Senior Security Engineer
Join our team and experience Procore!
It’s fun to work in a company where people truly believe in what they’re doing. At Procore, we are committed to bringing passion and customer focus to the business of enterprise applications. We work hard, and we are serious about what we do. But, we like to have a good time too!
About the Team
Procore’s Security team supports an ever growing environment that consists of several hundreds cloud based systems for which the Procore application runs on. The DevOps team is composed of highly skilled engineers spanning SRE, Dev Tools and Security disciplines located in Carpinteria, CA and Austin, TX.
Our mission is to focus 100% on Production facing systems by helping the business securely deliver new products and features, supporting the growing customer base, and maintaining operational excellence across all facets of the infrastructure.
About You in the role:
- In this role, you must think about our customers both internal and external, delivering quickly on a wide range of daily operational tasks ranging from security monitoring, triage, ad-hoc walk ups and projects milestones.
- This position requires and strong background in Security Engineering as it relates to Production Infrastructure, SRE and Production Operations. You will be part of a team that is directly responsible for security and uptime of production systems and you must have strong technical hands-on experience in delivering projects.
- You understand moving fast is key for the company and ensuring services are available 24/7/365 requires on-call participation, careful planning of changes, detailed runbooks - documentation, collaboration and team due diligence around the 100’s configuration changes we perform daily. If the work performed is manually repeated often, you find a way to automate the task. More so, you make things happen.
- You have a natural wonder for all things technology and ‘geek-out’ on all thing tech related. Your home lab could possibly be better than most corporate labs, where you learn about technologies like AWS, Docker and automation apps like chef/puppet/ansible.
- You can handle multiple projects and tasks, make the right business decisions and solve problems while under pressure, and prioritize and organize effectively.
About the role:
- Assist in designing, building, and reviewing security-related services and functionality of web applications, mobile applications, and desktop applications
- Provide engineers with well-researched security advice to demonstrate vulnerabilities and provide secure development guidance
- Assist in the triage of vulnerabilities that are found internally, privately or publicly disclosed, or reported through our bug bounty program
- Produce research and collaborate with our peers in the broader cyber-security industry
- Scope and perform security reviews of web applications, mobile applications, desktop applications, and private and public cloud environments
Some other fun facts ..
- Experience with conducting threat assessments, building threat models, and creating remediation plans based on the results of threat assessments
- Solid understanding of web application architecture (include microservices)
- Strong understanding of AWS services and architectures
- Familiarity with intrusion detection, monitoring and logging best practices
- Experience in Ruby and Go
- Intimate knowledge of Cloud, Public Cloud security best practices and monitoring of systems and services hosted in the cloud(IaaS, SaaS etc)
- Knowledge and experience with virtualization and containerization(kubernetes, docker)
- Demonstrates the ability to analyze and resolve issues independently
- Knowledge of project management tasks, experience creating application documentation, and demonstrated ability to train other team members.
- Knowledge of security vendors and security product capabilities
- Procore’s tech stack consists of: Ruby on Rails, Apache, Nginx, PostgreSQL, AWS,
Here are a few projects that you will be involved with:
- Penetration Testing, Secure Access, 2FA, Vaults, IP-geo & IP restrictions, PKI, Vulnerability assessments, vendor management
Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore. Our headquarters is located on the bluffs above the Pacific Ocean in Carpinteria, CA, with growing offices worldwide. To learn more about our team, click here.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Perks & Benefits
You are a person with dreams, goals, and ambitions—both personally and professionally. That's why we believe in providing benefits that not only match our Procore values (Openness, Optimism, and Ownership) but enhance the lives of our team members. Here are just a few of our benefit offerings: competitive health care plans, unlimited paid vacation, stock options, employee enrichment and development programs, and friends & family events.