New York, NY
Addepar is the financial operating system designed to bring common sense and ethical, data-driven investing to our financial world. Addepar handles all types of assets in any currency, so investors and advisors have a clearer financial picture at every level, all in one place. With customizable reporting, financial managers can visualize and communicate relevant information to anyone who needs it. Secure, scalable, and fast, Addepar is purpose-built to power the global financial system. More than 200 single and multi-family offices, wealth advisors, large financial institutions, endowments, and foundations track more than $550 billion of assets on Addepar's platform. Addepar has offices in Silicon Valley, New York, Chicago, and Salt Lake City.
As a Security Engineer, you will have a central role within the company, working with the security, DevOps, IT, and Product teams to ensure that we are not only defending our perimeter, but also looking forward to stay one step ahead of bad actors. You will be using your breadth of security experience to iterate on the security roadmap - be it in the realm of application security, infrastructure security or even organizational security.
- Work with the Addepar DevOps team to improve security monitoring and alerting
- Both reactive and proactive Incident Response
- Work with the product development team to review new features from a security perspective
- Security automation - what a human can do, a computer can do better. Automate regular tasks using Python, Gauntlt, etc.
- Define, implement, and iterate on infrastructure security initiatives
- Perform code reviews on any changes impacting security
- Evangelize security and secure coding practices across the engineering team
- Assisting on SOC2 Audits, Business Continuity and Disaster Recovery efforts, etc.
- 4+ years of relevant work experience on an internal security team, working both on the offensive and defensive sides of security
- Hands-on experience triaging and understanding the root cause of security bugs
- Experience performing application security assessments, and penetration testing
- Self-motivated, proactive attitude with a security mindset
- Experience in building/setting up security tools to automate recurring tasks
- Ability to review logs from a security standpoint and identify anomalies
- Experience performing source code reviews
- [Bonus] Strong background in software development and engineering
- [Bonus] Demonstrated experience contributing or collaborating with Open Source projects
- [Bonus] Participation in Bug Bounties