Staff Security Engineer

Who We Are

Kentik is the network observability company. Our platform is a must-have for the network front line, whether digital business, corporate IT, or service provider. Network professionals turn to the Kentik Network Observability Cloud to plan, run, and fix any network, relying on our infinite granularity, AI-driven insights, and insanely fast search.

Kentik makes sense of network, cloud, host, and container flow, Internet routing, performance tests, and network metrics. We show network pros what they need to know about their network performance, health, and security to make their business-critical services shine. Networks power the world’s most valuable companies, and those companies trust Kentik. Market leaders like IBM, Box, and Zoom rely on Kentik for network observability. Visit us at kentik.com and follow us at @kentikinc.

What We Do

The Staff Security Engineer is a pivotal role within our growing Security organization, tasked with leading the technical strategy and implementation of our security and privacy efforts.They will play a key role in maintaining the overall security posture of the company.

As part of a small, dynamic team, the Staff Security Engineer will have the opportunity to take on multiple roles, from strategic planning to hands-on implementation.This role demands a blend of technical expertise, strategic planning, and interpersonal skills to manage initiatives that span across teams such as Engineering, Finance, HR and Sales.

This position is an individual contributor role reporting to Kentik’s Chief Security Officer (CSO).

What You'll Do

• Infrastructure & Cloud Security - Drive initiatives to identify, implement and operate processes/technologies to manage risk across product and corporate infrastructure in a hybrid-cloud environment. This includes initiatives such as email security, server & container security and cloud security posture management.
• Threat Management - Lead the security threat detection and response strategy and operations by implementing processes and technologies to mature the same. Establish automated incident detection sensors and response playbooks. Manage technologies such as EDR and SIEM and engage with third party providers of services as needed. Lead the bug-bounty and annual penetration testing activities partnering with both internal and external stakeholders.
• Vulnerability Management - Perform manual and automated vulnerability assessments. Manage automated vulnerability scanning technologies and Analyze/triage vulnerabilities from across these technologies and infrastructure to prioritize appropriate mitigation. Partner with business groups to establish & mature vulnerability detection processes and remediation SLAs.
• SDLC Security - Improve the secure SDLC pipeline by maturing security practices at each stage of the SDLC from security and privacy by design (SbD & PbD) to automated assessments in the Ci/CD pipeline.
• Data Protection - Establish procedural and technical controls to manage the security and privacy of the business data collected and processed within the organization.
• Training & Mentoring - Provide security & privacy training including role specific training for groups across the organization and mentor other junior members in the team.
  
  

What You'll Bring

Studies have shown that some candidates tend to apply to jobs only if they meet 100% of the qualifications. We encourage you to apply if you meet most of the criteria - even if you don’t match all of the qualifications, your skills and experience could be valuable in this role!

• 5+ years of hands-on relevant work experience in implementing Security & Privacy programs
• 2+ years of experience implementing infrastructure security and/or threat management technologies
• Strong experience with technologies such as Linux, Kubernetes/containers and at least one of the public cloud providers (AWS/GCP/Azure)
• Strong experience with EDR, CSPM, SIEM and other vulnerability management technologies
• Experience driving incident response operations and building threat management functions from detection to response to playbook automation, as well as working with managed service providers
• Experience working with cross-functional departments and partners to provide technical security & privacy guidance and recommendations
• Experience with security & privacy compliance and regulatory frameworks such as NIST, SOC2, ISO27001, ISO27701, GDPR & CCPA
  
  

Nice to haves:

• Industry certifications such as CISSP, OSCP, SANS GIAC, and AWS/Azure/GCP Security
• Experience working in a remote environment
• Experience working in a pre-IPO startup environment
  
  

What We Offer

Kentik is a fully remote company that operates globally. We seek professionals that will help us thrive as an organization, and in turn, to broaden and enhance your career. We’re very thorough in the interview process to understand your skills and how they will relate to your successful growth here at Kentik. Our compensation philosophy encompasses a fair program for all in order to attract, engage and retain talented individuals who will drive our business and wow our customers.

The compensation range for this position is: $174,500 - $236,000. This range reflects the low and high end of the U.S. compensation range Kentik reasonably and generally expects to pay the hired candidate in this role. The actual compensation offered may be lower or higher than the stated range depending on various factors, including but not limited to:

• Experience with the skill sets required for success
• Demonstrated competencies and potential
• A geographic market-based approach
  
  

In addition to a great career opportunity, Kentik offers stellar benefits for our employees, which include:

• 100% of premiums are paid by company for health, vision and dental coverage for you and your dependents
• Additionally, an annual Health Reimbursement Account (HRA) of $3,000 for an individual or $4,500 for a family
• Paid family & medical leave
• Open PTO, a quarterly Wellness Day, and a minimum of 10 paid holidays
• 401(k) retirement account
• Home office reimbursement
• Stock options
  
  

Note: Benefits are as listed for all US full-time employees. For compensation, international applicants will be treated equitably in relation to the laws applicable within the countries in which we operate.

Come work with us

The true meaning of Kentik is visibility. We’re committed to making sure everyone feels empowered to use their voice, has a sense of belonging, and is represented at Kentik.

We don’t look for individuals who fit the culture, but those who will continue to add to the culture.

We encourage everyone to apply, especially those individuals who are underrepresented in the industry: people of color, LGBTQI+ community, women, individuals with disabilities (both seen and unseen), veterans, and people of any age or family status.

Come as you are!

You will be working at a fast-growing, well-funded startup alongside industry thought leaders and network aficionados as we build the future of observability and set the high bar for how network operations and digital businesses should run. With a competitive salary and amazing benefits on top of the meaningful and challenging projects you’ll take on, we’re sure you’ll enjoy joining the Kentik team.