Senior Security Engineer
Oleria is an enterprise cybersecurity startup that raised $8M in seed funding led by Salesforce Ventures with participation from Tapestry VC and industry luminary angel investors. We recognize that identity based attacks on software as a service (SaaS) applications are becoming increasingly common, highlighting the importance of addressing access risks to prevent data breaches. Traditional access management methods are human-intensive and often have significant unidentified gaps, making it challenging to manage access risks effectively. At Oleria, we are on a mission to revolutionize access control tooling for enterprise SaaS applications, aiming to reduce the opportunity and scope of data breaches drastically.
Oleria was founded by notable industry senior leaders Jim Alkove and Jagadeesh Kunda, with deep security, data, and SaaS experience building and securing some of the world’s largest platforms and products used by billions of people worldwide every day. Our customers are Fortune 500 corporations and public sector organizations, making your contributions vital to improving data security for millions worldwide.
As a Senior Security Engineer, you will be responsible for safeguarding our organization's IT and cloud systems and data against cyber threats, unauthorized access, and security breaches. Your role is critical in developing, implementing, and maintaining security measures and policies to protect our technology infrastructure.
Many fundamental choices have not yet been made, so this greenfield background is an unusual opportunity to have broad ownership and ability to define requirements and goals for across product delivery, tools, and process.
Above all, you have a bias for action. You love getting product out the door and learning from tight feedback loops, and love the satisfaction you'll receive from knowing that your contributions are directly improving the security of data for millions of people in the world.
- Design and implement security solutions that align with business requirements and industry best practices, covering areas such as network security, application security, and data protection.
- Develop and maintain the organization's information security strategy, including long-term security goals, policies, and roadmaps.
- Develop and enforce information security policies, procedures, and standards to maintain data confidentiality, integrity, and availability.
- Conduct security assessments and risk analysis to identify vulnerabilities, threats, and potential risks to the organization.
- Provide guidance, mentorship, and technical leadership to infrastructure and support teams. Lead efforts to achieve and maintain compliance with SOC 2, ISO, FedRAMP and other relevant security and privacy standards.
- Ensure security and compliance for our cloud-based infrastructure and services
- Raise security awareness among employees, contractors, and stakeholders, and provide training on security best practices.
- Define and manage access control mechanisms to restrict unauthorized access and enforce authentication and authorization.
- Collaborate with external auditors to facilitate security audits and assessments for compliance validation.
- Develop and execute incident response plans that adhere to the requirements of these standards.
- Configure and maintain security monitoring tools and systems to ensure that security incidents are detected and responded to promptly.
- Bachelors, Masters, or PhD in computer science or related, or equivalent experience
- 10+ years of experience in information security, including experience in security architecture.
- Relevant certifications, such as CISSP, CISM, or CCSP, are often preferred.
- Strong knowledge of security best practices, including firewalls, intrusion detection, and encryption.
- Excellent problem-solving and troubleshooting skills.
- Leadership abilities and the capacity to guide and mentor team members.
- Excellent communication and teamwork skills.
- Proven experience working effectively in a fast-paced and dynamic environment.
- Experience in cybersecurity or SaaS industry, especially with Access, Identity and Governance would be a plus
- Proven experience in IT security, including experience with compliance standards such as FedRAMP, SOC 2, and ISO.
- Strong knowledge of cybersecurity tools and technologies.
What we offer:
- Competitive salary, equity, and benefits package.
- Opportunities for professional growth and advancement in a fast-growing company.
- The chance to work directly with our co-founders and contribute meaningfully to shaping the company’s direction.
- A collaborative and dynamic work environment with a dedicated team of professionals.
The annual compensation range being offered for this role depending on individual candidate level and experience is $160,000 to $250,000 including base salary and equity.