Senior Security Engineer

Remote - US

woman on laptop

This role can be performed remotely anywhere within the United States.

The Security Engineering team at Fullstory ensures that engineering teams across the company are enabled to securely design, build, test, and maintain the software & infrastructure that powers our business. We focus on establishing a "paved road" so that engineers can move confidently to deliver secure technologies with minimal friction. The Security Engineering team considers leading with empathy and providing excellent customer service to our stakeholders paramount to success.

Reporting into the Vice President of Security Engineering & GRC, this role will help champion integrating security throughout Fullstory. Whether running a detailed code review, establishing secure-development practices, mentoring engineers, or advising our product team on feature development, Fullstory’s Security Engineering team members are focused on continuous improvement against our maturity model and Secure Development Lifecycle (SDL) to improve the outcomes for our teammates, while building services that our customers can trust.

In a typical day, you might:

  • Support engineers across the SDL as a security subject matter expert, including design reviews, threat modeling, code review, patch creation, and penetration testing

  • Collaborate with product and engineering on architecting resilient, security-first services

  • Perform deep, technical security assessments to ensure services follow secure design principles across our engineering portfolio

  • Develop automation of high-signal security tooling through customizations and plugins

  • Support third-party security consultants to provide external validation of product security

  • Craft and deliver interactive security training courses to support engineer enablement

Here's what we're looking for:

  • Has 3+ years of experience working in software security roles or performing similar types of work (e.g. application security, security engineering, product security, security research)

  • Has direct experience in activities such as threat modeling, penetration testing, creating security requirements, performing source code reviews, or leading security design reviews

  • Knowledgable in identifying vulnerability classes, performing root cause analysis, defining remediation paths in code, technical coordination with engineers, and verifying fixes

  • Able to read and write software in two or more of the following languages: Go, Rust, Objective-C, React Native, or Python

  • Prior experience with common infrastructure technologies (e.g. Terraform, Ansible, Kubernetes) with a preference for candidates that have operated in Google Cloud Platform

The impact you'll have in 6 Months:

  • Contribute high-leverage technical improvements to SAST, SCA, and CSPM workflows to increase the signal our Engineering customers have in understanding their active risk

  • Act as a core participant in our engineering design document review process, ensuring that security considerations are well articulated early in the software development lifecycle

The impact you'll have in 12 Months:

  • Lead a maturity-increasing quarterly team roadmap item end-to-end, including the scoping, discovery, stakeholder buy-in, planning, execution, and documentation of your initiative

  • Collaborate with Staff-level Security Engineers to export our expertise via open source initiatives, blog posts, conference presentations, and other methods of industry outreach

 #LI-Remote #LI-ED1

About Fullstory

Fullstory is on a mission to help technology leaders make better, more informed decisions by injecting behavioral data into their analytics stack. The company’s patented technology unlocks the power of quality behavioral data at scale by transforming every digital visit into actionable data and insights. With Fullstory, enterprises can get closer to their customers’ true sentiment and intentions to predict what they want, create personalized experiences, and drive conversion, loyalty, and revenue. Fullstory is headquartered in Atlanta, USA, with regional teams across North America, EMEA and APAC.

How we support you:

Fullstorians are committed to building something better—from how we approach our product, to how we care for our customers and each other. Better is only possible when we can bring our full selves to work. Along these lines, we offer:

  • Autonomy and flexibility. From a remote-first work environment and flexible paid time off, to an annual company-wide closure – Fullstorians can focus on the moments that matter.

  • Benefits. Take care of the whole you. FullStory offers sponsored benefit packages for US-based Fullstorians, and supplemental coverage options for international Fullstorians.

  • Learning opportunities. We provide professional development opportunities through training programs, career coaching sessions, and an annual learning subsidy.

  • Productivity support. We provide all Fullstorians with a monthly productivity stipend and reimburse remote colleagues for their initial home office set up.

  • Team events. Connect with fellow Fullstorians through Employee Resource Group events, Listening & Alignment weeks, and team off-sites.

  • Paid parental leave. Fullstorians have the flexibility to balance the needs of their growing families without the added stress of figuring out work and finances.

  • Grow your family. We offer a global fertility and family building benefit that encompasses all journeys to growing your family.

  • Bereavement leave. Every family is different; we leave it to you to define who your family is, and support you when you need it most.

  • Miscarriage/Pregnancy loss leave. Whether it is for a Fullstorian or their partner – take the time you need.

Fullstory is proud to be an equal opportunity workplace dedicated to fostering an increasingly diverse community. We want candidates of all human varieties, backgrounds, and lifestyles. There’s no problem that can’t be made better by bringing together people with a broader set of perspectives. If our product, values, and community resonate with you, please apply - we'd love to hear from you!

If you may require reasonable accommodations to participate in our job application or interview process, please contact Requests for accommodations will be treated confidentially.

Apply for this job