Senior Security Engineer

 

About the Team

Evernote is looking for a senior security engineer to join our growing security team. 

Are you passionate about solving security infrastructure problems at scale? Our customers trust us with billions of their notes, projects, and ideas and we are here to protect them. You will work with teams across multiple disciplines to provide practical security advice that improves our posture in network security, identity and access management, data security, and security risk.
Do you enjoy working with modern technologies like Spanner, Kubernetes, and cloud-native services? We're growing and investing in these areas, so there's no shortage of new and interesting things to learn about and secure. You’ll be joining a team of senior security professionals who are focused on providing practical security guidance to a rapidly growing technology stack. If you like to question traditional security dogma and apply a rational perspective to adapt it to modern technology, you are going to enjoy this role.

Job Responsibilities

  • Provide security guidance on new technology implementations
  • Perform risk-based security reviews on existing infrastructure
  • Recommend and implement security controls for infrastructure
  • Assess the security posture of our third-party partners and service providers
  • Assist with driving remediation of risks and exposures you identify
  • Participate in the Security On-Call rotation.


Required Skills

  • Have at least five years of experience in a security-related field
  • Experience auditing deployment systems, cloud infrastructure, and orchestration systems
  • Experience configuring network protocols and controls
  • Deep understanding of identity and access management
  • Working knowledge of Linux and ability to navigate the command line
  • Strong grasp of system design and commonly employed technologies
  • Practical threat-modeling experience
  • Interest in multi-functional partnership within the company
  • Success leading highly complex technology projects
  • Excellent verbal and written communication skills


Preferred Skills

  • Experience working with Cloud Services (AWS,  GCP)
  • Proficiency in a Scripting Language (Python, Bash)
  • Experience working with containers and container orchestration (Kubernetes)
  • Industry intermediate-level certification(s) preferred (Examples: CCSP, CISA/CISM, CISSP)
  • Knowledge of Cloud Security Controls and Concepts
  • Knowledge of OWASP, MITRE ATT&CK, and CIS Critical Security Controls

 

We are committed to an inclusive and diverse Evernote. We believe that different perspectives lead to better ideas, and better ideas allow us to better understand the needs and interests of our diverse, global Evernote Community. We welcome people of different backgrounds, experiences, abilities and perspectives and are an equal opportunity employer.

 

California privacy notice: Read our privacy policy for job applicants at https://evernote.com/privacy/policy

 

Apply for Senior Security Engineer

About Evernote

Evernote is a place for individuals and teams to assemble, nurture, and share ideas in any form.

We’ve assembled an incredibly talented, diverse, and spirited team to build products that impact the lives of millions of people around the world. Our employees enjoy access to the best tools available, an open and collaborative work environment, and end each day knowing that they’ve made a tangible impact.

The Evernote app is available across platforms on desktop, mobile, or on the web, meaning your ideas are always with you, always accessible, and always in sync. We believe that no idea is too big to lead or too small to matter, and continually develop a service and reputation based on innovation and trust.