Staff Product Security Architect
Fastly
- San Francisco, CA
- Permanent
- Full-time
- Perform secure architecture and design reviews of cloud-based products (CDN, Web Application Firewall, Bot detection) and collaborate with engineering and product teams to integrate secure-by-design principles into engineering builds.
- Conduct thorough security assessments of products developed by our network, infrastructure and security product lines to identify security threats to Fastly and define tactical and strategic mitigation plans to assist with remediation.
- Develop and implement robust security protocols and best practices to protect against security threats.
- Perform secure code and configuration reviews as part of the product development lifecycle and provide recommendations that strengthen Fastly's security posture.
- Influence product design paradigms to incorporate security best practices and drive requirements for security into the release cycle.
- Maintain a clear view of the overall product development roadmap and associated product lifecycle to ensure security is appropriately incorporated throughout.
- Become a domain expert in the content delivery network (CDN), infrastructure and security products and represent that knowledge with prospects, customers, and auditors.
- Research and understand new threats and attack vectors that impact Fastly and work with product owners to design appropriate prevention, detection and remediation initiatives.
- Involvement in Fastly's Secure SDLC, focusing on both collaborative hands-on design work and training initiatives across the company.
- Influence Fastly's security strategy by leveraging the collective strength of the security team and articulating the capabilities needed to effectively manage cyber threats.
- 7+ years of relevant experience and a Bachelor's degree in Computer Science or equivalent.
- Proven experience in securing multi-tenant general compute services, reverse proxies, cache servers, web application firewalls, Bot technologies and modern APIs.
- Extensive experience performing threat modeling, secure code reviews and designing controls to mitigate security threats for new and existing cloud-based products. Bonus for experience with security specific cloud products.
- Deep understanding of certificate authorities, digital certificates, public key infrastructure and how they operate in a client - server environment.
- Strong understanding of bot detection techniques, including CAPTCHA, rate limiting and behavioral analysis and hands-on experience securing bot detection technologies.
- Strong understanding of web application firewalls and hands-on experience securing WAF solutions and technologies, including rule-based and machine learning based approaches.
- Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation.
- Deep understanding of common web based vulnerabilities
- Working knowledge of authorization, authentication and encryption strategies.
- Strong grasp at all layers of the information security stack including hands-on security engineering.
- Strong analytical and problem-solving skills, with the ability to analyze complex security issues and recommend effective solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with both technical and non-technical stakeholders.
- San Francisco, CA
- Denver, CO
- New York, NY