Responsibilities
- Lead conversations around security, identify organizational needs, and be a point of escalation for security matters across multiple product and engineering teams
- Define security strategies for new infrastructure and product initiatives
- Empower secure-by-default development by product teams
- Perform structured security audits and drive remediation of risks
- Monitor Substack’s vulnerability reporting program
- Assist with code reviews to proactively identify potential vulnerabilities
- Collaborate with IT team on security operations and internal security
Requirements
- 4+ years of relevant experience with security engineering or security architecture
- Domain knowledge across cybersecurity disciplines, with a focus on application and cloud security
- Independent and autonomous. We’re too small to micromanage, and expect that every person at the company owns their work and can be a leader.
- Hold yourself and others to a high standard when working on production systems.
- Enjoy collaboration with a diverse group of stakeholders while bringing your own unique experience and background to the team.
- Based in the US or willing to relocate