Foursquare is the leading independent location technology & data cloud platform, dedicated to building meaningful bridges between digital spaces & physical places. Our proprietary technology unlocks the most accurate, trustworthy location data in the world, empowering businesses to answer key questions, uncover hidden insights, improve customer experiences, & achieve better business outcomes. A pioneer of the geo-location space, Foursquares location tech stack is being utilized by the worlds largest enterprises & most recognizable brands.
Foursquares flexible building blocks include technology to maximize marketing impact & drive incremental real-world engagement (Attribution, Audience, Proximity, SDK); data to deeply understand points of interest & real-world behavior patterns (Places & Visits), & tools to conduct advanced analysis, data enrichment, unification & visualization (Unfolded Studio).
About the Team:
Foursquare is seeking an experienced Security Engineer to lead efforts & implement solutions to keep our users' & customers' data private & our systems secure.
The Security team works with infrastructure & feature engineering teams to identify & mitigate risks to the business. We propose, design, plan & implement strategic & tactical security improvements from remote access systems for employees, to authorization rules on our production fleet, to forward-thinking policy initiatives. Our infrastructure & feature engineering teams will be active & supportive partners, but the Security Team organizes & leads these efforts across the entire organization. We are trusted to stay one step ahead of malicious actors in a rapidly-changing threat landscape.
As part of the Security Team, your work will be instrumental in ensuring both the safeguarding of our users' data & Foursquares future business success.
Our Tech Stack:
- Languages: Java, Scala, Python, Clojure, Ruby
- Tools for pipeline orchestration: Airflow, Luigi
- Frameworks: Spark, MapReduce, Scalding, Spring Boot
- Infrastructure: AWS, Hadoop, Kubernetes, Docker
- Other technologies: Postgres, Hive, HBase, MongoDB
- Propose, design, plan, & implement strategic & tactical security improvements across the organization, including surfacing non-obvious risks & attack surfaces.
- Organize & lead cross-team efforts with infrastructure & engineering teams
- Mitigate security risks & attack surfaces using a combination of policies & technological measures.
- Establish & promote security recommendations & best practices, as well as provide security expertise across our entire tech stack.
- Build security automation & guardrails using Test-Driven Development, Infrastructure as Code, & serverless frameworks.
- Respond to Security Events, including isolating, mitigating, & investigating active threats. Conduct post-mortems to elevate the security posture of the company.
- Advocate for the security culture of the organization, including collaborating with stakeholders across the company.
- 3+ years of experience in security engineering
- 1+ years of experience in securing cloud environments (preference to AWS) with a deep understanding of Identity & Access Management
- Thorough understanding of common access control patterns (especially RBAC), AuthN/AuthZ models, SSO standards (SAML 2.0, OAuth)
- Experience developing & implementing employee remote access policies & systems
- Working knowledge of network security with a focus on cloud networking
- Strong written & verbal communication skills
- Solid background using Linux & *nix operating systems
- Proficiency in at least 1 programming or scripting language (preference to Python or Java), with a strong emphasis on Test-Driven Development
Nice to have:
- Security research, penetration testing, or other red team experience
- Other cloud security experience (GCP, Azure, Oracle Cloud etc.)
- Experience with container orchestration systems such as Kubernetes
- Security incident response experience including real-time mitigation of ongoing attacks
- Experience in designing, architecting, & deploying large technical projects, with a focus on security
- Experience with Infrastructure as Code frameworks such as Terraform or AWS CDK.
- Experience with serverless frameworks such as AWS Lambda.
- Proficiency in conducting security investigations, including log forensics & preservation of evidence.
- Experience with understanding, predicting, & managing human factor risks.
Perks & benefits:
- Learning & development programs from individual contributors to managers
- Individual, professional coaching for all full-time employees
- Flexible time off - rest & recharge when you need it!
- Comprehensive & competitive health, vision, dental, life insurance
- 401(k) with company match
- Home office setup: you get all necessary hardware & internet reimbursement
- Family planning programs via Carrot & Maven
- Employee Resource Groups to help you stay connected
Foursquare is proud to foster an inclusive environment that is free from discrimination. We strongly believe in order to build the best products, we need a diversity of perspectives & backgrounds. This leads to a more delightful experience for our users & team members. We value listening to every voice & we encourage everyone to come be a part of building a company & products we love.
Foursquare is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other characteristic protected by law.