Description

ON24 is on a mission to transform the way marketers’ market, powering the live, always-on and personalized experiences that businesses need to create engagement, deliver data, find demand and drive revenue. Through the ON24 Platform, marketers can build data-rich, interactive webinars and content experiences, understand audience behavior and turn that intelligence into action. Informed by more than a billion engagement minutes -- including 12 million polls, 1.3 million surveys, 1.5 million conversations, and conversion of over 17 million resources -- marketers drive more revenue from ON24 experiences than any other digital channel. Headquartered in San Francisco, ON24 has a wide global footprint with offices in key regions, including London, Singapore, and Sydney. 

Role Overview:

The Security Engineer will be a critical member of ON24’s information security team where they will contribute to safeguarding customer, employee, and company data in accordance with industry standards for a global enterprise SaaS company. 

You will engineer security solutions, evaluate and implement related technologies, and perform security monitoring and incident response functions.
 
Responsibilities:

• Perform infrastructure and Cloud security design and architecture reviews.
• Determine security requirements, related procedures, and define security controls.
• Perform vulnerability assessments and maintain vulnerability management tools/processes.
• Contribute to hardening standards and configuration guidelines.
• Evaluate, implement, and maintain new security products/solutions.
• Monitor, analyze, and respond to security alerts and events.
• Work to enhance detection, correlation, and automation capabilities.
• Coordinate, scope, and manage penetration testing efforts.
• Conduct internal security reviews, threat hunting, and training exercises.
• Review threat intelligence and produce advisories as applicable to ON24's environment.
• Research and review new threat vectors, develop detections and preventions.

Skills & Experience:

• BS degree or equivalent experience
• At least 5 years work experience in technical security roles
• Hands-on experience with security devices such as network firewalls, load balancers, WAFs (e.g. Fortinet, Cisco, F5), and IDS/IPS (e.g. Snort, Suricata, Bro)
• Expertise with security monitoring, detection and response / SIEMs (e.g. ELK, Vision-One)
• Deep understanding of threat modeling, risk prioritization, and technical security measures
• System administration skills (Win/Mac, Linux, Windows Server) and scripting capabilities (BASH, Python, Powershell)
• Excellent written and verbal communication skills
• Ability to work effectively and drive results in a remote team
• Security certifications, e.g. CISSP, GIAC, CCSK etc.
• Experience working in a SaaS, hybrid-Cloud environments (Azure and/or GCP)
• Experience securing cloud, virtualization, and containerization platforms (K8s, VMWare)
• Familiarity with Monitoring (Check_MK/Nagios, Solarwinds, Prometheus), and/or DevSecOps toolchains (e.g. Ansible, Terraform, Jenkins, GitLab, etc.)
• Knowledge of web application / software security assurance basics, e.g. OWASP Top 10
• Passionate about security with strong desire to learn and grow

Perks & Benefits:

• Health benefits designed to fit the needs of you and your family — including medical, dental, and vision plans  
• Unlimited PTO policy and wellness days to log off and recharge   
• 11 paid company holidays for US-based employees + 1 Floating Holiday + 2 Floating Wellness days 
• Employee Stock Purchase Plan  
• 401K Plan with employer match  
• Reimbursements covering home office expenses, cell phone use, and classes for professional and personal development  
• Fitness and wellness perks including discounted memberships with 24 Hour Fitness  

Thebasepay range for this position is $175,000 to $190,000. This range is not a guarantee of actual compensation that may be earned nor a promise of any specific pay for any specific employee, which is always dependent on relevant experience, education, skills, location, and other applicable factors. 

EEOC: 

ON24 is proud to be an equal employment opportunities (EEO) workplace to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, ON24 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.  

Pursuant to the San Francisco Fair Chance Ordinance, ON24 will consider for employment qualified applicants with arrest and conviction records.  

#LI-CS1
#LI-United States