Staff Security Engineer

| Greater Boston Area

About Drift

Drift is the new way businesses buy from businesses. With its quickly evolving set of tools and playbooks, Drift is the world’s leading conversational marketing platform, trusted by top enterprise businesses like Ellie Mae, Marketo, Okta, Outreach, Vidyard, and over 150,000 other businesses. Sales and marketing teams rely on Drift to connect now with the customers who are ready to buy now. Based in Boston, Drift was founded by serial marketing technology entrepreneurs David Cancel and Elias Torres and is backed by leading venture capitalists including CRV, General Catalyst, and Sequoia.


About the role

The Security team at Drift plays an integral and recognized role within the company. Our customer-centric focus means that ensuring the confidentiality, integrity and availability of their data and our services is something we are proud to demonstrate. That enables the team to not only practice their craft, but do so in a customer facing way, working cross functionally with sales, customer success, and others on a daily basis.


What you’ll be doing on the team:

As the security engineer in our Boston office, you’ll be responsible for:

  • Overseeing our Production Network and Infrastructure Security in AWS.
  • Developing our Security Operations Center (SOC) including being a leader of the Security Incident Response Team (SIRT).
  • Distinguishing security-related alerts by operating a dedicated Security Event Information System (SEIM)
  • Managing multiple layers of Corporate Security including Email, DLP, SSO, MFA, End-points and Firewalls.
  • Flying side-by-side with our sales organization to respond to front-line customer questions about our security program.
  • Monitoring internal controls and ensuring policy requirements are adhered to.
  • Evaluating third-parties to ensure their security standards meet our requirements.


In one month you'll

  • Become deeply familiar with our production and corporate environments and capable of navigating confidently within our architecture.
  • Meet with your immediate teams and the key stakeholders you support and build trusted relationships.
  • Understand our internal control framework and timelines by which oversight tasks must be completed.
  • Work with Engineering to understand the incident response process and be able to represent the security team when called upon to collaborate in problem solving and response.

By month 3 you'll 

  • Serve as point with our external auditors to complete our 2019 SOC-2 Audit.
  • Deploy a robust SEIM to centralize alerts and have it tuned appropriately.
  • Know how to diagnose and make appropriate configuration changes in all of our production and corporate security applications and systems.
  • Enhance internal documentation of security processes so that they are consistent and transparent.
  • Have become a trusted advisor across the company, someone people feel comfortable turning to for assistance and expertise.

By month 6 you'll 

  • Develop an innate understanding of our environment and be able to independently handle even the most complex customer security questions 
  • Be prepared to propose whether our SOC should be internal or leverage an MSSP, and come to the table with an actionable proposal for management.
  • Progress from understanding policies and managing internal controls to expanding the range of coverage to additional SOC principals and the ISO 27001 framework
  • Leverage established internal relationships to achieve buy-in from other teams subject to additional and enhanced internal controls.


About you and what type of skills you’ll need:

  • A calm demeanor that comes from experience handling real world security incidents, you don’t turn the dial to ten at the first sign of an alert and can act in a leading role when leading an investigation, triage, and response.
  • A patient, humble mindset that explains in a risk based manner why security is important. Yes, you’re a security expert but you understand not everyone else is, and that’s ok.
  • Administrative level experience with Intrusion Detection Systems (IDS) and Security Event Information Systems (SEIM)
  • A high level of comfort with AWS-based environments including management tools such as Trusted Advisor
  • Strong networking experience including firewall configurations
  • Familiarity with multiple layers of Corporate security such as
    • Email and File sharing
    • SSO
    • Email filtering and encryption
    • Endpoint configuration
    • Endpoint security
  • Excellent customer facing skills to support sales engineers and account executives when responding to security questionnaires and meetings.
  • Have successfully completed at least one SOC-2 or ISO 27001 audit in the past and understand how to document evidence and communicate appropriately with auditors


Drift is committed to being an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Drift is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process.


Read Full Job Description

Location

Right in the heart of Back Bay 🙏

An Insider's view of Drift

What are some social events your company does?

We've been to Nashville, Austin, and Killington for our yearly company retreat! Where to next?!

Drift

Team

How do you collaborate with other teams in the company?

I feel really lucky because I get to work with the Sales, Customer Success, Product, and Ops team on a regular basis. We say "One team, one dream" un-ironically and are always willing to hop into anything that benefits the customer.

Sara

Conversational Marketing Specialist

What makes someone successful on your team?

Our leadership principles are the core of who we are and how we operate every day. Bringing these in to your actions, decisions, and how you deliver results is the surest way to be successful here. Walk the talk. Focus on the customer. Deliver results every single day.

Kari

Director of Learning and Development

What is your vision for the company?

Today, all of our lives run in real-time. As a result, our expectations for how we communicate with businesses have changed: we expect answers in real-time too. Customers have all of the power today, and that’s why we put a premium on how we’re treated. Businesses need to adapt to this shift in order to thrive today, and that’s what we focus on.

David

CEO, Co-Founder

What’s the vibe like in the office?

High-energy! From sales, to marketing, to customer success and beyond everyone rallies around one common goal which is putting the customer first. End of month is always exciting for this reason.

Amanda

Customer Success Manager

What are Drift Perks + Benefits

Retirement & Stock Options Benefits
401(K)
401(K) Matching
Vacation & Time Off Benefits
Sabbatical
After working at Drift for three years, all Drift employees are eligible for a month-long sabbatical.
Paid Holidays
Perks & Discounts
Beer on Tap
Casual Dress
Company Outings
Free Daily Meals
Stocked Kitchen
Happy Hours
More Jobs at Drift32 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Product
Sales
Marketing
new
Boston
Sales
new
Boston
Marketing
new
Boston
Data + Analytics
new
Boston
Design + UX
new
Boston
Developer
new
Boston
Operations
new
Boston
Developer
new
Boston
Operations
new
Boston
Product
new
Boston
Sales
new
Boston
Marketing
new
Boston
Operations
new
Boston
Marketing
new
Boston
Developer
new
Boston
Data + Analytics
new
Boston
Sales
new
Boston
Sales
new
Boston
Sales
new
Boston
Data + Analytics
new
Boston