As a Security Engineer at Peloton, you will be responsible for supporting the ongoing security operations & overall security strategy at Peloton. The ideal candidate must demonstrate in-depth knowledge of & experience in cloud security, incident response. The Security Engineer will develop, optimize, & operate the security tools used throughout Pelotons infrastructure & contribute to the overall security strategy across the entire organization.
- Architect, deploy, & maintain Pelotons security infrastructure
- Evangelize security throughout Peloton & empower end users to do their jobs securely without creating additional friction
- Research & analyze potential new threats, attack vectors & risks & identify mitigation efforts
- Examine output from security tools & software & report on findings
- Collaborate with Peloton engineering teams to provide feedback on Peloton products & secure development environments
- Work with our security operations team to develop new detection scenarios, IR playbooks, & maintain tooling to enrich telemetry data
- 5+ years experience working in a security role
- You work well cross-functionally, & can communicate with a variety of audiences who may not have a security or technical background.
- Demonstrated knowledge of enterprise-scale security technologies which may include include SIEM, vulnerability management, incident case management, HIDS/NIDS, PKI, user behavior analytics, SSO, IAM, Privileged Access Management.
- Considerable incident management experience working with Linux & MacOS operating systems
- Experience building & maintaining enterprise logging pipelines (e.g. Splunk, Devo, Sumologic, ELK Stack, etc.)
- Comfortable with scripting (Bash, Python, Go, etc) to automate the boring stuff, as well as solve complex security challenges & integrate security solutions via APIs
- Experience with developing infrastructure as code (Terraform, Cloudformation)
- Deep hands on security experience with cloud providers such as AWS, GCP, & other cloud providers & their respective security tools (Guarduty, Cloudtrails, SecurityMonkey, ScoutSuite, etc)
- Experience with EDR(Endpoint Detection & Response) tools e.g. Crowdstrike, GRR, osquery, Sysdig, Carbon Black, Endgame, Tanium etc.
- Familiarity with development processes & environment tools such as Git, Jira, Confluence.
Great to Have:
- Hands on experience with Container Technology (Docker, EKS, GKE, Kubernetes, Openshift, ) & their respective security tools (Twistlock, Stackrox, Aqua, Sysdig, etc)
- Experience with firewalls (Meraki, Palo Alto, PFSense, etc)
- Experience with SOAR, CASB, DLP technologies
- Comfortable with configuration management tools (e.g. Chef, Puppet, Ansible)
- Familiarity with Zerotrust\Beyondcorp
- Previous working experience with Agile
Founded in 2012, Peloton is a global interactive fitness platform that brings the energy & benefits of studio-style workouts to the convenience & comfort of home. We use technology & design to bring our Members immersive content through the Peloton Bike, the Peloton Tread, & Peloton Digital, which provide comprehensive, socially-connected fitness offerings anytime, anywhere. We believe in taking risks & challenging the status quo by continuously innovating & improving. Our team is made up of passionate brand ambassadors, & we know that together, we go far.
Headquartered in New York City, with offices, warehouses & retail showrooms in the US, UK & Canada, Peloton is changing the way people get fit. Peloton has been named to many prestigious industry lists, including Fast Company's Most Innovative Companies, CNBC's Disruptor 50, Crain's New York Business' Tech25 & Fast50, as well as TIME's Genius Companies. Visit www.onepeloton.com/careers to learn more about joining our team.