Principal Software Engineer - Security

  • Kensho
  • Cambridge, MA, USA
  • Jul 19, 2018
Full time Developer Security

Job Description

As a Principal Security Engineer at Kensho, you are a thoughtful, collaborative, and dynamic technologist who loves ensuring security across a number of systems and web applications. You think deeply about the implications, relationships, edge cases, and failure modes, and you are passionate about correctness, security, and writing the next thing, so you aren't spending time maintaining older projects.
Are you a prolific, intellectually curious technologist who appreciates code, math, and security? We are on a mission to clarify complex data through scientific, statistical, analytical, computational, and inspired study. By transforming the data, we are able to bring transparency to some of the most important issues on the planet. You will be joining a team of veterans from Google, Twitter, and Facebook, as well as academia.

What You'll Do:

    • Evaluate and strengthen Kensho’s security systems and processes across all products and teams by building a scalable process to ensure the security feedback loop is strong
    • Write, monitor, and triage security tests and test infrastructure
    • Directly interface with customer infosec teams, lawyers, external security researchers as well as internal partners to ensure that Kensho maintains a best-in-class security envelope
    • Cultivate full team participation in high quality, thoughtful, secure software

What We Look For:

    • Deep experience securing modern web applications and distributed data infrastructure in a cross-team setting
    • Willingness to find and fix vulnerabilities in both our own software and 3rd party dependencies
    • Experience with penetration testing and industry-standard cryptography
    • Expertise in automated and scalable testing, automation, and continuous integration frameworks
    • Desire to build a strong, operationally-minded engineering culture through effective and thoughtful coding, documentation, and collaborative approach as a code reviewer and teammate

How to Really Get Our Attention:

    • Security engineer experience at a top 10 software company
    • Participation and awards at security capture-the-flag competitions
    • Open source project contributions showing innovation and initiative
    • Hedge fund or major financial institution trading experience
    • Relevant research, publications, and patents

Technologies We Like:

    • Python, Linux, Docker, Kubernetes, Calico, Git, Jenkins, Sentry, Cypress


    • Medical, Dental, and Vision insurance with 100% premium covered
    • Unlimited vacation days
    • Paid Parental Leave
    • 401(k) plan with employer match
    • Free snacks and drinks
    • Dog-friendly office
    • Cardio machines and weights in the office
    • Hubway (bike sharing program) membership