This is Engineering at Lattice

Lattice’s Engineering team continuously works to better our product and our craft. We use a modern, cutting-edge tech stack and love experimenting with new technologies. We strive for maintainable, robust, and performant code. We’re highly collaborative and continuously iterative and work closely with designers and product managers. We prioritize not only great technical architecture but also an amazing product experience.

Lattice is looking for someone interested in taking on complex challenges in a fast-paced, collaborative environment and directly impacting the architecture of our cloud platforms, the maturity of our cloud security posture, and our security monitoring and investigative capabilities. 

Who you are

You have 10+ years of professional experience in cloud infrastructure development with AWS, containerization, and orchestration, as well as a deep understanding of security concepts and principles, including encryption, authentication and authorization, least privileged access, and security monitoring and incident response.

• You have an advanced understanding of software and security architectures
• Deep experience in performance, reliability, monitoring, and incident response
• Proficiency in coding and scripting - including experience with either TypeScript or JavaScript
• Very strong interpersonal skills - must be able to demonstrate an ability to work well with other non-technical members of the team.
• You seek out the root cause of problems when investigating a security concern, or security incident, and champion improvements over time that will prevent future issues.

You are a great communicator and collaborator.

• You take care to architect and implement solutions that your colleagues will be able to comprehend, own, and maintain.
• You are clear and concise in explaining your thought process and in enumerating the tradeoffs made in your recommendations and in your own work.
• You work well with platform engineering, as well as product managers, to come up with optimal solutions.

You enjoy taking an engaged role in the development process.

• You love mentoring and guiding other software and security engineers who are newer to the industry.
• You have experience spearheading planning and delivering the development roadmap for software projects.

You like variety and take pleasure in addressing problems for internal and external customers.

• You enjoy working with a diverse set of stakeholders, tools, and partner to build and enhance foundational features.
• You can identify and mitigate the risks inherent in foundational development work.
• You grasp operational difficulties and devise and create maintainable, scalable solutions to them.

Responsibilities

The mission of the Lattice Security team is to enable the business, reduce organizational risk, and build customer trust by proactively identifying, assessing, and mitigating security and compliance risks in the organization, cloud infrastructure, and product.  

• Provide technical assessments, enhancement opportunities, and process optimizations for the Lattice security monitoring, alerting, and security incident response program
• Provide technical leadership, and guidance in the secure design, implementation, and maintenance of our cloud infrastructure and key platform services.
• Collaborate with cross-functional teams to drive innovation and increase security, confidentiality, data integrity and privacy, and site reliability.
• You will work with other engineers across a modern tech stack. Our current stack includes React, Relay Modern, GraphQL, Node, and PostgreSQL. We rely on AWS to host our infrastructure.
• Your work will directly boost Lattice’s bottom line through EPD enablement, risk reduction, and support in building and bolstering customer trust - resulting in reduced customer churn, increased customer satisfaction, and enhanced customer ARR.

--

The estimated annual cash salary for this role is $181,500 - $281,000. This position is also eligible for incentive stock options, subject to the terms of Lattice’s applicable plans

Benefits: The Company offers the following benefits for this position, subject to applicable eligibility requirements: Medical insurance; Dental insurance; Vision insurance; Life, AD&D, and Disability Insurance; Emergency Weather Support; Wellness Apps; Paid Parental Leave, Paid Time off inclusive of holidays and sick time; Commuter & Parking Accounts; Lunches in the Office, Internet and Phone Stipend; One time WFH Office Set-Up Stipend; 401(k) retirement plan; Financial Planning; Learning & Development Budget; Sabbatical Program; and Invest in Your People Fund

*Note on Pay Transparency:

Lattice provides an estimate of the compensation for roles that may be hired as required by state regulations. Compensation may vary based on (a) location, as Lattice factors in specific location when benchmarking compensation for most roles; (b) individual candidate skills and qualifications; and (c) individual candidate experience.

Additionally, Lattice leverages current market data to determine compensation, so posted compensation figures are subject to change as new market data becomes available. The salary, other compensation, and benefits information is accurate as of the date of this posting. Lattice reserves the right to modify this information at any time, subject to applicable law.

#LI-remote

About the Role:

The Tubi Security team is responsible for securing Tubi and Adrise applications and infrastructure. As a member of the Tubi Security team, the Staff Cloud Security Engineer will be responsible for securing the cloud infrastructure of both applications. Candidates for this should have a passion for reducing security risks in a cloud environment while building great partnerships with key stakeholders and engineers. 

Responsibilities:

• Design, implement, and maintain secure architecture and infrastructure components, including networks, systems, and cloud environments, in accordance with industry best practices and regulatory requirements
• Develop and deploy security controls and monitoring systems to detect and prevent security threats, intrusions, and vulnerabilities
• Conduct and perform security reviews, threat models, and security assessments to identify and remediate security weaknesses
• Build automation and tools for security fixes and policy enforcement
• Participate in incident response, red/blue team exercises, and vulnerability triage 

Qualifications:

• 8+ years of experience in cybersecurity with a focus on cloud and infrastructure security
• Deep understanding of cloud security architecture (AWS preferred) and network security
• Hands-on experience with SIEM, WAF and DDOS prevention tools
• An understanding of security best practices, frameworks and principles such as OWASP Top 10, NIST CSF, SLSA Framework, and zero-trust
• Great understanding of modern cloud technology components and deployment pattern such as containers, Kubernetes, infrastructure as code, etc
• Experience performing threat models and risk assessments
• Familiarity with compliance and privacy regulations such as SOX and GDPR
• Excellent communication and problem solving skills with proven ability to collaborate effectively with technical and non-technical stakeholders

#LI-MQ1 

Meet the Team:

As the Safety and Cybersecurity Team, we contribute to a key area of Torcs products. We ensure that the product is designed considering the state of the art in safety and cybersecurity for road vehicles building on standards like ISO26262, ISO21448 and ISO21434. 

What you will do:

• Provide strong cyber security systems engineering processes and methods to ensure optimum protection of Torc systems from cyber threats, working across teams involved with development and commercialization of software, hardware and infrastructure
• Lead cyber security activities for Torc in compliance with ISO 21434, UNECE WP.29, and Torc cyber security development processes in collaboration with external teams
• Lead the Threat Analysis and Risk Assessment (TARA) in collaboration with the functional safety team and lead the team for TARA updates. Base the TARA on the safety goals found in the ISO 26262 HARA
• Lead the security concept development as well as the security requirements development and requirements review 
• Collaborate with system design and architecture development teams on specification development for our Autonomous Trucking program.  Support the systems team in developing the security architecture for product lines  
• Coach teams in implementing the cyber security requirements and provide guidance and support for the incident response team and support incident response activities as assigned 
• Interface and drive implementation of cybersecurity concept in design phase and cultivate awareness of incident response in the engineering team and grow the cyber security culture 
• Support the development of cyber security requirements for autonomous trucks
•  Based on the performed product cybersecurity activities you prove the compliance with ISO/SAE 21434 withing a security case
• Track cyber security issues and support activities for their closure (vulnerability management) 

What you will need to succeed:

• Bachelor's degree in Systems Engineering, Computer Science, Electrical Engineering, Robotics, or related field
• Experience developing cybersecurity requirements
• Strong understanding of ISO 26262 and 21434 
• Minimum 10 years of experience in an engineering related field
• Complex hardware knowledge and expert software knowledge
• Communication technologies and protocols (Ethernet, CAN)
• Low Level OS and Middleware knowledge
• Automotive cybersecurity experience 

Bonus Points!

• Masters degree preferred
• Experience with Autonomous Vehicles or ADAS

Perks of Being a Full-time Torc’r  

Torc cares about our team members and we strive to provide benefits and resources to support their health, work/life balance, and future. Our culture is collaborative, energetic, and team focused. Torc offers:     

• A competitive compensation package that includes a bonus component and stock options  
• 100% paid medical, dental, and vision premiums for full-time employees    
• 401K plan with a 6% employer match  
• Flexibility in schedule and generous paid vacation (available immediately after start date) 
• Company-wide holiday office closures  
• AD+D and Life Insurance

Meet the team:  

As the Safety and Cybersecurity Team, we contribute to a key area of Torc's products. We ensure that the product is designed considering the state of the art in safety and cybersecurity for road vehicles building on standards like ISO26262, ISO21448 and ISO21434. 

