The security team at Peloton has oversight into the security practices of the entire organization, instantiating security policies and best practices, as well as automation of these policies/practices where possible. The security team at Peloton is looking for a security engineer to join our growing team to work across disparate teams. As a security engineer, you would help protect Peloton's assets and customers.
- Help drive and architect improvements in the detection/response of relevant events across multiple stacks, networks, applications, cloud infrastructure, and user endpoints
- Collaborate closely with multiple stakeholders including SRE, DevOps, Enterprise IT, Software Engineering, Product Engineering, and Hardware Engineering teams to evangelize security, assist in developing security controls into engineering pipelines, and remediate security issues from internal, and third party assessments.
- Integrate and build new tools into our Security program, which includes automation of triaging, investigations, response, to suspicious activity
- Perform security assessments on new platforms, products, services, architectures, and vendors to protect Peloton’s data.
- Take part in helping develop the maturity of Peloton's security organization
- You have 2-3 years of experience working on a security team supporting product, cloud infrastructure, and corporate infrastructure development
- Experience securing modern technology stacks such as microservices, containers, and serverless infrastructure in cloud environments (AWS, GCP)
- Proficient in developing, debugging, and optimizing complex content delivery pipeline
- Working experience with infrastructure automation tools (Chef, Terraform, Ansible) for security
- Experience building and maintaining logging pipelines (Splunk, Sumologic, ELK)
- Experience with intrusion detection and intrusion prevention tools like Snort, Suricata, CrowdStrike, Carbon Black, Cylance, or OSSEC
- Experience instituting organizational change with respect to security
- Experience scripting and/or programming in one or more of the following: Python, Perl, Ruby, Bash, Java, or Go
- Understanding of TCP/IP OSI Model layers and networking fundamentals
- In depth knowledge of OS and Linux internals (MacOS, Windows, Debian, Centos) plus system hardening
- Effective spoken and written communicator to multiple audiences
Nice to haves:
- Experience with Vulnerability Management
- Experience with Web Application Security
- Experience and familiarity with NIST, PCI, et. al. frameworks.
- Knowledge of corporate device management platforms
- Experience with DevSecOps tools, workflows, processes to include, but not limited to secrets management, dependency monitoring, SAST/DAST scanners, and container security suites
Founded in 2012, Peloton has transformed the at-home fitness experience by creating a bike that merges high-design with modern technology to provide access to live streaming and on demand indoor cycling classes led by elite instructors. With a state of the art studio, the best instructors and content distribution, Peloton delivers an intense high-energy workout that motivates, while positively changing the mind and body.