The Security Engineering team at Fullstory ensures that engineering teams across the company are enabled to securely design, build, test, and maintain the software & infrastructure that powers our business. We focus on establishing a “paved road” so that engineers can move confidently to deliver secure technologies with minimal friction. The Security Engineering team considers leading with empathy and providing excellent customer service to our stakeholders paramount to success.
Reporting into the Vice President of Security Engineering & GRC, this role will help champion integrating security throughout Fullstory. Whether running a detailed code review, establishing secure-development practices, mentoring engineers, or advising our product team on feature development, Fullstory’s Security Engineering team members are focused on continuous improvement against our maturity model and Secure Development Lifecycle (SDL) to improve the outcomes for our teammates, while building services that our customers can trust.
In a typical day, you might:
- Support engineers across the SDL as a security subject matter expert, including design reviews, threat modeling, code review, patch creation, and penetration testing
- Collaborate with product and engineering on architecting resilient, security-first services
- Perform deep, technical security assessments to ensure services follow secure design principles across our engineering portfolio
- Develop automation of high-signal security tooling through customizations and plugins
- Support third-party security consultants to provide external validation of product security
- Craft and deliver interactive security training courses to support engineer enablement
Here’s what we’re looking for:
- Has 5+ years of experience working in software security roles or performing similar types of work (e.g. application security, security engineering, product security, security research)
- Able to read and write software in two or more of the following languages: Go, Rust, Objective-C, React Native, or Python
- Proficient in identifying vulnerability classes, performing root cause analysis, defining remediation paths in code, technical coordination with engineers, and verifying fixes
- Has direct experience in activities such as threat modeling, penetration testing, creating security requirements, performing source code reviews, or leading security design reviews
- Has experience building sustainable security programs with an emphasis on customer service, partnership, and enablement of software engineering and product stakeholders
The impact you will have in 6 months:
- Act as a core participant in our engineering design document review process, ensuring that security considerations are well articulated early in the software development lifecycle
- Establish a comprehensive open-source security strategy for external FullStory projects
The impact you will have in 12 months:
- Expand FullStory’s brand of trust by publishing content, presenting at industry events, and/or open-source internal security engineering efforts to improve the broader security community
- Directly partner with senior engineering and product peers to securely build new-to-market product offerings that balance risk management with exciting company innovations
The base salary for this position ranges between $180,000 – $220,000 USD. Base salary will vary based on relevant experience, job-related skills and qualifications.
About Fullstory
Fullstory is on a mission to help technology leaders make better, more informed decisions by injecting behavioral data into their analytics stack. The company’s patented technology unlocks the power of quality behavioral data at scale by transforming every digital visit into actionable data and insights. With Fullstory, enterprises can get closer to their customers’ true sentiment and intentions to predict what they want, create personalized experiences, and drive conversion, loyalty, and revenue. Fullstory is headquartered in Atlanta, USA, with regional teams across North America, EMEA and APAC.
How we support you:
Fullstorians are committed to building something better—from how we approach our product, to how we care for our customers and each other. Better is only possible when we can bring our full selves to work. Along these lines, we offer:
- Autonomy and flexibility. From a remote-first work environment and flexible paid time off, to an annual company-wide closure – Fullstorians can focus on the moments that matter.
- Benefits. Take care of the whole you. FullStory offers sponsored benefit packages for US-based Fullstorians, and supplemental coverage options for international Fullstorians.
- Learning opportunities. We provide professional development opportunities through training programs, career coaching sessions, and an annual learning subsidy.
- Productivity support. We provide all Fullstorians with a monthly productivity stipend and reimburse remote colleagues for their initial home office set up.
- Team events. Connect with fellow Fullstorians through Employee Resource Group events, Listening & Alignment weeks, and team off-sites.
- Paid parental leave. Fullstorians have the flexibility to balance the needs of their growing families without the added stress of figuring out work and finances.
- Grow your family. We offer a global fertility and family building benefit that encompasses all journeys to growing your family.
- Bereavement leave. Every family is different; we leave it to you to define who your family is, and support you when you need it most.
- Miscarriage/Pregnancy loss leave. Whether it is for a Fullstorian or their partner – take the time you need.
Fullstory is proud to be an equal opportunity workplace dedicated to fostering an increasingly diverse community. We want candidates of all human varieties, backgrounds, and lifestyles. There’s no problem that can’t be made better by bringing together people with a broader set of perspectives. If our product, values, and community resonate with you, please apply – we’d love to hear from you!