Director, Engineering – Platform Security

Aera Technology

Washington, DC, US
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 06/15/2021
  • Website: aeratechnology.com
  • Company Address: 707 California Avenue, Mountain View, CA, 94041

About Aera Technology

Aera Technology delivers the Cognitive Operating System™ that enables the Self-Driving Enterprise™. Aera understands how businesses work; makes real-time recommendations; predicts outcomes; and acts autonomously. Using proprietary data crawling, industry models, machine learning and artificial intelligence, Aera is revolutionizing how people relate to data and how organizations function.

Job Description

Do you want to shape the future of enterprise software? 
 
At Aera, we deliver the cognitive technology that enables the Self-Driving Enterprise™: a Cognitive Operating System™ that connects you with your business and autonomously orchestrates your operations. Aera's Cognitive OS leverages the best of artificial intelligence, machine learning, natural language processing, big data, and enterprise domain expertise to deliver Cognitive Automation at scale for some of the world's largest companies.
 
In this role, your work will influence the success of companies across the world. Members of our Technology team are experts in the field, working to evaluate and improve today’s systems while building tomorrow’s. The Director of Platform Security Engineering is a highly technical hands-on role which requires you to be a great team manager as well as an individual contributor.
 
As an Engineering Director in platform security, you will be responsible for managing a team of highly skilled engineers to design and build systems for securing mission critical aspects of the Aera platform and infrastructure. You will work closely with engineering leaders, product management, and other key stakeholders (including executives) to design and build large scale systems for managing production access, our customer facing and internal secret infrastructure, PKI to name a few.
 
Open to remote candidates. Must be located in the US.

Responsibilities

    • Review internally developed code for advanced security issues as part of an Agile Development process and educated Product Development teams on secure coding best practices
    • Influence across the company regarding architectural approaches that meet business requirements while managing security risk and maintaining compliance
    • Lead cross-functional teams to architect, design and deploy cloud services and application architectures
    • Mentor and collaborate with development teams to adopt secure coding practices
    • Collaborate with engineering and technical leadership to establish standards, baselines, policies, controls and architecture designs to align with industry frameworks and overall business strategy
    • Work alongside software development teams, product engineers, and operational teams to ensure Enphase products have appropriate security controls and security processes are in place and operating effectively
    • Research and evaluate new Product Security technologies for internal consumption
    • Assist with product penetration testing and interact with penetration testers and other external vendors to validate security controls
    • Develop and maintain internal libraries that provide standard implementations of critical security controls
    • Create, measure and refine metrics used to measure program success
    • Be a thought leader and subject matter expert on the security architecture in Azure and AWS

About You

    • 8+ years of overall product security experience requiredIn-depth knowledge of common web application vulnerabilities (OWASP Top Ten) is required
    • At least 5 years of production level experience in one of: Java, Scala, C++, or similar languageAt least 5 years of experience in the security domain, particularly experience with secret management, security monitoring, PKI and/or production access control
    • Experience with cloud technologies, e.g. AWS, Azure, GCP, Docker, Kubernetes
    • Demonstrated and hands-on experience in the following areas: Source code auditing, threat modeling, product assessments, vulnerability research, and reverse engineering
    • Strong experience in conducting static analysis (SAST), dynamic analysis (DAST),security technical implementation guide (STIG) and fuzz testing (FUZZY) and vulnerability scans
At Aera, we're on a mission to solve the biggest, most intractable challenges in the world of enterprise software. We envision the rise of the Self-Driving Enterprise: a more autonomously functioning business with a central operating system that connects and orchestrates business operations. Our Cognitive Operating System is increasingly used by the world's largest companies to fundamentally transform their organizations and how work is done.
 
If you share our passion for building the next generation of enterprise software, and deploying it for the most sophisticated customers in the world, you’ve met your match. Headquartered in Mountain View, California, we're growing fast, with teams in Mountain View and San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune and Bangalore (India), Sydney (Australia) and Singapore.  So join us, and let’s build the future of work together!
 
CALIFORNIA ONLY
Aera Technology is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, Aera Technology will consider for employment qualified applicants with arrest and conviction records.
 
Aera Technology respects the privacy of your data.  Please take the time to read our Candidate Privacy Notice, available here.

Related Jobs

Client Partner

Aera Technology - San Francisco, CA, US

Client Partner

Aera Technology - Philadelphia, PA, US

Client Partner

Aera Technology - Paris, FR

Client Partner

Aera Technology - Munich, DE

Client Partner

Aera Technology - Lausanne, CH
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.