About
Job Description
What Is Cool About This Job
WP Engine is the world's leading Wordpress-based Digital Experience Platform with more than 90,000 customers, and as such is a complex, cloud-based, and highly-managed service. Our platform offers extraordinary security and scalability along with a standout level of technical support and operational advice for running high-growth sites. If securing the platform that is powering many of the world's most dynamic sites excites you, read on!
Senior Security Engineers play a critical role in our company and act as domain authorities for both internal and external customers. Do you love diving deep into security issues that range up-and-down the tech stack, and helping both technical and non-technical audiences understand risks? We need team members who are unafraid of new challenges - your creativity, passion, and ability to balance business opportunities with technical risks is what we need! You will be consistently designing, delivering, and optimizing a variety of solutions to mitigate security risks and improve the WP Engine platform to be one of the top Digital Experience Platforms in the world.
The day to day
* Create automatable security "detections" for common attack and/or misuse events
* Perform vulnerability testing, risk analyses, and security assessments
* Plan, implement, and upgrade security measures and controls
* Anticipate reasonably foreseeable threats, and reduce their likelihood
* Respond to incidents, including root cause analysis
* Recommend and install appropriate tools and countermeasures
* Act as a Security Team representative with other internal groups, vendors, and customers, while demonstrating a passion for customer service
Your expertise and passion
* 5+ years experience in a security engineer or related role
* Deep Linux experience
* Cloud / virtualization security experience
* Experience of security platforms such as firewalls, intrusion detection and prevention systems, vulnerability scanners, etc.
* Experience with secure coding practices, ethical hacking, and threat modeling
* Understanding of cryptographic algorithms and protocols
* Understanding of OWASP Top 10
Deep experience in one or more of the following:
* Threat management
* Vulnerability Management
* Monitoring and Detection
* Incident Response
* Threat Hunting
* Penetration Testing (including web applications)
Certifications:
* SANS GIAC, OSCP, CISSP, etc.
The perks & benefits
* Compensation (We offer market competitive salaries)
* Stock Options (Every employee is an owner in the company)
* Health Benefits (100% Paid Employee Medical, Dental, and Vision)
* 401(k) (Make the most of retirement)
* Life and Disability Insurance (100% Paid Life, STD, LTD and AD&D)
* Generous Vacation Time (Who doesn't like time off)
* Transportation (Downtown parking or commuter reimbursement)
* Lunch (Provided Monday - Thursday)
* Gym membership discount
* WP Engine is an Equal Opportunity Employer. As a US employer, WP Engine is required to verify all employees, regardless of citizenship or national origin, are eligible to work in the United States.