How you will make an impact:

Customers trust Iterable with sensitive information, expecting us to safeguard their data. Iterable's Security team leads a cross-functional effort across the company to ensure that all systems remain secure in support of Iterable's core values, and to provide assurance to our customers that we will be good stewards of their valued data. The Security team actively leads the effort to improve Iterable's security posture in concert with other groups as they develop or launch new features and services. As Engineers, we believe in security through automation, assessments, technical reviews and vulnerability evaluation. Our footprint spans across the entire company at all levels, throughout the complete development lifecycle. You'll report directly to the Senior Manager of Product Security.

We aim to create a compelling, well-documented, and holistically managed security program. We are looking for individuals to join our vibrant Security Engineering team to move the current state of security to the next level. We strive to improve our cloud security capabilities, and support our peers in building an amazing product through creating an environment which fosters security by design. To summarize, we want you to share and be a part of our grand plan!

One of our core values is “Growth Mindset,” and Iterable is a company where everyone can grow. If this is a role that excites you, please apply as we value applicants for the skills they bring beyond a job description.

In this role you'll get to:

• Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices, document and ensure security issues are appropriately remediated
• Leverage subject matter expertise of systems and infrastructure to propose solutions and drive architectural improvements which address classes of security vulnerabilities
• Develop and implement cloud and infrastructure security architecture and contribute to overall strategy and roadmap plans
• Participate in the selection, design, development, implementation, and management of automated security testing tools, such as cloud security posture management and image vulnerability scanners
• Implement solutions that integrate into CI pipelines to shift security as far left as possible and raise concerns early to engineering teams.
• Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure deployments via Terraform, AWS CloudFormation, or similar, are secure and compliant with standards and guidelines
• Coordinate and participate in penetration tests of our cloud services

We are looking for people who have:

• 5+ years hands-on-keyboard in Cloud Security, SRE, DevOps, DevSecOps, or Infra Engineering.
• Strong working knowledge of Kubernetes and ecosystem tools such as helm
• Production experience with AWS services, particularly AWS Organizations, AWS Identity (SSO), Identity and Access Management (IAM), Service Control Policies (SCPs), Virtual Private Clouds, Elastic Load Balancers, AWS CloudTrail, and Security Groups.
• Proficiency with Terraform.
• Experience developing custom actions or workflows in Github or Gitlab.
• Solid understanding of cloud security vulnerabilities defense techniques and security best practices, including AWS security practices and present-day threats
• Proficiency in a high level programming language, such as Python, Ruby, Java, or Go
• Familiarity with policy management tools such as OPA or Kyverno

Bonus points:

• GCP experience
• Scala or JVM ecosystem experience
• Familiarity with common observability tools such as Datadog, Prometheus/Grafana
• Experience with AWS EKS
• Experience with Panther SIEM

Perks & Benefits:

• Paid parental leave
• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Days (additional paid holidays)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Monthly Employee Wellness allowance
• Monthly Professional Development allowance
• Pre-tax commuter benefits
• Complete laptop workstation

The US base salary range for this position at the start of employment is $138,500 - 213,000. Within this range, individual pay is determined by specific US work location, as well as additional factors, including job-related skills, experience, relevant education or training, and internal equity considerations.

Please note that the range listed above reflects only base salary. The total compensation package includes variable pay (where applicable), equity, plus a range of benefits, including medical, dental, vision, and financial. In addition, we offer perks such as generous stipends for health & fitness and learning & development, among others.