Listing Description

Yext is actively seeking a Sr. Engineer for the Cloud Security and CSIRT division reporting into the Cyber Security Office. This role will serve as a technical and business subject matter expert in various key areas relating to Cloud security posture and Cyber Security Incident Response operations across the firm. This role will enable the product, engineering, IT and security teams to make the right security & privacy decisions by performing reviews, assessments and providing guidance around security incident operations and escalation protocols, all the while recommending best practices. This role will also help assist other Cyber Security leaders drive the culture and awareness within Yext around Security practices and other compliance initiatives.

What You'll Do

• Design and implement security practices and baseline standards across the cloud environments such as AWS, GCP and Azure


• Act as the technical subject matter expert to perform threat modeling principles to apply security measures to protect information, network, and systems across all cloud domains.


• Architect, design, and support implementation of technical controls within the cloud and on premise.


• Create and manage technology roadmaps for the security domain and adopt best practices, guidelines, and standards.


• Participate in Incident management and triage of security incidents as necessary.


• Help drive a highly technical roadmap that will define how we keep out infrastructure secure.


• Build automated frameworks for teams using the CI/CD workflows.

What You Have

• In-depth understanding of how security controls can be implemented in AWS, GCP, Azure, Terraform, HashiCorp Nomad


• Previous experience with FedRAMP, ISO27k and SOC2 is a plus


• Hands-on experience responding to security incidents and leading incident response teams


• Practical knowledge of threat landscape, attacker techniques and mitigations


• Demonstrable record of delivering critical security solutions across multiple stakeholder groups, and complex priorities


• 3-5 years of relevant work experience in Security operations, IT Security or Security Engineering teams.


• Experience in security investigations, cloud security analysis, building tabletop scenarios, and ability to guide and mentor junior engineers.


• Self-motivated team player that is energetic, with excellent interpersonal and organizational skills


• Experience presenting to development and architecture teams on security recommendations

In today's dynamic threat environment, software firms are increasingly acknowledged as a highly-targeted industry for cyberattack due to the confidentiality and sensitivity of customer data, as well as the immediacy in which that data is needed to perform their operational duties. Given Yext’s vital role within the software ecosystem, protection of data is paramount in ensuring high-trust relationships with customers, partners and vendors.

#LI-JB1