Information Security Engineer

About The Position

Requirements

• 3–6 years of experience in Information Security engineering, infrastructure protection, or related technical domains
• Strong understanding of Information Security principles for modern cloud environments (AWS, GCP, or Azure)
• Strong understanding of, comfort with, and at least three years of experience in operating, configuring, and managing log management / SIEM, threat detection and posture management, endpoint detection and response, SAST, SOAR, and other table-stakes information security systems.
• Knowledge of common internet Information Security threats, attack vectors, and mitigation strategies
• Proficiency in scripting or automation with at least one language (Python, Bash, Go, or similar)
• Solid understanding of computer systems, networks, and low-level protocols from an Information Security perspective
• Experience in incident detection, response, and vulnerability management
• Excellent communication skills, with the ability to explain Information Security risks and concepts to both technical and non-technical audiences
• Full professional proficiency in English

Nice To Haves

• Experience scaling Information Security programs in high-growth SaaS organizations (10,000+ customers, $50–200M ARR range)
• Cloud-specific Information Security certifications or equivalent training (e.g., AWS Security Specialty, GCP Professional Security Engineer)
• Experience with complex secrets management systems such as Hashicorp Vault
• Experience contributing to Information Security communities, such as bug bounty triage, open-source security tools, or Capture the Flag events
• Background in privacy engineering, threat modeling, or secure software design

Responsibilities

• Design and automate controls, detection mechanisms, and tooling to improve the Information Security of Algolia’s infrastructure and products
• Research, evaluate, and recommend new Information Security technologies, techniques, and frameworks
• Design, implement, and maintain information security monitoring and remediation systems that move the needle in protecting Algolia’s customers’ data, and protecting Algolia’s systems and data
• Partner with engineering and product teams to integrate Information Security into new features, systems, and development pipelines
• Contribute to improving Information Security standards, processes, and best practices across the company
• Conduct Information Security risk assessments and threat models of core systems, services, and third-party vendors (this does not include answering customer third-party risk assessment questionnaires).
• Participate in and sometimes lead Information Security incident response activities and post-incident analysis
• Support ongoing and emerging Information Security and compliance initiatives (e.g., SOC 2, Type II, ISO 27001, C5, GDPR)
• Manage and enhance Algolia’s public bug bounty and vulnerability disclosure programs

Benefits

• A culture that values continuous learning, curiosity, and collaboration in Information Security
• A global, remote-friendly team that treats Information Security as an enabler of innovation
• Opportunities to make a measurable impact on the Information Security of systems used by millions of end users
• Ongoing professional development and support as the Information Security landscape evolves