• Locations
    • San Francisco
    • Barcelona
  • Date Posted
  • Jul. 6, 2021
  • Function
  • IT
  • Sector
  • Future Of Work

About Typeform

One sunny Barcelona morning, two designers sat down to build a beautiful lead gen form for a bathroom company’s showroom. They ended up reimagining the data collection experience, and realized it was one idea they wouldn’t be flushing down the toilet. Today, Typeform is a team of over 300 people from more than 35 countries, with offices in Barcelona, Spain and San Francisco, US.

We’re building a world where brands, businesses, and their communities can have more personal relationships with the people who matter most. To do this, we give people the tools they need to have conversational experiences at scale—because meaningful relationships start with conversations.

From online lead forms and engaging quizzes, to face-to-face encounters in the office, help us build more meaningful relationships, one conversation at a time.

About the role

The Platform Security Engineer will be focused on the discovery, containment, and mitigation of threat vectors related to the Typeform and Videoask platforms. From analysis of threats to intrusion detection, he/she will be part of the platform team to guarantee the integrity and supporting one of Typeform most important values…our user’s privacy. The Security Engineer will work closely with our engineering and product teams to help create features that are secure and scalable as we grow. Here’s what you’ll do:

  • Define security requirements for any system, service, or integration needed by Typeform.
  • Build automated tools and bots for incident response, and vulnerability management.
  • Implement data protection and data loss prevention capabilities across the organization.
  • Ensure platform software is secure, including third party vulnerabilities, licensing, secret management, containers security, etc.
  • Perform security assessments, vulnerability management, security metrics, and strategy definition.
  • Participate in triage meetings with engineers to prioritize vulnerabilities based on risk.
  • Review and respond to customer security questionnaires, information requests, due diligence requests, and customer calls.
  • Train others to promote information privacy and security awareness within the company.
  • Manage the Bug Bounty program.
  • Manage and introduce new security solutions to assess the platforms.
  • Work closely with all feature teams to scale in the appropriate security measures required

You

Here’s what we’re after:

  • 5+ years of relevant experience in software security including areas such as application security testing, pen-testing, and vulnerability analysis.
  • Experience applying fundamental security concepts to systems
  • Experience advocating for technical security solutions across functional domains
  • Evaluate engineering responses to security threats and implement mitigations
  • You have experience in cloud security using AWS or any other cloud provider.
  • You have experience reviewing code in PHP, Javascript, GO (nice to have) and 2-3 years of software development expertise
  • You can multitask and prioritize work in an environment that changes fast.
  • You’re all about the team. Go team. You also leave space for a bit of fun.
  • You can influence key stakeholders. You think about business needs and you’re committed to high-quality, fast, and efficient delivery.

And for some added bonus points:

  • Security certifications such as CISSP, SANS GCIH, GCIA, GCFA, GCFE or anything cloud-related would be a major plus.
  • You’re particularly interested in privacy.
  • You’ve worked on an open source security project and have been to security conferences / meetups.
  • You’ve worked in a startup.
  • Sound good? Hit Apply now and show us what you’ve got.
  • Today, more than 2.5M people from all over the world use Typeform. We celebrate the diversity of our customer base, and we want our employees to reflect those differences. At Typeform, we’re committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We strive to be a more equal opportunity workplace.