About The Position

At Algolia, we’re proud to be a pioneer and market leader in AI Search, empowering 17,000+ businesses to deliver blazing-fast, predictive search and browse experiences at internet scale. Every week, we power over 30 billion search requests — four times more than Microsoft Bing, Yahoo, Baidu, Yandex, and DuckDuckGo combined. In 2021, we raised $150 million in Series D funding, quadrupling our valuation to $2.25 billion. This strong foundation enables us to keep investing in our market-leading platform and serving incredible customers like Under Armour, PetSmart, Stripe, Gymshark, and Walgreens. Looking for someone based in Central or Eastern timezone. Algolia powers search and discovery for thousands of companies and billions of queries every month. Our services operate at massive scale across the internet, processing large volumes of data in real time. This visibility and reach create unique Information Security challenges, and we’re looking for an engineer who’s motivated to address them head-on. At Algolia, Information Security is built into everything we do. It is not an afterthought; it’s a core design and operational principle. Our Information Security team ensures that trust, privacy, and resilience are embedded throughout our infrastructure, products, and internal processes. As Algolia continues to expand globally, we are growing our Information Security team to match that scale. We are seeking a North-American based, pragmatic, technically strong, and collaborative information security engineer to strengthen our Information Security posture and enable the company to innovate securely and confidently.

Requirements

  • 3–6 years of experience in Information Security engineering, infrastructure protection, or related technical domains
  • Strong understanding of Information Security principles for modern cloud environments (AWS, GCP, or Azure)
  • Strong understanding of, comfort with, and at least three years of experience in operating, configuring, and managing log management / SIEM, threat detection and posture management, endpoint detection and response, SAST, SOAR, and other table-stakes information security systems.
  • Knowledge of common internet Information Security threats, attack vectors, and mitigation strategies
  • Proficiency in scripting or automation with at least one language (Python, Bash, Go, or similar)
  • Solid understanding of computer systems, networks, and low-level protocols from an Information Security perspective
  • Experience in incident detection, response, and vulnerability management
  • Excellent communication skills, with the ability to explain Information Security risks and concepts to both technical and non-technical audiences
  • Full professional proficiency in English

Nice To Haves

  • Experience scaling Information Security programs in high-growth SaaS organizations (10,000+ customers, $50–200M ARR range)
  • Cloud-specific Information Security certifications or equivalent training (e.g., AWS Security Specialty, GCP Professional Security Engineer)
  • Experience with complex secrets management systems such as Hashicorp Vault
  • Experience contributing to Information Security communities, such as bug bounty triage, open-source security tools, or Capture the Flag events
  • Background in privacy engineering, threat modeling, or secure software design

Responsibilities

  • Design and automate controls, detection mechanisms, and tooling to improve the Information Security of Algolia’s infrastructure and products
  • Research, evaluate, and recommend new Information Security technologies, techniques, and frameworks
  • Design, implement, and maintain information security monitoring and remediation systems that move the needle in protecting Algolia’s customers’ data, and protecting Algolia’s systems and data
  • Partner with engineering and product teams to integrate Information Security into new features, systems, and development pipelines
  • Contribute to improving Information Security standards, processes, and best practices across the company
  • Conduct Information Security risk assessments and threat models of core systems, services, and third-party vendors (this does not include answering customer third-party risk assessment questionnaires).
  • Participate in and sometimes lead Information Security incident response activities and post-incident analysis
  • Support ongoing and emerging Information Security and compliance initiatives (e.g., SOC 2, Type II, ISO 27001, C5, GDPR)
  • Manage and enhance Algolia’s public bug bounty and vulnerability disclosure programs

Benefits

  • A culture that values continuous learning, curiosity, and collaboration in Information Security
  • A global, remote-friendly team that treats Information Security as an enabler of innovation
  • Opportunities to make a measurable impact on the Information Security of systems used by millions of end users
  • Ongoing professional development and support as the Information Security landscape evolves
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service