Listing Description
About The Role & Team
As a Security Engineer, you will help identify and drive impactful projects to improve the security of Amplitude’s platform, products, and internal systems. The mission of the Amplitude Security team is to help Ampliteers ship the most secure product to our users. We are looking for security generalists with a strong grasp of security and engineering fundamentals. You will partner closely with teams across the company and focus on systemic security improvements and risk reduction. You will also maximize your security skills to support and participate in operational security responsibilities like security reviews and consulting, threat research/bug-bounty triage, incident response, and risk management.
As a Security Engineer, you will:
- Perform technical security assessments, code audits, and design reviews
- Clearly communicate the risk of security issues to developers, including proof-of-concept code as necessary to demonstrate the potential severity
- Partner with Engineering to establish comprehensive visibility into potential risk events across a cloud-native environment
- Create and refine telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events efficiently
- Manage risks by implementing robust security capabilities for repeatable predictable outcomes and maturation, and by coordinating incident response workflows
- Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure
- Participate in team on-call rotation to support our penetration-testing, bug-bounty, and vulnerability-management programs
You'll be a great addition to the team if you have:
- 6+ years of security engineering experience OR equivalent experience in a SWE/DevOps role and an interest in working on security engineering initiatives
- Familiarity with security detection techniques (SAST, DAST, IAST, SCA), threat modeling frameworks (OWASP, MITRE, STRIDE, DREAD), and how they are used together to improve product security through design reviews
- A solid understanding of modern software development principles and design patterns, including the ability to write clean, efficient, and maintainable code (in Java, Typescript, Python, etc.)
- Familiarity with Agile, DevOps, CI/CD, and cloud-based infrastructure like AWS
- Curiosity and a willingness to learn
Amplitude provides equal employment opportunities (EEO). All applicants are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation.
This role is eligible for equity, benefits and other forms of compensation.
Based on Colorado law, the following details are for individuals who will work for Amplitude in Colorado. Colorado range: $172,000 - $258,000 total target cash (inclusive of bonus or commission)
Based on legislation in New York City, the following details are for individuals who will work for Amplitude in New York City. New York City salary range: $191,000 - $286,000 total target cash (inclusive of bonus or commission)
Based on legislation in California, the following details are for individuals who will work for Amplitude in San Francisco Bay Area of California. Salary range: $191,000 - $286,000 total target cash (inclusive of bonus or commission)
Based on legislation in California, the following details are for individuals who will work for Amplitude in California outside of the San Francisco Bay Area. California salary range: $172,000 - $258,000 total target cash (inclusive of bonus or commission)
Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington state. Washington salary range: $172,000 - $258,000 total target cash (inclusive of bonus or commission)
Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington only: unlimited PTO, 10 to 13 holidays annually (will vary), medical dental and vision PPO and CDHP plans. Finally, a company sponsored 401(k) retirement plan.
#LI-Hybrid
#LI-JJ1
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided