Senior Information Security Engineer, Safety & Trust

LastPass is looking for a Senior Information Security Engineer:

You will play a key part in enhancing our posture of our AI security features, focusing on anomaly detection within user behavioral patterns to identify and mitigate potential abuse. The ideal candidate should have a strong background in information security, a deep understanding of AI technologies, and a passion for creating a secure and trustworthy digital environment.

If you are passionate about user safety, have a keen eye for security and a strong technical background, and you thrive in a collaborative and innovative environment, then this is the role for you.

Who will you work with?

Your interactions will span across various departments, fostering a collaborative and innovative work environment, including Engineering, Safety & Trust, Data Science, Security and Compliance, Product & UX teams in Hungary, Portugal, and the United States of America.

What are some of the exciting challenges you will be working on?

Security and Trust-Centric Development

• Research, identify, and implement measures that address trust and safety concerns of new and existing LastPass products and services.
• Improve analytics for abuse detection, enhance AI capabilities for abuse detection, and ensure the activation of critical safety features in our products/platforms in addition to the existing safety measures.
• Conduct risk assessments with existing frameworks to identify potential threats and vulnerabilities in the LastPass software stack.
• Propose and implement mitigation strategies to address identified risks and ensure the overall safety of the software.

Support Customer Trust and Safety

• Participate in the buildout of automated solutions for responding to customer RFx, RPFs and security questionnaires.

Incident Response

• Collaborate with incident response teams to analyze and respond to security incidents promptly.
• Implement proactive measures to prevent future incidents and enhance the resilience of our systems.

Collaboration and Communication

• Collaborate with cross-functional teams, Product Managers, and UX/CX to deliver exceptional safety and trust features on time.
• Communicate effectively with stakeholders to convey complex security concepts and requirements.

What does it take to work at LastPass?

• Background in Computer Science, Information Security, or a related field is preferred.
• Experience in information security roles, particularly focusing on API/authentication/data security and anomaly detection.
• Familiarity with tools related to abuse detection (e.g., Azure Sentinel, DataDog, Crowdstrike, or Splunk).
• Experience with questionnaires like SIG, CAIQ. • Knowledge of industry-standard security frameworks and best practices.
• Proficiency in programming languages such as Python, PHP, or C# is desirable.
• Strong problem-solving abilities, collaborative mindset, and proactive approach.
•  Effective communication skills across diverse stakeholder groups with varying backgrounds and technical expertise within LastPass.
• Excellent written and verbal communication skills in English.

It's great, but not required:

• Certifications such as CISSP, CISM, or related certifications in information security.
• Experience with machine learning frameworks and tools for building anomaly detection models.
• Experience with authentication and API security.
• Knowledge of regulatory requirements and standards related to information security.
• Experience with API abuse detection platforms like Akamai’s or Cloudflare’s Volumetric Abuse Detection solutions
• Experience with penetration testing and ethical hacking.
• Experience working with global teams.