Grammarly is excited to offer aremote-first hybrid working model. Grammarly team members in this role must be based inthe United States, and, depending on business needs, they must meet in person for collaboration weeks, traveling if necessary to the hub(s) where their team is based.

This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

About Grammarly

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of theFortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we’re looking for a Security Engineer to join our Detection and Response (DART) team.  As a key member of our organization, you will be instrumental in safeguarding our digital assets and ensuring our security posture remains robust against emerging threats. If you have a passion for cybersecurity, a keen eye for detail, and extensive experience in security operations, we want to hear from you!

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

As a DART engineer, you will 

• Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities within our environment.
• Perform forensics and spearhead response efforts during security incidents. This includes triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.
• Continuously tune our alerting rules to reduce false positives and enhance our signal-to-noise ratio, ensuring our detection systems are both effective and efficient.
• Participate in our team’s on-call rotation, providing expert guidance and rapid response to security incidents as they arise.
• Assist with the definition, creation, and maintenance of SIEM (Security Information and Event Management) detection rules and dashboards to provide clear, actionable insights.
• Streamline our security operations by authoring comprehensive runbooks, writing automation scripts, and building SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
• Improve our overall Incident Response process and ensure our readiness against adversaries.
• Actively work to burn down the detection backlog, enhancing our detection coverage and accuracy across all monitored systems and applications.
• Develop advanced detection strategies and tactics.
• Collaborate on project and roadmap planning.

Qualifications

• Has a minimum of 10 years in cybersecurity, with a focus on detection and response.
• Is proficient in SIEM platforms and scripting languages (Python) and has familiarity with SOAR tools.
• Has hands-on experience combating adversaries of varying sophistication (script kiddies to APT).
• Has a foundational understanding of Corporate Security, including Mac endpoint security and Crowdstrike EDR.
• Has professional experience with a commercial SIEM (Sumologic preferred).
• L1, L2 SOC experience or "SOC-less" model (MDR, etc.).
• Can define detection strategies and multi-quarter roadmaps.
• Has strong expertise in incident handling and forensic investigation, with a proven track record of managing complex security incidents.
• Has excellent analytical and problem-solving skills, with the ability to think critically under pressure.
• Demonstrates strong verbal and written communication skills, capable of interacting with technical and non-technical stakeholders alike.
• Has relevant industry certifications such as CISSP, GCIA, GCIH, or equivalent.
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
• Has strong communication skills and can explain complex security issues in understandable terms.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Compensation and Benefits

• Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 
• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching 
• Paid parental leave
• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and flexible sick time 
• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
• Annual professional development budget and opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

We encourage you to apply

At Grammarly, we value our differences, and we encourage all to apply—especially those whose identities are traditionally underrepresented in tech organizations. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

#LI-PM1

The Role

As a Senior Security Engineer at Podium, you will play a key role in shaping and implementing our corporate security strategy. Reporting to the Director of Security and collaborating with audit and compliance teams, you will design, implement, and manage secure solutions that align with our architectural designs, best practices, and regulatory requirements. Your expertise will help us navigate the evolving threat landscape and ensure our security measures are robust and forward-thinking.

In this position, you will be responsible for architecting solutions that secure our business operations and enable innovation. You'll work closely with diverse teams, including IT infrastructure, application development, security operations, and end users, to protect our organization and its assets. Your role will also involve guiding less experienced team members and providing technical leadership.

What you will be doing:

• Stay updated on new security threats and ensure our systems can defend against them.
• Own cloud infrastructure security
• Own AI security
• Manage vulnerability management system
• Research and recommend new security solutions to enhance our security posture.
• Develop and enforce security team standards, policies, procedures, and processes.
• Plan and execute incident response and postmortem exercises, creating measurable benchmarks.
• Conduct table-top exercises for Business Continuity/Disaster Recovery (BC/DR) and Incident Response testing.
• Drive security efficiencies through automation and integration across technology and security architecture.
• Collaborate with IT, engineering, development, and business teams to ensure security measures are effective and do not impede business processes.
• Perform engineering performance testing to ensure security solutions are robust.
• Provide day-to-day support for hardware, software, and managed solutions, ensuring they meet security standards.
• Lead security team meetings and participate in security projects to evaluate and improve our security infrastructure.
• Assist with incident response and system stability issues as needed, including outside regular work hours.
• Ensure compliance with privacy laws and work with various teams to secure business-to-business initiatives, third-party relationships, and outsourced solutions.
• Respond to service and escalation tickets and develop security test plans.
• Regularly participate in change management meetings and follow security engineering fundamentals and processes.

