Company Overview

At Netlify, we're building a platform to empower digital designers and developers to build better, more elaborate web projects than ever before. We're aiming to change the landscape of modern web development.

We recently raised $63M in Series C funding to bring forward the next generation of tooling for a more accessible web. This round was led by the EQT Ventures with participation from existing investors Andreessen Horowitz & Kleiner Perkins. This brings Netlify’s funding raised in total to $107M to date. Other past investors include Bloomberg Beta, Designer Fund, and Tank Hill Ventures, as well as the founders of Figma, GitHub, Slack and Yelp.

Netlify is a diverse group of incredible talent from all over the world. We’re ~44% woman or non-binary, and are composed of about half as many nationalities as we are team members.

About the Opportunity

The Security team at Netlify remains composed in the field and know that potential compromise is always around the corner. By analyzing risk and prioritizing and implementing action, we constantly aim to improve Netlify's and Netlify's customer's security posture in an ever changing landscape. We take our roles seriously. We are a team that takes pride in making time for life outside of work, and aim to have fun together while we work to secure the future of the web!

As Netlify's Senior Security Operations Engineer, you'll have the cultured ability to understand and operationalize systems for security purposes. With our team, you'll have ownership over many of the engineering and day-to-day review, audit, and triage tasks, all while partnering closely with engineering and infrastructure. You'll oversee furthering our security profile by creating new systems and monitoring  the operational aspects of security. 

What You'll Bring: 

  • Extensive experience working as a full-time application, infrastructure, operations or incident response security engineer.
  • Security experience with protecting cloud, infrastructure, network, containers/workloads, or blue/red/purple team.
  • Exposure to incident response, SIEM, log analysis, dashboards, and log management.
  • Some high-level exposure to Kubernetes and Linux systems administration 
  • Experience in modern programming and scripting languages (EG Python, Shell, etc.) and familiarity with Infrastructure-as-Code frameworks (Terraform, CloudFormation)
  • Experience securing pipelines with DevOps, CICD, GitOps, Agile methodologies. Experience with CI/CD pipelines and automation and how to apply it with services such as Gitlab CI, Jenkins, CodePipeline, or Circle CI.
  • Demonstrated ability to accurately assess problems and requests from multiple perspectives, analyze approach feasibility, and decide on the efficient course of action.

Within 1 month, you'll: 

  • Learn about the business, how the ecosystem works, what processes we use, and where we're headed
  • Get to know the security team and your product and engineering peers
  • Wrap your head around ongoing mission-critical initiatives and beginning to gain a robust understanding of our vendors and systems that support our platform

Within 3 months, you'll: 

  • Be a trusted contributor within the security and SRE teams
  • Partner with your internal customers to support tickets and work on broader project-based work such as leveling up phishing campaign strategies
  • Investigate our gaps and identify opportunities for improvement to create the foundational plan around how to tackle various projects
  • Work cross-functionally with Product and Engineering partners to deliver on your first support project work and making a positive impact on Netlify's security posture.
  • Create and modify monitoring dashboards that identify security anomalies.
  • Work with members of the Compliance team to develop and use enterprise-wide auditing systems and processes to ensure follow-thru on security control-based tooling findings

Within 6 months, you'll: 

  • Be a trusted contributor within the security and SRE teams
  • Partner with your internal customers to support tickets and work on broader project-based work such as leveling up phishing campaign strategies
  • Continue to build out the Security Operations program here at Netlify
  • Aid in the implementation, and fully own operations of System Runtime Security Monitoring tool, enforcing controls such as FIM and Access Monitoring
  • Have designed a comprehensive understanding of Netlify's cloud resource usage and observability and will be developing processes and playbooks for real-time notifications of any potential cloud security violations

At Netlify, we are a growing company that is constantly evolving so this timeline is intended to show you an example of what you can expect from the role. Keep in mind we're always iterating, learning, and growing, thus expect these guidelines to continue to evolve as we expand. We're excited for you to join us on the journey!

About Netlify

Of everything we've ever built at Netlify, we are most proud of our team.

We believe that empowered, engaged colleagues do their best work. We’ll be giving you the tools you need to succeed and looking to you for suggestions to improve not just in your daily job, but every aspect of building a company. Whether you work from our main office in San Francisco or you are a remote employee, we’ll be working together a lot—paring, collaborating, debating, and learning. We want you to succeed! About 60% of the company are remote across the globe, the rest are in our HQ in San Francisco.

To learn a bit more about our team and who we are, make sure to visit our about page.

Applying

Not sure you meet 100% of our qualifications? Please apply anyway!

When applying please include: A resume or short listing of your job history & skills. (A link to a LinkedIn profile would be fine). A cover letter explaining why you would enjoy working in this role and why you’d like to work at Netlify would be great, though not required & will not impact your application. When we receive your application we’ll get back to you about the next steps.

Netlify is an Equal Opportunity Employer. We are devoted to building a team of people with diverse backgrounds and lifestyles. We believe that the unique contributions of all Netlifolks is the driver of our success. We are all responsible for bringing on people from all walks of life. Driving equality empowers our team, enables us to innovate, and helps us maintain a more inclusive environment. We don’t discriminate against employees or applicants based on gender identity or expression, sexual orientation, religion, age, race, military/veteran status, citizenship, pregnancy status, or any other differences. If we can do anything to provide a better interview, i.e. accommodate a disability, then please let us know.

Apply for this Job

* Required