Security Engineer III

Security Engineer III

PagerDuty believes that people do their best in a culture that fosters inclusion, innovation, and success. Our values - Champion the Customer, Take the Lead, Run Together, Ack + Own and Bring Yourself - serve as the foundation of our collaborative and dynamic culture.

Whether it's conducting a retrospective, participating in our bi-annual hack weeks, cranking out a new product feature, or doing our day to day work, Dutonians live and breathe these five values every day. Together, we solve real customer issues and fulfill our mission of connecting teams to real-time opportunities and elevate work to the outcomes that matter.

We're building an inclusive workplace that represents the real, everyday people we support around the world. From how we build our teams to who sits in the boardroom, we hope you can see yourself at PagerDuty.

PagerDuty is seeking our next Dutonian on the Infrastructure Security team. Do you relish the opportunity to design systems, tools and solutions that enable mission critical applications to scale securely? Do you enjoy contributing to organization-wide initiatives to automate, optimize, and secure? Do you believe in developing processes and solutions that make security the easy choice? Yes? Then you should join us! As a Security Engineer at PagerDuty, you'll be a part of an amazing team that's intensely focused on securing our products, improving our security processes, and building the future of security at PagerDuty.

• You revel in the opportunity to build lovable security solutions that make developers and customers happy.
• Be a part of security initiatives like secrets management, identity and access management, vulnerability management, incident response, implementing security controls, and infrastructure.
• Since we own and operate what we build, you'll collaborate closely with engineers across teams. You will work closely with our internal development teams to ensure we deliver secure, highly reliable and scalable solutions to our customers.
• We practice Chaos Engineering, so you'll have the opportunity to be involved in our Failure Friday sessions, where we deliberately break our systems, find weaknesses, and fix them proactively.
• With 10,000+ global customers and growing, you'll be solving really interesting technical challenges while helping to scale our product to keep up with demand.
• Participate in our team's on-call rotation, triaging and addressing security issues as they arise.

• You get excited about incident detection, response and forensics.
• You believe in creating tools and automation that make security the easiest choice.
• Things that make you smile: Secure Infrastructure, systems, automation, analysis, coding, cute animal memes.
• You're interested in and understand vulnerability management, patch management, and security tooling.
• You understand the importance of documenting, collaboration, and knowledge sharing.
• You are comfortable with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach and collaborate with the rest of the team to build/test elegant solutions.
• You have an understanding of the importance of empathy: you should have an open mind to others-no matter how senior or junior they are.
• You have a calm, assertive approach to diagnosing and fixing urgent problems.
• You enjoy mentoring and learning from your team and peers.

• 5+ years of experience as a Security Engineer in a large, enterprise environment. infrastructure, working closely with the SRE team, Implementing security controls.
• Must bring strong expertise in Kubernetes (EKS, K8s) and Security Incident Response.
• Technical stack experience required to be successful in this role:




• AWS Security (GuardDuty, CloudTrail, Secrets Manager, EKS/ECR, IAM family, Config), Vulnerability management (Qualys/Nessus, Twistlock, Snyk), SIEM (SumoLogic or Splunk), Container Security , CI/CD Discipline (Helm, Terraform, Chef), Security Incident Response & Risk Management.




• Proficiency in at least one programming language (e.g. Ruby on Rails, Python, Phoenix/Elixir). Required for tools that are rolled out for integration, IaaS, and ability to deploy certain workloads.

• Current or past experience with obtaining FedRAMP.
• Auditing and security best practice of AWS; focus on IAM, network access and S3.
• Penetration testing, bug bounties and anything in between.