engineering
Posted 1 weeks agoSr. Software Engineer, Security (Pipedream)
at Workday
Usa Pleasanton, United StatesRemote
Responsibilities
- Building and maintaining the platform's threat model, and partnering with Product and Engineering to ship new features securely without slowing them down.
Requirements
- We’re obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we’re shaping the future of work so teams can reach their potential and focus on what matters most.
- Pipedream runs a polyglot stack — TypeScript, Rust, Kotlin, Ruby, and more — so you will read and fix code across all of it.
- Securing cloud infrastructure (AWS, GCP) and the third-party vendor surface (Redis, Datadog, and others).
- Partnering with Workday's security team to translate broader policy into something that fits Pipedream's stack and operations. About You Basic
- experience in product security, application security, or software engineering with a security focus Hands-on
- experience with vulnerability management, threat modeling, and risk analysis
- Experience securing AWS or comparable cloud platforms at production scale Other
- experience in threat and vulnerability management, including identifying, assessing, and mitigating potential risks and weaknesses across a platform's security infrastructure.
- Solid understanding of application security, including protecting software applications from potential threats and vulnerabilities.
- experience with security controls such as encryption and authentication.
- Proficiency in securing cloud infrastructure, with the ability to design, manage, and maintain cloud-based environments (AWS, GCP) at scale.
- You understand how to effectively secure and monitor cloud services in a production setting.
- Experience with security incident response, including a systematic approach to managing the aftermath of security breaches or attacks.
- You know how to identify and analyze security incidents, coordinate response activities, and develop strategies to prevent future incidents.
- Comfort reading and patching code across multiple languages — you do not need to know Pipedream's specific stack, but you are the kind of engineer who picks up new languages quickly and can operate effectively across a polyglot codebase.