**About the role**
We're looking for an Engineer to lead our Security and Compliance efforts. Our
infrastructure handles diverse workloads processing 1 billion API calls per
day. Since we process sensitive location data collected from mobile devices
the security and compliance of our infrastructure is paramount. We've invested
a lot but there's always more to do to improve our security posture. This is
an ideal role for someone who aspires to one day be a CISO.
**The stack:**
Our infrastructure runs on AWS, managed by Terraform.
We leverage AWS Security Hub for cloud monitoring, AWS Inspector for
vulnerability monitoring, and AWS GuardDuty for intrusion detection and
malware prevention.
Servers and employee endpoints are hardened leveraging CIS benchmarks and
hardened images.
Snyk and Github Advanced Security monitor our codebase and libraries for
vulnerabilities and patch them.
Our SIEM is AlienVault and our alerting tool is PagerDuty.
Most engineers are in the on-call rotation, which handles medium and high
severity security alerts.
Our employee endpoints are macOS managed by JAMF and JAMF Protect.
Our issue tracking tool is Linear.
Our compliance tool is Vanta.
Our Penetration Test and Vulnerability Disclosure Program are run by
HackerOne.
**How we work:**
Most of our engineering team are former technical co-founders or former Radar
interns from schools like Waterloo and CMU. Most engineers at Radar fit one of
two molds, technically: either Staff level expertise in one stack, or Multi-
Stack at any level. We say Multi-Stack because "Full-Stack" has the
connotation of "Frontend and Backend", but Radar Engineers might also work on
Mobile or Data engineering. Not that you need to be an expert in all of those,
but a desire to learn, jump around to different stacks and get things done is
the important part.
We care a lot about shipping fast and talking to customers. We're committed to
our product vision of full-stack location infrastructure, but we also know
that customer feedback is a treasure map to gold. Even though Slack is the
brain of our company, working together in-person in our NYC HQ is the fastest
way for us to get things done. We meet on Mondays to plan out work for the
week in small groups and use Linear for planning. All projects are run by an
Engineering lead, an executive and a Go-to-Market lead. Engineers figure out
what to build, talk to customers, talk to prospects, help close them, get them
live and make them successful.
One of the hardest and most valuable practices we have is Walk A Mile - which
is shorthand for putting yourself in the user's shoes - but also for literally
walking a mile and dogfooding the Radar SDK, because you can't create location
infrastructure behind a desk - you have see how the device behaves in the real
world. To us, a week is a long time, and we expect to ship big things every
week.
**The hiring process:**
After a brief call with our CTO, we'll invite you to our NYC HQ for an
interview if we think there is a possible match. During that time we'll work
on system design problems together and do some coding for 2 hours to build
something simple. You'll meet one of our co-founders and we'll also go into
more depth about how we work to see if there is a match.
**What youโll do:**
* Manage the security and compliance posture of our AWS environment (Security Groups, IAM, VPC, Flow Logs, SSO, Inspector, Security Hub, GuardDuty, KMS, S3, EC2)
* Answer all customer "infosec" questionnaires during sales cycles
* Be a key contributor during our SOC 2 audit and participate in ongoing security and compliance activities year round
* Run our annual 3rd party penetration test and vulnerability disclosure program and remediate findings
* Participate in weekly compliance meetings to monitor compliance of the entire organization
* Handle the full life cycle of security alerts and remediation
* Talk to Radar customers and prospects, hear their feedback, incorporate it into your work and make them successful
**You should:**
* Have experience managing AWS environments with Terraform
* Have experience as a security or infrastructure engineer
* Be interested in talking to customers or prospects and making them successful
* Be deeply curious about how things work, and have the tenacity to sit with hard problems and power through them
**Bonus points if you:**
* Are a former technical co-founder
**Youโll work with**
* [Tim Julien](https://www.linkedin.com/in/timjulien/), CTO
* [Craig Kochis](https://www.linkedin.com/in/ckochis/), Director of Engineering
* [Jeff Kao,](https://www.linkedin.com/in/jeffreykao/) Senior Staff Engineer
* Our customers and prospects
* Our Customer Success, Sales Engineering, and Sales teams
**Benefits & Perks**:
* Competitive compensation package and equity plan
* Medical, dental, and vision plans with 100% premiums covered for you
* 401(k) plan with a generous employer match
* Unlimited PTO vacation policy
* Paid parental leave
* Weekly catered breakfast and lunch at our NYC office
* Free CitiBike membership (if based in tri-state area)
* Monthly fitness reimbursement and wellness programs via Classpass and Gympass
**Compensation:**
For candidates based in the United States, the base salary range for this
full-time position is between $200,000 - $250,000/year with an opportunity for
performance bonuses and incentives.
In addition to cash compensation, Radar offers full-time employees a
competitive equity plan with stock option grants. This is a meaningful
ownership stake in the company that we provide to our employees as we build a
category-defining company together.
**About Us**
[Radar](http://radar.com) is location infrastructure for every product and
service. Companies like Vercel, Panera, and T-Mobile use Radar's geofencing
SDKs and maps APIs to power location-based experiences across hundreds of
millions of devices worldwide.
Founded in 2016, Radar is headquartered in New York, NY. Radar has raised
$85.5M from leading venture capital firms including Accel and Insight
Partners.
_We are committed to equal employment opportunity regardless of race, color,
ancestry, religion, sex, national origin, sexual orientation, age,
citizenship, marital status, disability, gender, gender identity or
expression, or veteran status. We are proud to be an equal opportunity
workplace._
