauts along their career journey with us. Read more about our culture atoptimizely.com/careers.
Optimizely is an equal opportunity employer & makes employment decisions on the basis of merit. Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration.All your information will be kept confidential according to EEO guidelines.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest & conviction records.