Senior Software Engineer, Security
Extend (View all Jobs)
Remote, US
Interview Process
1. Phone call 2. A take home project similar to making a PR at work 3. Then a meet & greet with the team.
Salary
$129,000 - $193,000
Programming Languages Mentioned
JavaScript
About Extend:
Extend is modernizing the $100 billion-per-year extended warranty and protection plan industry using cutting-edge technology, and top-notch customer service. After a $260M Series C financing round, we are ready to continue to scale our organization and grow beyond our $1.6B valuation.
Our API-first solution allows any merchant to offer extended warranties and protection plans, both online and offline, while also providing a merchant's end customers with a vastly improved and modern support experience that eliminates many of the issues customers face today with legacy underwriters. More recently, Extend also launched a solution around shipping protection, covering consumers in the case of lost, damaged or stolen packages. This is further expanding our addressable market and value creation for merchants.
We are a venture-backed startup in downtown San Francisco led by founders who have previously had multiple successful exits. Extend simplifies the technology stack for the extended warranty and shipping protection industries.
What You'll Do:
- Lead the development, design, and evolution of platform security serverless microservices for identity, authentication, and authorization, as well as tools and patterns providing data encryption and secrets management.
- You will be the security champion and advocate for platform application security services and best practices throughout the organization. The ability to clearly, concisely, and patiently communicate architectural/implementation risks to engineers, product owners, and leadership will be pivotal in this role.
- Share knowledge and expertise with platform security team members to aid in their growth and understanding, elevating the whole team and improving our efficacy.
- Document system, service, and data interactions and flows for consumption by engineers inside and outside of the platform security team.
- Encourage innovation and foster an environment of continuous improvement.
- Identify risks and aid in implementing process and implementation improvements in the overall platform.
- Provide code reviews for sensitive code bases with a focus on code quality and secure implementation.
What We Are Looking For:
- 5+ years of combined software, security, and cloud infrastructure engineering and/or architecture experience.
- Intimate familiarity with OAuth/OIDC flows, JWT tokens, and overall identity, authentication, and authorization principals.
- Understanding of modern cloud security and secure code operations, concepts, and practices.
- Experience with DevOps and secure SDLC tools, patterns, and methodologies for cloud architectures.
- Experience working with serverless services such as AWS API Gateway, Lambda, and DynamoDB.
- Experience with AWS IAM principals and configuration.
- Experience driving technical and security requirements with cross-functional teams.
- Strong understanding of cryptography, including best practices.
- Extensive knowledge around API development with HTTP, REST and JSON.
- Experience designing and implementing services in a high-security cloud-based environment.
- Able to respectfully provide and receive feedback in all situations.
- Self-motivated, able to take ownership of tasks and see-through completion.
- Must be well organized, able to thrive in a fast-paced startup environment, must have the ability to approach problems with a collaborative, team-player attitude.
- Strong communication skills in several mediums, working with a collaborative cross-functional team of peers and development teams throughout the company.
Nice to Haves:
- Experience with AWS CDK for infrastructure-as-code.
- Experience TypeScript (v4) and the related ecosystem.
- Familiarity with containers and general security principals.
- Familiarity with cloud networking security principles and technologies.
- Experience working closely with security operations teams, including SOCs, incident response, vulnerability management, and GRC.
Estimated Pay Range: $129,000 - $193,000 per year salaried*
Life at Extend:
- Working with a great team from diverse backgrounds in a collaborative and supportive environment.
- Competitive salary based on experience, with full medical and dental & vision benefits.
- Stock in an early-stage startup growing quickly.
- A very generous, flexible PTO plan.
- 401(k) with Financial Guidance from Morgan Stanley.
*The pay range for this position is listed above; however, the base pay offered may vary depending on job-related knowledge, skills, and experience. Incentive compensation may also be included in this role as approved by management, in addition to a full range of medical, financial, and/or other benefits, depending on the position offered. This information is provided per the Colorado Equal Pay Act. Base pay information is based on market data.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