• At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess most of the following and an interest in learning more about the rest:
• Have 5-7 years of relevant experience and a Bachelor's degree in Computer Science or equivalent
• Strong grasp at all layers of the information security stack including hands-on security engineering
• Extensive experience performing threat modeling, secure code reviews and designing security controls to mitigate vulnerabilities and deficiencies for new and existing cloud-based products
• Working knowledge of how to design security controls for multi-tenant general compute services, reverse proxies, microservices architectures, containerization and modern API protocols
• Strong understanding of certificate authorities, digital certificates and public key infrastructure and how they operate in a client - server environment
• Proficiency working with static and dynamic application security testing and integration strategies in a CI/CD pipeline
• Experience implementing reverse proxy and caching security concepts. Bonus points for experience working with content delivery networks (CDN) or extensive experience with network protocol analysis
• Working knowledge of authorization, authentication and encryption strategies
• Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation
• Strong team collaborator that actively seeks to build and maintain productive working relationships in order to establish trust and influence outcomes
• Working knowledge of the MITRE ATT&CK, NIST CSF, CIS Critical Control, and OWASP Top 10 frameworks
• Demonstrated ability to weigh business needs with security priorities and make sound risk-based judgment calls
• High emotional intelligence. Fastly teams care about one another, collaborate regularly and are part of a people first organization
• Work Hours: This position will require you to be available during core business hours

Desirable

• In this role, you will enhance the security of Fastly’s network and infrastructure services products by working closely with engineering and product teams to integrate security into the design and development of Fastly systems
• Perform security-focused architecture and design reviews of services, platform and infrastructure resources as part of Fastly’s security review process and coordinate with engineering teams to develop and integrate secure-by-design principles into engineering builds
• Partner with product and engineering teams to identify security threats to Fastly’s infrastructure as part of the threat modeling process and define tactical and strategic mitigation plans to assist with remediation
• Perform secure code and configuration reviews on services and infrastructure resources and provide recommendations that strengthen Fastly’s security posture
• Influence product design paradigms to incorporate security best practices and drive requirements for security into the release cycle
• Maintain a clear view of the overall product development roadmap and associated product lifecycle to ensure security is appropriately incorporated throughout
• Become a domain expert in the content delivery network (CDN) and infrastructure product verticals and represent that knowledge with prospects, customers, and auditors
• Research and understand new threats and attack vectors that impact Fastly and work with system owners to design appropriate prevention, detection and remediation initiatives
• Involvement in Fasty’s Secure SDLC, focusing on both collaborative hands-on design work and training initiatives across the company
• Influence Fastly’s security strategy by leveraging the collective strength of the security team and articulating the capabilities needed to effectively manage cyber threats