About the position
As a Security Engineer II at Amplitude, you will play a crucial role in improving the security of the company's platform, products, and internal systems. Your main responsibility will be to identify and drive impactful projects that enhance the overall security posture. You will collaborate closely with cross-functional teams and focus on systemic security improvements and risk reduction. Additionally, you will be involved in technical security assessments, code audits, design reviews, and automation of security issue detection and remediation. This role requires a solid understanding of security engineering principles, familiarity with security detection techniques and threat modeling frameworks, and proficiency in modern software development practices.
Responsibilities
- Perform technical security assessments, code audits, and design reviews
- Clearly communicate the risk of security issues to developers, including proof-of-concept code as necessary to demonstrate the potential severity
- Automate the detection, verification, mitigation, and remediation of security issues
- Conduct assessments to identify attack vectors against products and services
- Participate in team on-call rotation to support penetration-testing, bug-bounty, and vulnerability-management programs
Requirements
- 3+ years of security engineering experience OR experience in a SWE/DevOps role and an interest in working on security engineering initiatives
- Familiarity with security detection techniques (SAST, DAST, IAST, SCA), threat modeling frameworks (OWASP, MITRE, STRIDE, DREAD), and how they are used together to improve product security through design reviews
- A solid understanding of modern software development principles and design patterns, including the ability to write clean, efficient, and maintainable code (in Java, Typescript, Python, etc.)
- Familiarity with Agile, DevOps, CI/CD, and cloud-based infrastructure like AWS
- Curiosity and a willingness to learn
Benefits
- Excellent Medical, Dental and Vision insurance coverages, with 100% employer-paid premiums for employee Medical, Dental, Vision on select plans
- Flexible time off, paid holidays, and more
- Generous stipends for wellness, learning and development, commuter transit/parking, home office equipment, and more
- Excellent Parental benefits including 12-20 weeks of Paid Parental Leave, Carrot Fertility Benefits/Adoption/Surrogacy support, Back-up Child Care support
- Mental health and wellness benefits including no cost employee access to Modern Health coaching & therapy Sessions and high-quality physician office experience via One Medical membership (select U.S. locations only)
- Employee Stock Purchase Program (ESPP)
- Equity, benefits, and other forms of compensation
- Competitive pay and benefits packages
- Equal employment opportunities (EEO)
- Opportunity to work with leading companies and gain self-service visibility into the entire customer journey
- Opportunity to make a significant impact on the security of Amplitude's platform, products, and internal systems
- Partnership with teams across the company
- Opportunity to participate in operational security responsibilities such as security reviews and consulting, threat research/bug-bounty triage, incident response, and risk management
- Opportunity to perform technical security assessments, code audits, and design reviews
- Opportunity to automate the detection, verification, mitigation, and remediation of security issues
- Opportunity to conduct assessments to identify attack vectors against products and services
- Opportunity to participate in team on-call rotation to support penetration-testing, bug-bounty, and vulnerability-management programs
- Opportunity to work with a global and fast-growing team
- Opportunity for professional growth and learning
- Opportunity to work in an environment of inclusion, psychological safety, empathy, and human connection
- Opportunity to work with a company that values diversity and believes it enables the creation of better products and solutions
- Opportunity to work with a company that values growth mindset, ownership, and humility
- Opportunity to work with a company that operates from a place of empathy and openness
- Opportunity to work with a company that offers competitive pay and benefits packages reflecting their commitment to the health and wellbeing of employees.