What you should have:

• 6+ years of experience in cybersecurity, including compliance and risk management.
• Experience with cloud environments (AWS, GCP).
• Strong technical and analytical skills, with a system and network security engineering background.
• Experience in cloud computing technologies, including software-, infrastructure-, and platform-as-a-service.
• Extensive knowledge of security controls and technologies, such as SIEM, IDS/IPS, PKI, IDAM, antivirus, firewalls, EDR, threat intelligence platforms, security automation, and orchestration.
• Proficiency in meeting vulnerability management and penetration testing requirements.
• Excellent communication skills to articulate business risk from cybersecurity issues.
• Experience managing various security monitoring tools and platforms.
• A track record of integrity, excellence, curiosity, and adaptability.
• Additional qualifications include proficiency in scripting languages (Python, JavaScript, PowerShell, PHP, or Ruby) and regulatory standards (ISO 27001, NIST, PCI DSS, HIPAA, GDPR, etc.).

What we hope you have:

• Familiarity with state privacy laws and ability to think strategically and tactically.
• Highly trustworthy, with solid leadership qualities and a proactive approach to anticipating threats.
• Bachelor's degree in computer science, information assurance, MIS, related field, or equivalent experience.
• Relevant certifications such as CISSP, CRISC, CGEIT, or related.

Benefits:

• Open and transparent culture 
• Life insurance, long and short-term disability coverage
• Paid maternity and paternity leave
• Fertility Benefits
• Generous vacation time, plus three 4-day summer holiday weekends
• Excellent medical, dental, and vision benefits
• 401k Plan with competitive company matching
• Bi-annual swag drops with cool Podium gear and apparel 
• A stellar HQ (Utah) gym with local professional coaches and classes offered
• Onsite HQ (Utah) child care center, subsidized for employees
• Additional benefits for fully remote employees

Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.

About Syapse

Syapse is a real-world evidence company on a mission to improve outcomes for all cancer patients. By integrating complete, longitudinal, and continuously updated real-world patient data, we can provide unique insights into patients’ care journeys. Our advantage derives from a decade of partnership with the world’s largest Learning Health Network of innovation-driven healthcare systems. 

Syapse enables providers to operationalize precision medicine and deliver the best care today to their patients while helping life sciences companies and regulators accelerate the development and approval of new therapies for patients tomorrow.  Together we are working toward a future in which all cancer patients have access to the best precision care.

About the role

You will join the Syapse team to deploy and manage the Zero-Trust architecture and inform the security posture of our InfoSec service. You will Identify threats and vulnerabilities in Syapse systems and software and lead development and implementation of  high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime.  You will have the support of an InfoSec, IT and DevOps team as well as the rest of the organization as we fully realize that we can only be successful through collaboration.

You will be a key contributor to our compliance and certification efforts such as HIPAA, HITRUST and others including annual audits and risk assessments.  In this role you will collaborate with all corporate stakeholders to drive security improvements in the data and code pipelines.

Your responsibilities in this role would include:

• Identify threats and vulnerabilities in Syapse systems and software and apply patches and upgrades as required
• Develop and implement high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime
• Manage configurations for network security systems including firewalls, cloud security tooling, endpoint configurations
• Implement continuous monitoring and alerting by leveraging log aggregation and event correlation capabilities
• Deploy critical components of Zero-Trust architecture as planned on the roadmap
• Drive the security operations function providing operational support with tools and processes 
• Provide guidance to our development teams regarding designs and best practices as it relates to information security best practices
• Be part of proof of concept initiatives to test product ideas and recommend security architecture design for product development  
• Conduct new (and annual) vendor security risk assessments
• Partner with R&D to implement security tooling and represent InfoSec in cross-functional initiatives for DevSecOps improvements
• Coordinate and support regular third-party penetration testing efforts 
• Work closely with IT team to drive High Availability and Disaster Recovery for all corporate IT systems and services
• Facilitate incident response processes in partnership with leadership team
• Evangelize information security best practices through the organization
• Represent InfoSec to maintain and improve business continuity plans

What you bring to the table

• At least 8+ years experience in InfoSec where you were on a team driving and  managing the information security and compliance posture of corporate and cloud based applications. 
• Operational expertise with secure Network Architecture, Vulnerability Management, Threat Modeling, Cloud Security, Firewalls, SSO, MFA, AV, Malware, DLP, Data Encryption, Least Privilege, RBAC.
• Extensive hands-on expertise with a cloud platform such as AWS (preferred), Google Compute or Azure is a must.
• Strong experience in Network Application Security practices.
• Experience in handling compliance audits (HIPAA, SOX, etc.)
• Experience with compliance certifications like PCI, SOC2, HITRUST, or FEDRAMP or FISMA.
• Experience with external software penetration testing
• Team player and Own it mindset.

