Sr. Cloud Security Engineer at Toast

| Greater Boston Area
!Sorry, this job was removed at 11:18 a.m. (EST) on Monday, February 24, 2020
Apply now

We’re not your traditional tech company and we don’t aim to be. Going against the grain is in our DNA. Building a revolutionary product begins with revolutionary thinking. That’s why we value diversity background and lived experience. Together, we empower restaurants of all sizes to build great teams, increase revenue, improve operations, and delight their guests. We pair our deep understanding of the restaurant industry with powerful cloud based software and restaurant-grade hardware to deliver an intuitive all-in-one platform. Join us on our mission to empower the restaurant community to delight guests, do what they love, and thrive. 

Are you bready* for a change?

We’re looking for a senior engineer to join our rapidly growing security team. In this role, you’ll help our engineering organization to identify, triage, and remediate security issues. You’ll also work in tandem with our engineering teams to think about and act on security challenges through all phases of software development, and to help us design and build new features to enhance the security of the Toast platform. The Toast security operations center (SOC) is focused on building capabilities to monitor, detect, and respond across our environment. As a senior member you’ll be a major contributor to helping build the SOC and contribute to our vision. We are focused on an aspect of security that’s in its infancy by operationalizing cloud, application and mobile device security. These are the attack surfaces you would tackle with a welcomed creative approach. The ideal candidate is someone that can under take the “mindset of an attacker” and apply it to defense. You would be the SOC’s cloud security resource and lead engineering efforts to bolster our security posture. You are someone who stays abreast with emerging threats, embraces the security community, and seeks to contribute to it. We love security innovators who are always thinking about new and interesting solutions to keep pace with ever changing security landscape.

About this roll*:

  • Manage SOC infrastructure e.g., malware protection, web layer protection, firewalls, patching and data leakage protection
  • Leverage programming languages to solve problems and automate solutions to security findings
  • Contribute to threat modeling activities bonus points if you can apply traditional modeling to application and AWS
  • Foster a security mindset with our development and DevOps teams by working with security champions
  • Manage data flow and integrations with Firewalls, AWS CloudTrail, Linux syslogs, apps, HIDS, FIM, AV, etc
  • Performing security design on cloud resident systems and services including requirements gathering
  • Manage Scanners: (Code, Application, Database, Network, Host, etc.) to provide holistic insight and enable compliance of our platform
  • Survey, review and develop recommendations for encryption key management Amazon Web Services (AWS)
  • Participating in the incident response process 
  • Collaborate with DevOps team in developing technical solutions and new security tools to help mitigate security risks and vulnerabilities and automate repeatable tasks.

Do you have the right ingredients*?

  • Expertise in container and DevOps technologies such as Kubernetes, Jenkins, Docker, and OpenShift.
  • Working knowledge of platforms such as Chef, Puppet, Ansible, and SaltStack
  • Strong knowledge of threats and vulnerabilities associated with application and network security in a cloud environment (AWS)
  • Strong understanding of Amazon Web Services(AWS) cloud application architecture & microservices 
  • Hands on experience with container security platforms such as TwistLock, Aqua, sysdig, stackrox, etc.
  • Strong knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV,, etc.)
  • Understanding of Red team/Blue team activities
  • Familiarity with Mitre Att&ck Framework
  • Familiar with mobile application threats (iOS, Android). Nice to have but not required. 
  • Familiar with containerization and orchestration technologies (Docker highly preferred)
  • Experience leveraging programming languages to solve problems and automate solutions to free SOC team members cycles
  • Interest in tackling security threats and contribution to the SOC build-out
  • Experience with programming languages (Java & Python). You don’t need to be a developer but if you can contribute to building custom tools and communicate with our application security team, bonus points.

*Bread puns encouraged but not required

Read Full Job Description
Apply now

Technology we use

  • Engineering
    • JavaLanguages
    • JavascriptLanguages
    • jQueryLibraries
    • ReactLibraries
    • AngularjsLibraries
    • ES6Libraries

Location

Toast is headquartered in the heart of Fenway. Catch a Sox game, grab a bite, and stroll through one of the trendiest neighborhoods in Boston.
Toast values candidates with varied backgrounds — and these 3 employees prove it
Watch

An Insider's view of Toast

What’s the vibe like in the office?

Our office has both a relaxed but productive vibe. You'll see people with their heads down working, but you'll also see people hanging out and collaborating in open spaces. There's a good balance between work and play. When I'm not heads down coding, you'll find me playing guitar or hanging out in the Toast Pub.

Gabe Gonzalez

Associate Technical Sourcer, Previously: Software Engineer

How has your career grown since starting at the company?

I began as an Implementation Engineer, moved into instructional design, and now I am in my dream role as a Product Manager. This is afforded because Toast fosters a culture where experts in their domains are eager to give you a masterclass in what they do – you only need to ask and be willing to learn. This is the best perk when working at Toast.

Sean Park

Product Manager

What are some things you learned at the company?

Where should I start? For hard skills, I’ve learned more than I ever thought I would about Excel and Salesforce. I’ve also learned what it looks like when a company not only talks the talk, but walks the walk. We’ve been able to execute on what we’ve set out to do because we are willing to try new things, make mistakes, and learn from them.

Matt

Payments Relationship Manager

What are Toast Perks + Benefits

Toast Benefits Overview

Toast strives to provide competitive compensation and benefits programs that help to attract, retain and motivate the best and brightest people in our industry. Our total reward package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet our employees’ changing needs.

Culture
Volunteer in Local Community
Partners with Nonprofits
Friends Outside of Work
Eat Lunch Together
Intracompany Committees
Daily Stand-up
Open Door Policy
Team-Owned Deliverables
Team-Based Strategic Planning
Group Brainstorming Sessions
Open Office Floor Plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious Bias Training
Someone's Primary Function is Managing the Company's Diversity and Inclusion Initiatives
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Team Workouts
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Company-Sponsored Family Events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Happy Hours
Parking
Recreational Clubs
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and Learns
Cross-Functional Training Encouraged
Promote from Within
Mentorship Program
Time Allotted for Learning
Online Course Subscriptions Available
Customized Development Tracks
Apply now
Save jobView Toast's full profileSee more Toast jobs