At Netlify, we're building a platform to empower digital designers and developers to build better, more elaborate web projects than ever before. We're aiming to change the landscape of modern web development. As a part of that mission, we created Netlify CMS, an open source React app for managing static content via Git APIs.
We’re a venture-backed company, and so far we've raised ~$45M from Andreessen Horowitz and Kleiner Perkins, Bloomberg, and prominent founders and professionals in our space.
We are looking for a Security and Compliance Engineer to help scale our product security functions. They will work closely with engineering to ensure that security is appropriately addressed across all Netlify products. The person is this role will also be focused on designing and implementing technology controls, as well as supporting audits for certification and compliance programs, such as SOC 2, GDPR, and ISO 27001.
In this role, your responsibilities will include:
- Planing and executing security assessments.
- Working across various teams to prioritize security features and bugs, and ensure implementation and mitigations
- Managing Netlify bug bounty program
- Assisting in execution of third-party audits and penetration tests
- Contributing, to the creation and delivery of security trainings
- Establishing, implementing, and working to improve appropriate security and compliance processes
- Helping drive and advance security awareness and compliance across the business
- Coordinating documentation, self-assessment testing, and remediation activities
- Updating and maintaining internal and externally facing security and compliance documentation
- Helping our customers and partners with questionnaires related to our security, privacy, and compliance programs
Some characteristics that we look for when hiring for this role:
- Experience supporting one or more types of compliance frameworks: ISO 27001, SOC 2, PCI, FINRA, GDPR
- Experience building, securing, and automating enterprise-scale infrastructure and systems
- Experience working in a customer-facing capacity in a SaaS/PaaS/IaaS business model. Bonus if you have worked closely with engineering teams.
- Continuous testing experience and development of tooling
- Experience working on a remote team in an asynchronous workflow
- Highly responsive, with a customer-first mindset
- Has 2 or more years experience as a security or compliance engineer
- Must be legally authorized to work in the United States
About the team
The engineering team is small but mighty; Netlify is a fast-growing startup. You will be working across the company: with our founders, designers, support, sales, and marketers. We need people who can help us build a path towards the future. To learn more about our team and who we are click here.
We believe that empowered, engaged employees do the best work. We’ll be giving you the tools you need to succeed and looking to you for suggestions for improvement not just in your daily job, but in many other aspects of building a company. Whether you work from our main office in San Francisco, or you are a remote employee, we’ll be working together a lot - particularly, pairing and collaborating - we want you to succeed! We don’t want you to work too hard (burnout is real), and we do want to encourage you to grow (impostor syndrome is also real) - and we’ll help you do that.
Netlify is devoted to building a team of people with different backgrounds and lifestyles. We eagerly invite applications from people of all kinds. We don’t discriminate against employees or applicants based on gender identity or expression, sexual orientation, religion, age, race, citizenship, pregnancy status, or any other differences. If we can do anything to provide a better interview, i.e. accommodate a disability, then please do let us know.
About 55% of the company are remote across the globe, the rest are in our HQ in San Francisco. However to maintain a distributed culture we have Tuesdays and Thursdays as work from home days.
Compensation & Benefits
We offer a competitive salary, great benefits, and equity. We encourage you to speak at conferences and will pay your attendance costs as you represent Netlify at these events.
Not sure you meet 100% of our qualifications? Please apply anyway!
With your application, please include: A thoughtful cover letter explaining why you would enjoy working in this role and why you’d like to work at Netlify. A resume or short listing of job history. (A link to a LinkedIn profile would be fine.)
When we receive your complete application with the items above, we’ll get back to you about the next steps.