Bonus points if you

• Experience drafting and maintaining InfoSec policies
• Secure SDLC experience with R&D partnership
• Disaster Recovery, Incident Response and Business Continuity experience
• Experience with SIEM
• HIPAA and/or healthcare technology experience

Compensation: The target base salary for this position is $170,000-$200,000

This base salary is only a part of a total compensation package, annual bonus, benefits, 401k with match, flexible PTO and incentive pay for eligible roles. Individual pay may vary from the target range as a number of factors including market forces, experience, location, disparities in market data and other relevant business considerations may all factor into final compensation.

Next steps

Syapse is a globally distributed, technology-enabled insights company with no physical offices and a Remote First ethos. While we love meeting candidates face to face, we’re committed to providing you the best possible interview experience and opportunities to spend meaningful time getting to know our company, mission, and wonderful teammates in our fully remote interviews. We appreciate your help in achieving this outcome and welcome your feedback and requests on how we can make this a reality for yourself & future candidates.

Have a quick question about the role? Email careers@syapse.com or simply apply here. 

Available Locations: Hybrid from Austin, TX, Washington D.C., San Francisco, CA, Mexico City, MX

About the Department
The Identity and Access Management (IAM) team is dedicated to ensuring the secure and efficient management of user identities, access privileges, and authentication mechanisms across internal systems, applications, and data. Our mission is to safeguard the organization against unauthorized access, protect sensitive information, and enable seamless user experiences while adhering to industry best practices and compliance standards.

About the Role

As an Identity and Access Management (IAM) Security Engineer, you will play a crucial role in designing, implementing, and scaling identity and access management solutions for Cloudflare’s internal workforce and workloads. You will be responsible for safeguarding our systems, applications, and data by ensuring secure user access, authentication, and authorization mechanisms.

What You’ll Do

• Design, build, test, and deploy IAM solutions across authentication, authorization, and accounting 
• Leverage Cloudflare products to secure our identities
• Build SSO integrations leveraging SAML, OIDC, OAuth, and SCIM
• Build and manage the Identity Governance and Administration platform
• Develop automated roles leveraging RBAC and ABAC
• Build and manage an access certification platform 
• Build and manage a Privileged Access Management (PAM) platform
• Provide operational support of IAM systems including an on-call rotation that may include after hours calls

Desirable skills, knowledge and experience

Security engineers take part in a wide variety of tasks and projects in the team. One individual is not expected to know everything, but a working knowledge in several of the following areas is required: 

• Strong understanding of identity federation (SAML, OAuth, OpenID Connect, etc.)
• Experience implementing Identity Governance and Administration (IGA) solutions including lifecycle management, SCIM, birthright access (RBAC, ABAC), and access certifications
• Experience with secure configuration of containerized application platforms (e.g. Kubernetes)
• Advanced scripting experience (Python, TypeScript, Bash, etc.)
• Experience implementing Zero Trust controls
• Experience integrating with applications and SaaS solutions 
• Experience with Identity and Access Management policy application and enforcement
• Experience working with Identity Threat Detection & Response (ITDR)
• Experience working with infrastructure as code and configuration management tools like Terraform, Ansible, etc.

Compensation

Compensation may be adjusted depending on work location.

• For Colorado, Illinois, Maryland and Minnesota based hires: Estimated annual salary of $137,000 - $167,000.
• For New York City, Washington, Washington D.C. and California (excluding Bay Area) based hires: Estimated annual salary of $154,000 - $188,000.
• For Bay Area based hires: Estimated annual salary of $162,000 - $198,000.

Equity

This role is eligible to participate in Cloudflare’s equity plan.

Benefits

Cloudflare offers a complete package of benefits and programs to support you and your family.  Our benefits programs can help you pay health care expenses, support caregiving, build capital for the future and make life a little easier and fun!  The below is a description of our benefits for employees in the United States, and benefits may vary for employees based outside the U.S.

Health & Welfare Benefits

• Medical/Rx Insurance
• Dental Insurance
• Vision Insurance
• Flexible Spending Accounts
• Commuter Spending Accounts
• Fertility & Family Forming Benefits
• On-demand mental health support and Employee Assistance Program
• Global Travel Medical Insurance

Financial Benefits

• Short and Long Term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan
• Employee Stock Participation Plan

Time Off

• Flexible paid time off covering vacation and sick leave
• Leave programs, including parental, pregnancy health, medical, and bereavement leave

????London or Remote (UK) | ???? This is a unique role, we’re open to discussions around base salary + stock options + Benefits

Engineering at Monzo

We’re looking for a creative, entrepreneurial and impact-focused Engineering Director to join our Security team and help us build one of the best, most innovative and secure banks in the world. 

As an Engineering Director you’ll lead a team of engineers to review and understand evolving threat models, assess our security risk landscape and set ambitious multi-year strategies for keeping our customers, the business and our employees safe and secure both now and into the future. You’ll operate with autonomy and have a massive impact on our customers’ lives and Monzo’s success.

The Security collective designs and builds systems and infrastructure to detect, mitigate, prevent and protect Monzo’s customers, its staff and its physical and virtual infrastructure from malign individuals and organisations. 

The teams work across the stack, from building custom PKI infrastructure as part of our Zero Trust security model rollout, to creating innovative customer-facing features like Call Status that helps customers know for certain if Monzo is calling them. We’ve built Multi-Person Authorisation systems to protect AWS infrastructure from being changed by a single person with access to an admin account, all the way through building automated testing frameworks, fuzzers, linters and other engineering support tooling that allow engineers to build systems that are secure by default. 

You can read more about our industry leading Call Status feature here

You should apply if you have:

• You have experience leading an organisation of 30+ software engineers and understand the importance of good organisational design on creating effective teams
• You have experience managing a number of Engineering Managers and/or Senior Engineering Managers.
• You’re comfortable using data to ground your thinking in analysis, can identify key metrics and their drivers and evaluate the success of your work.
• You make good decisions in complex situations where there’s often no right answer
• Proven track record in designing, developing and supporting operationally excellent, high availability systems which provide critical business function
• Experience leading complex cross-functional engineering projects
• Proven track record of developing and managing distributed systems
• Deep experience in managing a portfolio of concurrent engineering projects running the gamut from short-term critical feature launches to long-term strategic initiatives.
• You must have prior experience as an engineer at senior level or higher. 

Nice to have:

• Broad knowledge across the Security domain 

The interview process:

Our interview process involves 3 main stages: 

1. Recruiter Call (30 mins) You'll meet our Engineering Leadership Recruiter to discuss your experience and learn more about Monzo. They'll be your partner and guide throughout the interview process.
2. Initial Call (1 hour) You'll meet with our VP of Engineering. They'll ask you about your previous experience, in particular people leadership, product delivery and technical leadership. They’ll ask example based questions (‘Tell me about a time when…’)
3. Loop Stage - This is one stage with 4 interviews (totalling 4 hours) split between a collaboration with one of our engineers on a technical exercise, as well as execution and leadership interviews.

At all stages we’ll create space for you to ask as many questions as you have, you’re interviewing us as well!

Our average process takes around 3-4 weeks but we will always work around your availability. You will have the chance to speak to our recruitment team at various points during your process but if you do have any specific questions ahead of this please contact us on tech-hiring@monzo.com.

What’s in it for you:

????Base salary range for this role is dependent on experience + equity + stock options & benefits 

✈️ We can help you relocate to the UK  

✅ We can sponsor visas

????This role can be based in our London office, or we're open to distributed working within the UK (with ad hoc meetings in London).

⏰ We offer flexible working hours and trust you to work enough hours to do your job well, at times that suit you and your team.

????Learning budget of £1,000 a year for books, training courses and conferences

➕And much more, see our full list of benefits here

Grammarly team members in this role must be based in the United States, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity 

Grammarly is the world’s leading AI writing assistance company, trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly’s product offerings help people at 96% of theFortune500 get their point across—and get results. Grammarly has been profitable for over a decade because we’ve stayed true to our values and built an enterprise-grade product that’s secure, reliable, and helps people do their best work—without selling their data. We’re proud to be one of Inc.’s best workplaces, a Glassdoor Best Place to Work, one of TIME’s 100 Most Influential Companies, and one of Fast Company’s Most Innovative Companies in AI.

Trust is critical to Grammarly’s mission. The Enterprise Security team’s mission is to defend Grammarly’s corporate assets from all threats through risk reduction. Enterprise Security reduces risk to Grammarly by advising, supporting, building, operating, and assuring multiple critical preventive and reactive security controls in tight collaboration with teams and stakeholders across the company.

