Lead Product Security Engineer

Santa Clara, CA, United States

Dremio is The Easy and Open Data Lakehouse, providing self-service analytics with data warehouse functionality and data lake flexibility across all of your data. Dremio increases agility with a revolutionary data-as-code approach that adopts Git concepts to enable data experimentation, version control, and governance. In addition, Dremio breaks down data silos by simplifying ingestion into the lakehouse, and also allowing queries directly on databases and data warehouses. All of this is available through a fully managed service that not only eliminates the need to maintain infrastructure and software, but also automatically optimizes the data in the lakehouse to maximize performance for every workload.

Founded in 2015, Dremio is headquartered in Santa Clara, CA. Investors include Cisco Investments, Insight Partners, Lightspeed Venture Partners, Norwest Venture Partners, Redpoint Ventures, and Sapphire Ventures. For more information, visitwww.dremio.com . Connect with Dremio onGitHub ,LinkedIn ,Twitter , andFacebook .

If you, like us, say “bring it on” to exciting challenges that really do change the world, we have endless opportunities where you can make your mark.

About the role As a Product Security Engineer you’ll be responsible for the security of the infrastructure and the code running on the Dremio systems. You will be one of the first Product Security hires and will be reporting to the Head of Security.

What you’ll be doing Review the security impact for major product initiatives

Lead projects to reduce product security risks, contribute to the architecture and design of Dremio products

Provide security guidance to the Engineering and Product teams

Identify, triage and minimize the security vulnerabilities in Dremio Products

Tackle modern CI/CD pipeline security automation challenges

Perform internal penetration tests and pour the foundations for a future red team

What we’re looking for B.S. or M.S in Computer Science or a related technical field or equivalent practical experience

5+ years of cybersecurity experience preferably in the product security/application security field

Experience on evaluating, implementing and supporting security tools and processes

Bonus points if you have Familiarity with cloud deployments, cloud architecture, cloud security, large scale web applications and backend services, multi cloud applications

Familiarity with agile methodology and sprint planning

Curious mindset.

Experience on SDL proces

What we offer Medical, dental and vision insurance

401(k) Plan

Short term / long term disability and life insurance

Pre-IPO stock options

Flexible PTO

16 hours of volunteer time off

12 company paid holidays, including Juneteenth

Remote work options

Paid parental leave

Employee Assistance Program (EAP)

Biannual swag surprise

**Certain benefits are only allowed to full-time Dremio employees and may not be the same across all locations. The base salary range for this position is $175,376 to $250,411 per year. The base salary actually offered to a successful candidate will take into account various relevant and non-discriminatory business factors including, without limitation, the candidate’s geographic location, job-related experience, knowledge, and skills, and education, as well as internal equity considerations. A successful candidate may also be eligible to earn additional compensation including commissions and/or bonuses.

Return to Office Philosophy Workplace Wednesdays - to break down silos, build relationships and improve cross-team communication, Gnarlies who live within a 1-hour commuting distance (one-way) to a Dremio office come to the office. Lunch catering / meal credits provided in the office and local socials align to Workplace Wednesdays. Santa Clara Gnarlies have access to EV charging (pay out of pocket) and can request for on-site free access to gym.

In general, Dremio will remain a hybrid work environment. We will not be implementing a 100% (5 days a week) return to office policy for all roles.

What we value At Dremio, we hold ourselves to high standards when it comes to People, Thinking, and Action. Our Gnarlies (that's what we call our employees) communicate with clarity, drive accountability, and are respectful towards each other. We confront brutal facts and focus on results while operating with a sense of urgency and building a "flywheel". People who like to jump in and drive momentum will thrive in our #GnarlyLife.

Dremio is an equal opportunity employer supporting workforce diversity. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, age, marital status, protected veteran status, disability status, or any other unlawful factor.

Dremio is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request accommodation due to a disability, please inform your recruiter.

Dremio has policies in place to protect the personal information that employees and applicants disclose to us. Please click here to review the privacy notice.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr