Staff Security Engineer

Plume develops and deploys cloud based control planes with scale to manage tens of millions of customer homes through some of the world's largest Internet Service Providers. Our cloud applications include WiFi network management and optimization, device access control, network provisioning, IoT security, and end customer user interaction through mobile apps.

The Opportunity:

Plume is hiring a security engineer to join the security engineering team to help protect and drive the Plume mission. As a highly visible and dynamic organization, we must value and guard against damage to our internal information, our platforms, and our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success.

As a Sr. Security Engineer, you will focus on the technologies that ensure our networks and systems are up to industry and Plume security standards. This role will partner with various application development and stakeholder groups across Plume to ensure that the technologies and systems we build in-house or purchase and deploy in-house are designed and maintained in a secure way that minimizes risk.

What you will do:

• Drive delivery of innovative security and privacy preserving solutions tightly integrated into our software development, data engineering and business intelligence lifecycle.
• Build tools and processes which measure and assist engineering teams to create software with security and privacy by design principles
• Develops security policies, procedures, and guidelines and recommends necessary changes to a given project team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Serving as an advisor to engineering and development teams in security best practices and design.
• Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organisation.
• Cloud deployments require security policy enforcement, centralized configuration management, monitoring, etc.
• Serve as the subject matter expert (SME) for security solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
• Work with security and IT teams to identify threats and problem areas and create stronger and safer software and application deployments across Plume, measuring decreased risk and prevalence of issues.
• Prepare security assessment reports, including third-party background, security assessment scope, and results

Who you are:

• Bachelor's degree in Information Security, Computer Science or related field or equivalent work experience
• 5+ years of professional experience in security engineering with a education in security engineering, cyber security, computer science, engineering, math, or other STEM discipline;
• Experience with software coding in Python, Shell, Go, Javascript, and/or ability to understand code/APIs for SaaS products.
• You know industry best practices for security and privacy by design, such as secure software principles, threat modelling, and pentesting.
• Knowledge of public cloud architectures, such as AWS, cryptography, and cryptographic best practices.
• Strong communication, written, presentation and interpersonal skills
• Proven ability to work unsupervised, exercise leadership, and influence change.
• You operate effectively across teams and disciplines even in highly ambiguous situations with a rack record of getting things done quickly and with quality
• Experience with security framework policies, processes and controls; such as: ISO27001, ISO27701, SOC2, NIST CSF, CIS, is a plus
• Certifications such as CISSP, AWS, CIPP, CIPPT, etc is a plus