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer on the enterprise security team, you will be entrusted with the crucial responsibility of safeguarding Grammarly's corporate environment, where our amazing employees work their magic every day. From our versatile laptop fleet (Mac and Windows) to our innovative SaaS apps and other Corporate Infrastructure, you will play a vital role in ensuring our success and keeping our valuable assets secure. With a confident and thoughtful approach, you'll build and implement solutions that raise the security bar for our corporate infrastructure. If you love working on both security and operations, we are excited to have you join our dynamic team!

In this role, the Security Engineer will:

• Contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust.
• Collaborate with our Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies.
• Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains, including:
• Endpoint Detection and Response (EDR)
• Email Security
• Ransomware Resilience
• Data Loss Prevention (DLP)/Insider Risk
• Conditional Access
• Vendor/Business Process Outsourcing (BPO) Security
• Device Posture and Attestation, Shadow IT
• Threat and Vulnerability Management (TVM)
• Identity and Access Management (IAM)
• Public Key Infrastructure (PKI)
• Perform risk assessments and security assurance (threat modeling, code review as necessary) on a range of systems that support Grammarly’s business operations:
• Operating Systems and commercial/open-source desktop applications
• Internally developed Enterprise Infrastructure Services
• Third-Party Software as a Service (SaaS) solutions
• Network Infrastructure (ZTNA, CASB, VPN)
• Drive the remediation of security vulnerabilities identified through assessments.
• Build security automation to secure our corporate infrastructure.
• Evaluate cutting-edge Enterprise Security technology designed to increase our security posture.

We’re looking for someone who

• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
• Is able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
• Is excited to build security controls to safeguard our systems and services.
• Has working experience in Security Assurance: Penetration Testing, Code Review, Threat Modeling.
• Is familiar with programming languages such as Python, Java, or Go for automation purposes.
• Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
• Is knowledgeable about the best practices and technologies of cloud security.
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
• Has strong communication skills and can explain complex security issues in understandable terms.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Support for you, professionally and personally

• Professional growth:We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
• A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs. 

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching 
• Paid parental leave
• Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days 
• Home office stipends
• Caregiver and pet care stipends
• Wellness stipends
• Admission discounts
• Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region’s cost of labor index. For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

We encourage you to apply

At Grammarly, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

Please note that EEOC is optional and specific to US-based candidates.

#LI-PM1

Grammarly is excited to offer a remote-first hybrid working model. Grammarly team members in this role must be based in the United States”, and, depending on business needs, they must meet in person for collaboration weeks, traveling if necessary to the hub(s) where their team is based.

This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

About Grammarly

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of theFortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 7 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we’re looking for a Security Engineer, Platform Security to join our Trust & Enterprise team. 

We’re looking for a Security Engineer to join our Platform Security team to achieve our ambitious goals. This person will substantially impact maintaining the trust of the millions of users who rely on Grammarly product offerings daily. They will drive security improvements across our cloud and data platform while empowering engineering teams to operate fast and safely.

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer - Platform Security, you will:

• Collaborate closely with product and engineering teams to integrate robust security features directly into our platform.
• Design and implement advanced tooling and processes to comprehensively monitor and secure our platform infrastructure.
• Facilitate cross-team efforts among Cloud and Data Platform engineering groups to enhance security without compromising development speed.
• Develop and implement security processes to identify, evaluate, and mitigate security risks across our AI products.
• Design and Implement Just-In-Time (JIT) and role-based access controls to safeguard our production environment and customer data effectively.
• Craft and apply a strategic cloud and infrastructure security framework, contributing to the program's strategic direction and roadmap.
• Engage in proactive collaboration with diverse teams, from full-stack developers to ML engineers and data scientists, ensuring the integration of security best practices into every phase of the development lifecycle.

We’re looking for someone who

• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust.
• Is able to meet in person for their team’s scheduled collaboration weeks, traveling if necessary to the hub where their team is based.
• Possesses a proven track record in enhancing security across various data platforms, including Databricks, NoSQL, ElasticSearch, S3, and Kafka.
• Operates primarily as a 'security builder,’ working alongside engineering teams. This includes designing, implementing, and operating services with a strong focus on security.
• Has significant experience deploying Cloud and Data Infrastructure through Terraform, CloudFormation, or Cloud Development Kit (CDK), and proficiency in programming languages such as Python, Java, and Go.

Compensation and Benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching 
• Paid parental leave
• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and unlimited sick days 
• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
• Annual professional development budget and opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations.

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.

#LI-PM1