Design and automate controls, detection mechanisms, and tooling to improve the Information Security of Algolia’s infrastructure and products
Research, evaluate, and recommend new Information Security technologies, techniques, and frameworks
Design, implement, and maintain information security monitoring and remediation systems that move the needle in protecting Algolia’s customers’ data, and protecting Algolia’s systems and data
Partner with engineering and product teams to integrate Information Security into new features, systems, and development pipelines
Contribute to improving Information Security standards, processes, and best practices across the company
Conduct Information Security risk assessments and threat models of core systems, services, and third-party vendors (this does not include answering customer third-party risk assessment questionnaires).
Participate in and sometimes lead Information Security incident response activities and post-incident analysis
Support ongoing and emerging Information Security and compliance initiatives (e.g., SOC 2, Type II, ISO 27001, C5, GDPR)
Manage and enhance Algolia’s public bug bounty and vulnerability disclosure programs
Requirements
3–6 years of experience in Information Security engineering, infrastructure protection, or related technical domains
Proficiency in scripting or automation with at least one language (Python, Bash, Go, or similar) is required. Experience with Kubernetes is preferred.
Strong understanding of Information Security principles for modern cloud environments (AWS, GCP, or Azure) as well as operations in datacenters.
Strong understanding of, comfort with, and at least three years of experience in operating, configuring, and managing log management / SIEM, threat detection and posture management, endpoint detection and response, SAST, SOAR, CTI, and other table-stakes information security systems with strong preference to at least one year of experience with deep use of Crowdstrike or Obsidian (preferably both).
Knowledge of common internet Information Security threats, attack vectors, and mitigation strategies
Solid understanding of computer systems, networks, and low-level protocols from an Information Security perspective
Experience in incident detection, response, and vulnerability management
Excellent communication skills, with the ability to explain Information Security risks and concepts to both technical and non-technical audiences
Clear ability to collaborate with VP of Information security to advise on next steps and to work independently to achieve business outcomes
rather than a ticket based approach.
Full professional proficiency in English.
Tech Stack
AWS
Azure
Cloud
Google Cloud Platform
Kubernetes
Python
Go
Benefits
A culture that values continuous learning, curiosity, and collaboration in Information Security
A global, remote-friendly team that treats Information Security as an enabler of innovation
Opportunities to make a measurable impact on the Information Security of systems used by millions of end users
Ongoing professional development and support as the Information Security landscape evolves