Lead Engineer, Security and Compliance
Radar
New York, new york
Job Details
Full-time
Full Job Description
About the role
We're looking for an Engineer to lead our Security and Compliance efforts. Our infrastructure handles diverse workloads processing 1 billion API calls per day. Since we process sensitive location data collected from mobile devices the security and compliance of our infrastructure is paramount. We've invested a lot but there's always more to do to improve our security posture. This is an ideal role for someone who aspires to one day be a CISO.
The stack:
Our infrastructure runs on AWS, managed by Terraform.
We leverage AWS Security Hub for cloud monitoring, AWS Inspector for vulnerability monitoring, and AWS GuardDuty for intrusion detection and malware prevention.
Servers and employee endpoints are hardened leveraging CIS benchmarks and hardened images.
Snyk and Github Advanced Security monitor our codebase and libraries for vulnerabilities and patch them.
Our SIEM is AlienVault and our alerting tool is PagerDuty.
Most engineers are in the on-call rotation, which handles medium and high severity security alerts.
Our employee endpoints are macOS managed by JAMF and JAMF Protect.
Our issue tracking tool is Linear.
Our compliance tool is Vanta.
Our Penetration Test and Vulnerability Disclosure Program are run by HackerOne.
How we work:
Most of our engineering team are former technical co-founders or former Radar interns from schools like Waterloo and CMU. Most engineers at Radar fit one of two molds, technically: either Staff level expertise in one stack, or Multi-Stack at any level. We say Multi-Stack because "Full-Stack" has the connotation of "Frontend and Backend", but Radar Engineers might also work on Mobile or Data engineering. Not that you need to be an expert in all of those, but a desire to learn, jump around to different stacks and get things done is the important part.
We care a lot about shipping fast and talking to customers. We're committed to our product vision of full-stack location infrastructure, but we also know that customer feedback is a treasure map to gold. Even though Slack is the brain of our company, working together in-person in our NYC HQ is the fastest way for us to get things done. We meet on Mondays to plan out work for the week in small groups and use Linear for planning. All projects are run by an Engineering lead, an executive and a Go-to-Market lead. Engineers figure out what to build, talk to customers, talk to prospects, help close them, get them live and make them successful.
One of the hardest and most valuable practices we have is Walk A Mile - which is shorthand for putting yourself in the user's shoes - but also for literally walking a mile and dogfooding the Radar SDK, because you can't create location infrastructure behind a desk - you have see how the device behaves in the real world. To us, a week is a long time, and we expect to ship big things every week.
The hiring process:
After a brief call with our CTO, we'll invite you to our NYC HQ for an interview if we think there is a possible match. During that time we'll work on system design problems together and do some coding for 2 hours to build something simple. You'll meet one of our co-founders and we'll also go into more depth about how we work to see if there is a match.
What you’ll do:
- Manage the security and compliance posture of our AWS environment (Security Groups, IAM, VPC, Flow Logs, SSO, Inspector, Security Hub, GuardDuty, KMS, S3, EC2)
- Answer all customer "infosec" questionnaires during sales cycles
- Be a key contributor during our SOC 2 audit and participate in ongoing security and compliance activities year round
- Run our annual 3rd party penetration test and vulnerability disclosure program and remediate findings
- Participate in weekly compliance meetings to monitor compliance of the entire organization
- Handle the full life cycle of security alerts and remediation
- Talk to Radar customers and prospects, hear their feedback, incorporate it into your work and make them successful
You should:
- Have experience managing AWS environments with Terraform
- Have experience as a security or infrastructure engineer
- Be interested in talking to customers or prospects and making them successful
- Be deeply curious about how things work, and have the tenacity to sit with hard problems and power through them
Bonus points if you:
- Are a former technical co-founder
You’ll work with
- Tim Julien, CTO
- Craig Kochis, Director of Engineering
- Jeff Kao, Senior Staff Engineer
- Our customers and prospects
- Our Customer Success, Sales Engineering, and Sales teams
Benefits & Perks:
- Competitive compensation package and equity plan
- Medical, dental, and vision plans with 100% premiums covered for you
- 401(k) plan with a generous employer match
- Unlimited PTO vacation policy
- Paid parental leave
- Weekly catered breakfast and lunch at our NYC office
- Free CitiBike membership (if based in tri-state area)
- Monthly fitness reimbursement and wellness programs via Classpass and Gympass
Compensation:
For candidates based in the United States, the base salary range for this full-time position is between $200,000 - $250,000/year with an opportunity for performance bonuses and incentives.
In addition to cash compensation, Radar offers full-time employees a competitive equity plan with stock option grants. This is a meaningful ownership stake in the company that we provide to our employees as we build a category-defining company together.
About Us
Radar is location infrastructure for every product and service. Companies like Vercel, Panera, and T-Mobile use Radar's geofencing SDKs and maps APIs to power location-based experiences across hundreds of millions of devices worldwide.
Founded in 2016, Radar is headquartered in New York, NY. Radar has raised $85.5M from leading venture capital firms including Accel and Insight Partners.
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.