Senior Security Engineer

Iterable is the leading AI-powered customer engagement platform that helps leading brands like Redfin, SeatGeek, Priceline, Calm, and Box create dynamic, individualized experiences at scale. Our platform empowers organizations to activate customer data, design seamless cross-channel interactions, and optimize engagement—all with enterprise-grade security and compliance. Today, nearly 1,200 brands across 50+ countries rely on Iterable to drive growth, deepen customer relationships, and deliver joyful customer experiences.

Our success is powered by extraordinary people who bring our core values—Trust, Growth Mindset, Balance, and Humility—to life. We foster a culture of innovation, collaboration, and inclusion, where ideas are valued and individuals are empowered to do their best work. That’s why we’ve been recognized as one of Inc’s Best Workplaces and Fastest Growing Companies, and were recognized on Forbes’ list of America’s Best Startup Employers in 2022. Notably, Iterable has also been listed on Wealthfront’s Career Launching Companies List and has held a top 10 ranking on the Top 25 Companies Where Women Want to Work.

With a global presence—including offices in San Francisco, New York, Denver, London, and Lisbon, plus remote employees worldwide—we are committed to building a diverse and inclusive workplace. We welcome candidates from all backgrounds and encourage you to apply. Learn more about our story and mission on our Culture and About Us pages. Let’s shape the future of customer engagement together!

Senior Security Engineer 

Iterable is a leading AI-powered customer engagement platform, helping businesses drive growth through personalized customer experiences. Our security team plays an essential role in safeguarding systems and customer data, ensuring robust protection and resilience. We are looking for a Senior Security Engineer to join our growing team.

What You’ll Do:

• Perform risk assessments, architectural designs, threat models, code reviews, and more—pragmatically balancing security with other business considerations.
• Build and enhance automated security testing frameworks, incorporating tools like static and dynamic analysis to identify vulnerabilities early in the development process.
• Drive the integration of security tools into the CI/CD pipeline, ensuring continuous monitoring and automated threat detection across applications and infrastructure.
• Partner cross-functionally for security monitoring & incident response; proposing & building security detections and runbooks
• Respond to security incidents, security vulnerabilities, and security events. Investigate, analyze, and coordinate remediation activities, ensuring quick containment and long-term improvements.
• Develop and implement threat detection strategies, propose detection rules to monitor for emerging threats and vulnerabilities in real-time.
• Partner with engineering teams to implement secure coding practices, provide security training, and integrate security-first mindset into development workflows.
• Stay current with evolving security threats, vulnerabilities, and best practices, sharing insights with cross-functional teams to strengthen security measures.

What We’re Looking For:

• 3-5 years of experience as a security engineer, cloud/platform security engineer, software engineer, site reliability engineer, or a comparable like position
• Competency in one or more programming languages (bonus points for Scala experience)
• Strong knowledge of application security principles, including secure coding, threat modeling, and common application vulnerabilities (e.g., OWASP Top 10).
• Familiarity with Github and / or Gitlab workflows.
• Interest or experience in both the development of security guardrails and the shift-left paradigm.
• Strong analytical and problem-solving skills, with the ability to work independently and as part of a collaborative team.
• You are seeking to contribute to a high-growth environment and play a key role in building new programs from the ground up
• You care about the details, and are willing to ask questions when you’re unsure
• You are comfortable handling the unknown, and seek to bring clarity in ambiguous situations

Bonus Points For:

• Experience with security automation, including incident response and remediation workflows.
• Knowledge of endpoint detection and response tools, and experience with incident investigations in a cloud environment.
• Experience with Static and/or Dynamic Application Security Testing
• Experience working with SIEMs
• Experience with cloud security practices, specifically in AWS, GCP, or Azure, and a solid understanding of cloud infrastructure vulnerabilities and best practices.
• Working knowledge of Kubernetes environments, or have designed and applied Kubernetes security policies (e.g. OPA Gatekeeper, Kyverno).
• Experience with GenAI and LLMs

Perks & Benefits: 

• Paid parental leave
• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Days (additional paid holidays)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Monthly Employee Wellness allowance 
• Monthly Professional Development allowance 
• Pre-tax commuter benefits
• Complete laptop workstation

The US base salary range for this position at the start of employment is $XXX,XXX - $XXX,XXX. Within this range, individual pay is determined by specific US work location, as well as additional factors, including job-related skills, experience, relevant education or training, and internal equity considerations.

Please note that the range listed above reflects only base salary. The total compensation package includes variable pay (where applicable), equity, plus a range of benefits, including medical, dental, vision, and financial. In addition, we offer perks such as generous stipends for health & fitness and learning & development, among others.

Recruitment Disclaimer:

Please be aware that Iterable, Inc. (“Iterable”) and our official professional recruiting agencies and platforms do not:

• Send job offers from free email services like Gmail, Yahoo mail, Hotmail, etc.
• Request money, fees, or payment of any kind from prospective candidates to apply to Iterable, for employment, or for the recruitment process (e.g. for home office supplies, or training, etc.).
• Request or require personal documents like bank account details, tax forms, or credit card information as part of the recruitment process prior to the candidate signing an engagement letter or an employment contract with Iterable.

You may see all job vacancies on our official Iterable channels:

• Official Iterable website, Careers page: https://iterable.com/careers/
• Official LinkedIn Jobs page: https://www.linkedin.com/company/iterable/jobs/

Iterable is not affiliated in any way to these impostors and we hereby confirm that such individuals/entities are not authorized, encouraged, or sponsored to act on behalf of Iterable. Such job opportunities are entirely fake and not valid. Therefore, please disregard any written or oral request for a job offer or an interview that you believe is or might be fraudulent or suspicious and immediately reach out to us via email at talent-ops@iterable.com upon receiving a suspicious job offer.

Criminal and/or civil liabilities may arise from such actions, and Iterable expressly reserves the right to take legal action, including criminal action, against such individuals/entities whenever such phenomena occur. In any case, please note that under no circumstances shall Iterable and any of its affiliates be held liable or responsible for any claims, losses, damages, expenses or other inconvenience resulting from or in any way connected to the actions of these impostors.

Iterable is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Iterable does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Iterable also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Iterable will also consider for employment qualified applicants with arrest and conviction records.