About the role:
At Panorama, everyone is a leader in securing student data as part of our values of inclusivity and student impact. As a Security Engineer on Panorama’s Platform Security Team, you will contribute insights to assess our risk posture, and lead defense-in-depth mitigations towards the top risks identified by the process. You will also work on fascinating and challenging projects, creating systems that empower tech teams to secure data more efficiently, like guardrails to reduce risks in generative AI capabilities, or bolstering, verifying and testing security controls on modern applications and cloud infrastructure to protect student data.
Responsibilities:
- Deploy effective systemic security controls in AWS and web applications, ranging from code and access management down to the network and asset configuration
- Investigate and plan major projects on the platform security team – be the one that enables successful on-time delivery by seeing around corners and mapping out the important factors for key technical decisions
- Foster operational excellence through least privilege access, incident response drills, process improvement, and robust solutions for monitoring, auditing and alerting
- Keep confidentiality and “security by default” across Panorama’s platform, never putting developer ease or convenience over making a difference to the millions of students we serve
- Partner with engineers, Tech Leads, and our amazing InfoSec and IT teams, to build a stronger collective understanding for how to progress, sharing your deep knowledge of security, technology, and best practices
- Manifest Panorama values, policies and procedures as well as industry best practices and technical acumen to help solve our trickiest problems and reach our goals consistently
- Design, write, test, review, debug, deploy, and adapt when occasionally frustrated by code or systems (with supports to grow your infrastructure and security skills with training, including hands-on)
- Actively seek out and integrate the feedback from your teammates who have a diverse set of backgrounds and experiences so you can support inclusiveness, increase awareness, and build a better product
Our Ideal Candidate Has:
- An inquisitive, proactive and collaborative mindset with strong attention to detail
- A track record of working on a cross-functional team of engineers and non-engineers on high-impact projects - from the definition of technical scope to implementation details to safe releases and operations
- Outstanding problem-solving abilities, with examples of overcoming challenges from real world applications of security or risk management frameworks
- 5 years experience in software organizations, including 3 years specifically solving software security or cloud security challenges (security engineering, application security, identity & access management or similar)
- Experience meeting compliance requirements (e.g. SOC2, ISO27001, FedRAMP or PCI)
- A knack for automation, with success stories of managing vulnerabilities effectively and hardening cloud security posture or applications (using tools like CSPM, SAST, DAST)
- Active involvement in the information security community or a security certification (eg. Security+ or AWS Certified in Security) with examples of positive impact
Salary: The base salary range for this role is $137,000 - $182,700 annually