Security Engineer - Team Lead
Cambridge, MA
Kensho
Kensho develops cutting-edge products and technologies that transform businesses. We are the AI Innovation Hub for S&P Global.As a security-focused software engineer at Kensho, you are a thoughtful, collaborative, and seasoned technologist who will be working closely with the Infrastructure team to ensure security across a number of systems and web applications. You will help us protect network boundaries, keep systems and network devices against attacks and provide security frameworks and processes to protect confidential data like passwords and client information.
At Kensho, we hire talented people and give them the freedom, support, and resources needed to accomplish our shared goals. We believe in flexibility-first and give our employees the opportunity to work from where they feel most productive and engaged (must be in the United States). We also value in-person collaboration, so there may be times when travel to one of our Kensho hubs (e.g., Cambridge, MA or NYC) will be required for team meetings or company events.
Kensho states that the anticipated base salary range for the position is 170k - 200k. In addition, this role is eligible for an annual incentive bonus and equity plans. At Kensho, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.
What You'll Do:
- Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards
- Developing and updating security plans: Planning and managing security projects and initiatives
- Emergency response: Demonstrating excellent surveillance and emergency response skills
- Identifying and mitigating security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools
- Implementing de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts
- People manager and prioritization of security backlog: lead and work alongside a team of 2-5 security engineers who are passionate about cutting edge advancements in technology
- Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security
- Risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks
- Auditing policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place
- Building a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them
- Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance
- Analyze and recommend security practices and tools for engineering teams to incorporate into the software development lifecycle
- Execute security architecture reviews for e2e application frameworks
- Monitor Cloud Security Posture Management (CSPM) tools and work with Infrastructure teams to achieve compliance
- Support SIEM integration for the security stack
What You'll Need:
- Five or more years of experience as a security engineer
- Experience securing modern web applications and distributed data infrastructure in a cross-team setting
- Strong understanding of cryptography and current best practices
- Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies
- Three or more years experience writing code in Python, Javascript, Java, or Go
- Prior experience working with enterprise security technologies such as WAF, CSPM, SAST and DAST
- Ability to apply risk management tools and methodologies
- Experience conducting or facilitating IT security audits
- Familiarity with security models for cloud providers such as AWS, Azure and GCP
- Familiarity with core networking concepts and standard protocols such as TCP, UDP, and HTTP
Technology You'll Encounter:
- Python, Linux, Docker, Kubernetes, Git, Jenkins, Terraform, Jsonnet, Kafka, ElasticSearch
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Artificial Intelligence Audits AWS Azure C Cloud Compliance Cryptography CSPM DAST Docker Elasticsearch GCP Generative AI Java JavaScript Jenkins Kafka Kubernetes Linux Machine Learning Monitoring NLP Open Source Pentesting Python Risk assessment Risk management SAST SDLC SIEM Surveillance Terraform Vulnerabilities Vulnerability management
Perks/benefits: Career development Conferences Equity / stock options Flex vacation Health care Medical leave Parental leave Pet friendly Salary bonus Startup environment Team events Unlimited paid time off
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.