Senior Software Engineer, Product Security

Posted:
10/30/2024, 9:37:13 AM

Location(s):
Massachusetts, United States ⋅ Boston, Massachusetts, United States

Experience Level(s):
Senior

Field(s):
DevOps & Infrastructure ⋅ Software Engineering

Pay:
$109/hr or $226,720 total comp

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.

Klaviyo is seeking a Senior Software Engineer to join the Security and Trust organization’s Product Security team. In this role you will work closely with Security, Product, AppSec, and Development teams to build customer facing security features, internal security tooling to support the Security Operations team, secure code libraries to enable secure product development by Klaviyo developers.  You will be directly supporting  our mission of reducing risk while maintaining secure development speed and enabling customers to operate on a secure platform. As a member of the Product Security team you will positively impact Klaviyo by providing a secure platform for our customers, enabling development teams to securely and independently maintain secure software, and enable the Security Operations team to execute effectively by providing impactful internal tooling.

How you will make a difference:

  • Build high impact security solutions within the Klaviyo application
  • Support development teams by consulting on new product development
  • Develop internal security tooling to support the Security Operations mission
  • Work with the Offensive Security and Detection & Response teams to provide infrastructure to support offensive and defensive capabilities
  • Assist teams so they can remediate security vulnerabilities and reduce risk by implementing secure code practices / tooling.
  • Build automation to prevent security issues from entering our environments or augment security team workflows
  • Identify security gaps and determine best ways to increase visibility and reduce risk
  • Conduct periodic security reviews of proposed software projects, work with development teams during project development to implement secure code practices, make recommendations across the organization to better secure our code and platforms.

Technologies we use (not exhaustive):

  • Python, Django, React, RabbitMQ, Celery, MySQL, Redis, Memcached
  • Amazon Web Services (EC2, RDS, Aurora, etc.), Terraform, Jenkins, GCP
  • Splunk, Snowflake, Lacework, Tines, Jira

We’d love to hear from you if you have:

  • 4+ years of hands-on secure software development 
  • Experience developing web applications
    • Django or other modern platforms
  • Strong development experience with Python
  • Understanding of OWASP top 10 and countermeasures
  • Experience deploying software/applications to complex cloud environments (AWS preferred)
  • Experience with infrastructure-as-code tools such as Terraform
  • Experience in deploying workloads to Kubernetes
  • Automation-first approach for all work performed
  • Strong oral and written communication skills
  • Team player with a strong, self-managing work ethic

The pay range for this role is listed below. Sales roles are also eligible for variable compensation and hourly non-exempt roles are eligible for overtime in accordance with applicable law. This role is eligible for benefits, including: medical, dental and vision coverage, health savings accounts, flexible spending accounts, 401(k), flexible paid time off and company-paid holidays and a culture of learning that includes a learning allowance and access to a professional coaching service for all employees.

Base Pay Range For US Locations:
$156,800$235,200 USD

Get to Know Klaviyo

We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.

Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.

IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls. 

You can find our Job Applicant Privacy Notice here.