Senior Cloud Security Engineer, StockX
$140-160k
Plus equity and discretionary bonuses
Streetwear marketplace
Job no longer available
Streetwear marketplace
1001+ employees
Job no longer available
$140-160k
Plus equity and discretionary bonuses
1001+ employees
Company mission
To provide access to the world's most coveted items in the smartest way possible.
Role
Who you are
- 4-7 years of relevant security experience
- Bachelor's degree preferred but not required
- Cyber security certifications preferred e.g. CISSP, CISM, Security +, AWS Security
- Strong experience with cloud native environments and with multiple cloud services providers
- Experience with scripting across multiple cloud providers and infrastructure APIs to analyze security posture and configurations
- Detailed understanding of cloud and network security
- Experience reading other engineer’s code across a number of languages to identify security issues
- Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc
- Experience with OAuth/SAML techniques and OIDC
- Deep understanding of Identity & Access Management security controls and tooling
- Strong understanding of securing distributed cloud and on-premesis networks using security groups, network ACLs, VPNs, and WAFs among other technologies
- Strong understanding of security monitoring tools for cloud environments such as CSPM, CASB, cloud audit logs such as AWS Cloudtrail, etc
- Strong understanding of application security tools such as Snyk, Sonarcloud, Dependabot or Renovate, GitGuardian, etc
- Technical understanding of how threats like Spam, Phishing, DDoS Attacks, Brute Force Attacks, SQL Injections, XSS are executed and how to protect against them across an organization
What the job involves
- This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team. This team is responsible for leading efforts to enhance the security of the cloud infrastructure and applications all across StockX
- Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance
- They provide ongoing engineering support for security systems in our cloud native environment. This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT
- Partner with the Platform Engineering and IT teams to design, implement, and manage security measures for our AWS & Azure cloud infrastructure
- Collaborate with cross-functional teams to automate and expedite integration of security best practices into the entire development lifecycle, from design to deployment
- Use available tooling to assess risks and vulnerabilities and implement strategies to mitigate and remediate identified security risks
- Automate enforcement security of policies and related controls for AWS cloud services and data protection
- Monitor and respond to security incidents, conduct investigations, and implement incident response procedures as needed with confidentiality and professionalism
- Design and implement identity and access management (IAM) solutions for secure access control
- Partner with other teams to ensure IAM controls are part of a defense in depth strategy
- Ensure the continuing operation and effectiveness of key identity and access management controls
- Stay abreast of the latest cloud security trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks
- Possess knowledge of reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and Docker supported by other engineering teams
- Provide mentorship and guidance to junior members of the security team
- Ability to quickly analyze logs and configurations using; Python, JQ, cURL, etc
- Integrate application security tooling within the existing CI/CD environment to improve application security
Otta's take
Xav Kearney
CTO of Otta
StockX pairs buyers with sellers and verifies products through its live bid-and-ask structure, funding itself by charging a transaction fee on each sale. In return it verifies each item sold on the platform for authenticity and condition, setting it aside from competitors in this space such as TheRealReal.
The company is now hoping to further distinguish itself by working directly with brands to release products through the platform, with a vision to letting its customers set the price for goods in the same way investors do for shares in the stock exchange.
Despite issues including allegations of counterfeiting from Nike and a general slowdown in the resale goods market over 2022, StockX has continued its rapid growth, doubling the number of buyers on its network to 12 million. While a global economic slowdown has caused it to give up on plans for an IPO in the near term, StockX is nonetheless planning to expand its product line and expand internationally in the near future.
Insights
-7% employee growth in 12 months
Company
Funding (last 2 of 5 rounds)
Apr 2021
$60m
SERIES E
Dec 2020
$275m
SERIES E
Total funding: $495m
Company benefits
- We promote the physical and emotional health of our team members and their families. We offer generous health benefits packages to keep our team members happy and healthy
- Rest and recharge when you need it the most: In addition to a full holiday schedule, we offer generous paid time off for our team members
- Be present with your new family member: Through our parental leave benefit, new parents receive paid time off
- Invest in your future. Many of our team members can take part in our pension or 401k programs
- Unlimited paid time off policy
- Work from home opportunities
- Health insurance
Company values
- Committed to What’s Right | We believe in the power of truth, authenticity, and transparency. We do the right thing, and we do it right
- Champion for Our Customer | We’re always listening and always learning so we can deliver the quality experience our customers deserve every single day
- Playing on the Dream Team | Our diverse and epic team is bound together by a deep belief in our vision, a passionate commitment to each other, and a shared joy in the adventure of it all. We play to win and have fun while doing it
- Hungry for What’s Next | We are committed to learning, growing and disrupting. We push ourselves and each other against the status quo, and we are not afraid to make mistakes
- Building a Legacy | We are forever building better - a better product, a better workplace and a better world. We’re going to keep raising the bar, changing the game, and ensuring we leave a mark that is never, ever forgotten
Company HQ
Downtown Detroit, Detroit, MI
Articles
Founders
Greg Schwartz
(COO)Worked at Deutsche Bank before founding Upto, a calendar software startup where he acted as CEO prior to founding StockX
Scott Cutler
(CEO)Worked as Executive Vice President at NYSE Euronext, a technology-enabled global transaction platform, as well as working as President of StubHub and holding senior roles at Ebay
Share this job
View 5 more jobs at StockX