Privacy & Security Engineer

Bay Area, California

About Wurl, LLC.

Do you want to help grow an incredible entertainment and ad tech company with a fantastic culture, collaborate and grow your career, while working remotely?  

Wurl is redefining TV through our mission of connecting all the world’s programming with all the world’s viewers. And in pursuit of this, Wurl has become the world leader in powering streaming TV. Our industry-leading platform helps renowned media companies such as A+E Networks, AMC Networks, BBC Studios, Bloomberg, CNN, Reuters, and Sony create streaming TV channels and deliver programming to the world’s biggest Streamers, including Amazon, Roku, Samsung TV Plus, LG, VIZIO, and Rakuten. Today, Wurl interconnects over 1200 streaming channels and Streamers, reaching more than 300 million connected TVs in over 50 countries. The Wurl Network makes it effortless for Content Companies to build global distribution for branded FAST channels, live events, and on-demand programming, as well as manage and monetize their ad inventory.

We're an entertainment tech startup with 160+ team members across the world. We've been recognized as a “Great Place to Work" after the first two years by fostering an inclusive and mission-driven culture. In addition to RSU's and great benefits, our people work remotely.

Privacy & Security Engineer - Remote:

Wurl is looking for an experienced Senior Security Engineer, who is knowledgeable about online video and cloud computing, to interface with the different teams and assist with security, privacy and compliance tasks, and help make Wurl the most professional and reliable platform for commercial online video. Our ideal candidate is able to grow into a more senior role from that of individual contributor in order to build up our security and compliance organization.

This is a senior role reporting to the CSO/Chief Architect. The position can be done remotely (CA). Some occasional travel may be required when Covid restrictions are fully lifted.

What You'll Do:

  • Proactively find and triage issues related to information security
  • Perform threat modeling, code and architecture reviews with a focus on security and privacy, and ensure vulnerabilities are identified, classified, communicated to team members, and assist in their resolution
  • Support the engineering teams with large scale security projects, release and secure coding process, the vulnerability lifecycle and anonymization of PII
  • Conduct frequent testing and simulated cyber-attacks to look for vulnerabilities in the systems and take appropriate action.
  • Conduct internal penetration testing and interface with companies that do external testing to identify weaknesses (Blue team and Red Team).
  • Assist educating the engineering team on security issues and security reviews in Ruby, Python, Go, Javascript/NodeJS, AWS and Python, and when deploying containerized software in Linux, EC2 and Docker environments.
  • Assist the security org team on evaluating risk.
  • Should breaches occur, to implement emergency and security incident response plans and minimize the impact of intrusions, produce post-mortems and lessons learned.
  • Configure, upgrade and assist in the management of VPCs and cloud security infrastructure and cloud services
  • Coding work in projects of Shift Left security and compliance (at the CI/CD level)

Qualifications:

  • Knowledge of security infrastructure and technologies such as proxies, VPCs, IPS, among others.
  • Proven experience with AWS infrastructure, from EC2, EKS, S3 and others.
  • Familiarity with CWE/SANS Top 25, OWASP Top 10, MITRE, NIST and Penetration Testing.
  • Administrative scripting skills (NodeJS, Shell, Rust, Ruby).
  • Understanding of general issues around video streaming and database management systems (SQL and NoSQL) from a security + privacy standpoint.
  • Working knowledge of TCP/IP, IPSec, Linux/Unix, Docker and network protocols.
  • Strong communication skills
  • 3 years experience securing AWS Systems
  • 3 Years experience securing Ruby and Python applications
  • 2 years experience securing NodeJS and Go
  • 1 year experience securing c/c++
  • A working understanding of security certification processes and regulatory environments like ISO 27001, SOC2, GDPR, and of securing PII vs other types of data.

What We Offer

  • Competitive Salary & Equity
  • Strong Medical, Dental and Vision Benefits, 90% paid by Wurl 
  • Remote first policy 
  • Flexible Time Off 
  • 12 US Holidays 
  • 401(k) Matching
  • Pre-Tax Savings Plans, HSA & FSA
  • Ginger, Aaptiv and Headspace subscriptions for mental and physical wellness
  • OneMedical subscription for 24/7 convenient medical care
  • Paid Maternity and Parental Leave for all family additions
  • Discounted PetPlan and easy at home access to Covid testing with empowerDX 
  • $1k Work From Home Stipend to set up your Office 

 

Few companies allow you to thrive like you will at Wurl. You will have the opportunity to collaborate with the industry’s brightest minds and most innovative thinkers. You will enjoy ongoing mentorship, team collaboration and you will understand what we mean by ‘human connection”.  You will be proud to say you're a part of the company revolutionizing TV.

At Wurl, we value work-life harmony and believe that family and mental health should always come first.  Our team is fiercely passionate and contagiously enthusiastic about what we are building.  While we are seeking those who know our industry, there is no perfect candidate and we want to encourage you to apply even if you do not meet all requirements.