What you will do: 

• Provide strong cyber security systems engineering processes and methods to ensure optimum protection of Torc systems from cyber threats, working across teams involved with development and commercialization of software, hardware and infrastructure. 
• Lead cyber security activities for Torc in compliance with ISO 21434, UNECE WP.29, and Torc cyber security development processes in collaboration with external teams 
• Lead the Threat Analysis and Risk Assessment (TARA) in collaboration with the functional safety team and lead the team for TARA updates. Base the TARA on the safety goals found in the ISO 26262 HARA 
• Lead thesecurity concept development as well as the security requirements development and requirements review 
• Collaborate with system design and architecture development teams on specification development for our Autonomous Trucking program.  Support the systems team in developing the security architecture for product lines   
• Coach teams in implementing the cyber security requirements 
• Provide guidance and support for the incident response team and support incident response activities as assigned 
• Cultivate awareness of incident response in the engineering team.  
• Grow the cyber security culture 
• Leadthe Cyber Security Plan 
• Lead the CS process definition andalign to the Automotive SPICE compliant processes at Torc 
• Support the SW cyber security tool qualification process 
• Provide training for ISO 21434 
• Track cyber security issues and support activities for their closure (vulnerability management)  
• Interface with external vendors and suppliers to ensure cyber security compliance 
• Support quality engineering team in answering cyber security related questions
• Continually improve by staying up to date in cyber security technologies
• Support the development of cyber security requirements for autonomous trucks  

What you will need to succeed: 

• Bachelor's degree in systems engineering,computer Science,electricalengineering,robotics, or related field and: 
• Minimum 10 years of experience in engineering or related field 
• Experience working with ISO 21434 
• Complex Hardware knowledge 
• Communication technologies and protocols (Ethernet, CAN) 
• Low Level OS and Middlewareknowledge 
• Ability to read code (C/C++, Python) 
• Automotive industryexperience 
• Distributed and centralized ECUarchitectures 

Bonus Points! 

• Master’s Degree or PhD. Preferred 
• Experience with Autonomous Vehicles or ADAS 

Perks of Being a Full-time Torc’r  

Torc cares about our team members and we strive to provide benefits and resources to support their health, work/life balance, and future. Our culture is collaborative, energetic, and team focused. Torc offers:     

• A competitive compensation package that includes a bonuscomponentand stock options   
• 100% paid medical, dental, and vision premiums for full-time employees     
• 401K plan with a 6% employer match   
• Flexibility in schedule and generous paid vacation (availableimmediatelyafter start date)  
• Company-wide holiday office closures   
• AD+D and Life Insurance 

Why you’ll love this role

This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team.  This team is responsible for leading efforts to enhance the security of the cloud infrastructure and applications all across StockX. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. They provide ongoing engineering support for security systems in our cloud native environment.  This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.

What you’ll do

• Partner with the Platform Engineering and IT teams to design, implement, and manage security measures for our AWS & Azure cloud infrastructure.
• Collaborate with cross-functional teams to automate and expedite integration of security best practices into the entire development lifecycle, from design to deployment.
• Use available tooling to assess risks and vulnerabilities and implement strategies to mitigate and remediate identified security risks.
• Automate enforcement security of policies and related controls for AWS cloud services and data protection.
• Monitor and respond to security incidents, conduct investigations, and implement incident response procedures as needed with confidentiality and professionalism.
• Design and implement identity and access management (IAM) solutions for secure access control.
• Partner with other teams to ensure IAM controls are part of a defense in depth strategy
• Ensure the continuing operation and effectiveness of key identity and access management controls
• Stay abreast of the latest cloud security trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks.
• Possess knowledge of reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and Docker supported by other engineering teams.
• Provide mentorship and guidance to junior members of the security team.
• Ability to quickly analyze logs and configurations using; Python, JQ, cURL, etc.
• Integrate application security tooling within the existing CI/CD environment to improve application security.

About you

• 4-7 years of relevant security experience.
• Bachelor's degree preferred but not required.
• Cyber security certifications preferred e.g. CISSP, CISM, Security +, AWS Security
• Strong experience with cloud native environments and with multiple cloud services providers
• Experience with scripting across multiple cloud providers and infrastructure APIs to analyze security posture and configurations.
• Detailed understanding of cloud and network security
• Experience reading other engineer’s code across a number of languages to identify security issues.
• Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc.
• Experience with OAuth/SAML techniques and OIDC
• Deep understanding of Identity & Access Management security controls and tooling
• Strong understanding of securing distributed cloud and on-premesis networks using security groups, network ACLs, VPNs, and WAFs among other technologies
• Strong understanding of security monitoring tools for cloud environments such as CSPM, CASB, cloud audit logs such as AWS Cloudtrail, etc
• Strong understanding of application security tools such as Snyk, Sonarcloud, Dependabot or Renovate, GitGuardian, etc 
• Technical understanding of how threats like Spam, Phishing, DDoS Attacks, Brute Force Attacks, SQL Injections, XSS are executed and how to protect against them across an organization.

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the various pay transparency laws/acts, the base salary range is $140,000 to $160,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.