Job Details

Security Engineer, Infrastructure

Postmates Corporate
San Francisco, California, United States
Postmates runs one of the largest real-time delivery fleets in the country. Building a software platform that is reliable, scales, and stays agile under demanding product needs is a serious technical challenge. Postmates isn't just another ad platform or mobile app for delivering static user-generated content: We have real customers paying real money for a real service, all in minutes.As a Security Engineer - Infrastructure, you will be responsible for securing the Postmates platform and infrastructure. We're looking for an engineer who is well versed in current cryptographic techniques, authentication, and other aspects of network/cloud infrastructure security. Security Engineering Work with various engineering teams and technical stakeholders to perform security reviews, define security requirements and provide recommendations for the enhancement of Postmates web and mobile services (Platform) as well as third party vendor services. Help harden our infrastructure to avoid exploits and privilege escalation. Design and deploy infrastructure for authentication/encryption key management, protocol config and library management, secure networking, logging, threat detection, etc. Instrument systems and the network infrastructure to understand network flow / traffic flow, and detect intrusions. Build reusable, testable, scalable, efficient, and economic security automation tooling. Identify architectural deficiencies and develop/implement vulnerability mitigation strategies to address them. Enhance, implement and maintain vulnerability management tooling and programs. Identify use cases that can be built with existing tooling (SIEM, IDS, FIM etc.) to enhance both security automation and risk posture. Assist in conducting routine network and application penetration testing using familiar tooling such as (Nmap, Nessus, Burp suite, etc.) Familiarity with common compliance standards, such as CIS Benchmarks, PCI-DSS 3.2, NIST 800-53 and SOC 2. Experience in using REST and gRPC APIs to integrate security technologies, CI/CD and Git/Github (GitOps) DevSecOps workflows. Cloud security experience: Google Cloud Platform (GCP) / Amazon Web Services (AWS) Configuration & Analysis (VPC, IAM, NACLs, Security Groups, Cloud Audit Logs, etc.) Containerization & Secure Configuration Management: Hands-on experience working with Docker and Kubernetes and securing K8s deployments according to "hard multi-tenancy" guidelines and methods. Development of secure configuration baselines using tools such as Terraform, Saltstack, Ansible, CloudFormation etc. Experience developing Linux Hardening standards: (e.g., Debian, Ubuntu) following community consensus practices such as CIS/Center For Internet Security. Incident Response: Provide support for security incident response function and rotation as needed. Coding Languages: Python, Go, Javascript, etc. Required Experience/Qualifications: 5+ years' experience working with cloud infrastructure, IAM, network and security policies. 5+ years' experience in security code review (Python and related web frameworks, Go, JavaScript etc.) 5+ years in automating security testing and developing security tooling. Knowledge of cloud security concepts and architecture (GCP, AWS) Knowledge of current cryptographic algorithms, cipher suites, threats and mitigations. Bachelor's degree (or equivalent experience) required. An ability to work independently on complex projects. Preferred Experience/Qualifications: Familiarity working within a team scrum / kanban workflow to manage time and improve work efficiency. CISSP, CCSP, CPT, CEH certified. A bit about us Postmates is changing delivery for good. While you may know us as the clever brand loved by celebrities and millennials, we are so much more. We are industry-first leaders in the modern logistics space, creating groundbreaking tech products that positively impact millions of customers, merchants and gig-economy workers as well as the underserved in the communities where we work. How will you help us change delivery for good? Benefits Postmates has your back. In our impact-first work environment, we value huge company vision. As you strive to build the future with us, we'll support you with a competitive rates and equity plan, along with access to our 401k plan and robust benefits including: health benefits, flexible paid time off, parental benefits, and food perks. Postmates is proud to be an equal employment opportunity and affirmative action employer. Qualified applicants at Postmates are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events