At Kensho, we hire talented people and give them the autonomy and support needed to build amazing technology and products. To do this, we look for people who insist on a bias towards action to minimize unhelpful hierarchy and process. We collaborate using our teammates' diverse perspectives to solve hard problems. Our communication with one another is open, honest and efficient. We dedicate time and resources to explore new ideas and, as a result, we produce technology that is scalable, robust, and useful.

As a Principal Security Engineer, you are a thoughtful, collaborative, and dynamic technologist who loves ensuring security across a number of systems and web applications. You think deeply about the implications, relationships, edge cases, and failure modes, and you are passionate about correctness, security, and writing the next thing, so you aren't spending time maintaining older projects.

Are you a prolific, intellectually curious technologist who appreciates code, math, and security? We are on a mission to clarify complex data through scientific, statistical, analytical, computational, and inspired study. By transforming the data, we are able to bring transparency to some of the most important issues on the planet. You will be joining a team of veterans from Google, Twitter, and Facebook, as well as academia.

What You'll Do:

• Evaluate and strengthen Kensho’s security systems and processes across all products and teams by building a scalable process to ensure the security feedback loop is strong
• Write, monitor, and triage security tests and test infrastructure
• Directly interface with customer infosec teams, lawyers, external security researchers as well as internal partners to ensure that Kensho maintains a best-in-class security envelope
• Cultivate full team participation in high quality, thoughtful, secure software

What We Look For:

• Deep experience securing modern web applications and distributed data infrastructure in a cross-team setting
• Willingness to find and fix vulnerabilities in both our own software and 3rd party dependencies
• Experience with penetration testing and industry-standard cryptography
• Expertise in automated and scalable testing, automation, and continuous integration frameworks
• Desire to build a strong, operationally-minded engineering culture through effective and thoughtful coding, documentation, and collaborative approach as a code reviewer and teammate

How to Really Get Our Attention:

• Security engineer experience at a top 10 software company
• Participation and awards at security capture-the-flag competitions
• Open source project contributions showing innovation and initiative
• Hedge fund or major financial institution trading experience
• Relevant research, publications, and patents

Technologies We Like:

• Python, Linux, Docker, Kubernetes, Calico, Git, Jenkins, Sentry, Cypress

Perks:

• Medical, Dental, and Vision insurance with 100% premium covered
• Unlimited vacation days
• Paid Parental Leave
• 401(k) plan with employer match
• Free snacks and drinks
• Dog-friendly office
• Cardio machines and weights in the office
• Hubway (bike sharing program) membership

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

kensho.com