Staff Security Engineer
San Francisco /
Security and Trust /
Kandji is building the future of Apple Enterprise Management. The use of Apple devices in the enterprise is growing rapidly. Drawing on decades of experience in Apple IT, we saw a dire need for a modern Apple device management platform that could accommodate growing businesses and increasing regulatory demands.
Kandji grew to hundreds of B2B customers within a few months of initial product launch in 2019, and secured a $100 million Series C in late 2021. Today, we have a 95% Customer Satisfaction rate and a rapidly growing community of customers, including names like Crunchbase, Belkin, Rackspace, Allbirds, FabFitFun, VSCO, and Turo.
Behind our business is a handful of the best investors in tech. Together, we are creating a new category of device management that can better serve modern businesses.
As a Staff Security Engineer, you will help our platform and engineering teams build and maintain Kandji's Secure Software Development Lifecycle. In this role, you’ll build and mature security processes and develop a series of standards to support our product at scale. Reporting to our VP of Security and Trust, you will have the opportunity to work alongside development teams, lead remediation efforts, define best practices through secure code reviews, architecture reviews, third-party package management, static code analysis, and spearhead our bug bounty initiatives.
How you will make a difference day to day
- Lead the design of cyber security standards and controls on Kandji’s cloud platform, define secure development practices, identify threats and risks, lead "secure by design" culture, and build security into Kandji's Cloud Platform and multi-tenant SaaS applications
- You’ll design, implement and maintain technical controls to mitigate classes of security bugs.
- You'll act as a liaison for multiple stakeholders across product, engineering, go to market, and security ops / compliance, to guide and prioritize the right security investments.
- You'll help scale the engineering organization and mentor engineers on best practices in secure software design and architecture.
- You’ll enable the growth of Kandji’s business by building a secure foundation that earns the trust of Kandji’s users.
- You'll participate in security assessments, code audits, and advise on both internal and customer security needs.
- Drive adoption of Policy as Code, adherence to software security metrics, lead vulnerability management efforts
- Participate in and support security feature reviews and threat modeling
- Contribute to a secure/compliant cloud-native service catalog
- Collaborate with engineering and operations teams to implement and automate security controls and processes cloud-native security monitoring, tooling and reporting
- Required to work on-site 3 days a week (Tuesday, Wednesday, Thursday). Managers may require additional on-site days.
- Extensive experience in SaaS product development and security space; securing complex interconnected web applications and their architectures using Python, Go, or any other modern object-oriented language.
- Security architecture and expertise. You have experience building systems to secure and monitor cloud architectures. You can contribute directly to our main codebase to raise the bar on security systems design and address vulnerabilities. You'll bring experience in at least one of the following areas: Data Security/Application Security/Product Security/Identity and Access Management/Infrastructure/Cloud Security/Security feature development
- Working in production. You have experience writing code and productionizing your solutions. You appreciate the skill of building automated solutions and scaling your impact via code.
- Pragmatic and business-oriented: You care about business impact and prioritize projects accordingly — you model threat risks and balance the right security investments with the right bottom line outcomes.
- Not ideological about technology: To you, technologies and programming languages are about tradeoffs. You may be opinionated, but you're not ideological and can learn new technologies as you go.
- Empathetic communication: You communicate nuanced ideas clearly, whether you're explaining technical decisions in writing or brainstorming in real time. In disagreements, you engage thoughtfully with other perspectives and compromise when needed.
- Team player: For you, work isn't a solo endeavor. You enjoy collaborating cross-functionally to accomplish shared goals, and you care about learning, growing, and helping others to do the same.
These requirements are for the strongest, ideal candidate. Even if you do not outperform every bullet point, Kandji encourages you to apply. We promote a diverse, equitable, and inclusive culture and recognize that even the strongest candidates won’t have all desired experiences and qualifications.
Benefits & Perks
• Competitive salary
• 100% individual and dependent medical + dental + vision coverage
• 401(k) with a 4% company match
• 20 days PTO + Kandji Wellness Week off the first week of July
• 14 paid holidays per year
• 10 health and wellness days per year
• Equity for full-time employees
• 12 weeks of paid leave for new parents
• Cell phone & Internet stipend
• Exciting opportunities for career growth
• An outstanding, inclusive culture
We are excited to be serving a significant need for a fast-growing market, and are proud of the high-performing team we have brought together so far. If you’re someone who wants to engage in new, exciting projects that will challenge your skills in the best way possible, we would love to connect with you.
At Kandji we believe in fostering an inclusive environment in which employees feel encouraged to share their unique perspectives, leverage their strengths, and act authentically. We know that diverse teams are strong teams, and welcome those from all backgrounds and varying experiences.
Kandji is proud to be an equal opportunity employer committed to diversity and inclusion in the workplace. Qualified applicants will be considered for employment without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, physical or mental disability, protected veteran or military status or any other status protected by applicable law.