Principal Security Architect
Extend (View all Jobs)
1. Phone call 2. A take home project similar to making a PR at work 3. Then a meet & greet with the team.
Programming Languages Mentioned
Extend is modernizing the $100 billion-per-year extended warranty and protection plan industry using cutting-edge technology, and top-notch customer service. After a $260M Series C financing round, we are ready to continue to scale our organization and grow beyond our $1.6B valuation.
Our API-first solution allows any merchant to offer extended warranties and protection plans, both online and offline, while also providing a merchant's end customers with a vastly improved and modern support experience that eliminates many of the issues customers face today with legacy underwriters.
We are a venture-backed startup based in downtown San Francisco that is led by founders who have previously had multiple successful exits. Extend is simplifying the technology stack for the extended warranty industry.
What you’ll do:
- Provide architectural guidance, identify and communicate security requirements, and coordinate with teams to ensure proper implementation for projects.
- Work to provide solutions to both security and business problems.
- Facilitate communications between internal customers and security teams.
- Provide guidance on building and/or maturing authorization/authentication/IAM strategies and applications.
- Clearly communicate the value proposition of complex and highly technical subjects.
- Lead technical meetings and working groups to address issues related to security threats and relevant regulatory / compliance requirements.
- Advocate for security improvements across the client environment.
- Mentor Junior Staff.
What we are looking for:
- 10+ years experience in a security architect or engineering role.
- Demonstrable experience as a technical lead.
- Experience in AWS/Cloud First technologies including applications, infrastructure and platform-as-a-service (SaaS, IaaS, PaaS), serverless/microservices, as well as public, private and hybrid environments.
- Strong understanding of Zero Trust and Least Privileged security concepts.
- Experienced understanding of IAM/Authorization/Authentication (OAuth2/SAML2) principles and best practices.
- Experience with Infrastructure-as-Code principles and implementation.
- Solid understanding of the SDLC and how security fits in.
- Need to understand writing in JS and/or Python in a secure manner.
- Excellent communication and analytical skills.
Nice to Have’s:
- CI/CD experience
- Knowledge of AWS CDK
- Experience with TypeScript
- Solid understanding of secure network and system design in both cloud (AWS) and conventional environments
Life at Extend:
- Working with a great team from diverse backgrounds in a collaborative and supportive environment.
- Competitive salary based on experience, with full medical and dental & vision benefits.
- Stock in an early-stage startup growing quickly.
- Unlimited vacation policy.
- 401(k) with Financial Guidance from Morgan Stanley.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