Design, develop and build security features and defenses that protect the entire scope of the ClickUp platform.
Perform threat models, implementation reviews, and security testing; review requirements and designs.
Design and build tools to help with all stages in security prevention, detection, and response; across the full SDLC from code and test, through to deploy and operate.
Embed yourself into existing engineering and product teams, acting as a "security player-coach".
Build security automation for and into the ClickUp platform; design and build secure-by-default infrastructure and applications.
Monitor and analyze production security events and, as needed, provide in-depth incident analysis.
Build relationships with other engineers, product managers, data engineers, operators, and security team members to enable shipping a secure product.
Requirements
Multiple years of experience in technology / software development.
Experience with Angular, Node.js, and PostgresSQL; or similar technologies.
An ability to identify and provide a basic assessment of security threats.
An understanding of security problems, paired with an ability to suggest solutions to software design problems.
Cloud and SaaS experience.
Ability to mentor others on technical topics, including security.
5+ years of software development experience and 1+ year of security-specific experience.
Experience with security tools; SAST, DAST, RASP, dependency checkers, SIEM.
2 years of AWS experience; IAM and least-privilege architectures.