Contentful (https://www.contentful.com) is a content management developer platform that enables web and mobile developers to manage, integrate, and deliver digital content to any kind of device or service that can connect to an API - be it smart cars, VR, mobile, web, digital signage, or any new platform. We solve the complexities of content management for tens of thousands web and mobile developers, some independent and many working at enterprise customers that include Jack-in-the-box, Petsmart, Specialized, and Urban Outfitters.
We're a fun team of over 100 people from 37 nations with offices in Berlin and San Francisco, backed by top VCs (Benchmark, Trinity, Balderton, Point Nine), growing at an amazing pace, and looking for more amazing individuals to join our team!
ABOUT THE ROLE
Contentful strives to build a secure and safe service and commits considerable effort and resources on security.
The goal of the Security team is to provide guidance and support to the Product teams and enable them to build a reliable and secure product. We follow a holistic approach to guarantee the safety, availability, and integrity of our customers' data.
- Develop security tools to improve our infrastructure and development pipeline
- Improve existing security features in our applications, including improvement of our security monitoring and threat detection tooling in our microservices architecture
- Support Product and Engineering teams and ensure that all new applications and features have security built in from the beginning on
- Work with skilled engineers to identify risks, put measures in place to avoid them and ensure that our security standards are met
- Continually refine and improve our security standards, and train our employees on all security measures
- Help manage our bug bounty program and coordinate verification and fixing of the reported findings
- Support the Sales team to answer any security related questions from customers, consequently helping to build trust
- You have already worked with a modern cloud infrastructure and are looking for a challenge within a company that considers security as a combined and ongoing effort based on a data-driven culture
- You have at least 3 years of experience in the field of application and system security
- You have a background in Linux
- Professional experience with web services, REST, micro service architectures and container infrastructure
- Good understanding of the OWASP Top 10
- Excellent English communication skills, both verbal and written (German is not required but is considered a plus).
NICE TO HAVE
- Experience running a responsible vulnerability disclosure program or reporting vulnerabilities to companies.
- Experience in ensuring security and privacy on the Internet
- Familiar with AWS and the security mechanisms provided
- Shape the future of the Contentful product’s security
- Create and deploy security tooling, and support the teams to build secure applications
- Work strategically and reactively - it never gets boring
- Work with cutting edge technology and provide enterprise grade security to global customers
- Enjoy the freedom and ownership of your work, and measure your success
- Join an innovative tech company; our product is made by developers, for developers and we count among our investors and advisors people like Adam Wiggins (Heroku) and Francesco Cesarini (Erlang Solutions)
- Be part of a team of experts in a company where technology matters and is key
- We offer an education budget and extra days off to be spent on your self-development
- Pick any tools you feel comfortable with. From hardware to software, your work environment to your chair, we've literally got your back
- Enjoy the flexibility of time and place of your work
- Brush up your language skills! Our team speaks more than 20 languages
- We fully support your move to Berlin with a relocation budget. We'll help you settle into your exciting new city
“Variety is the spice of life” — and a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and are proud to be an equal opportunity employer: all qualified applicants are considered for positions regardless of race, ethnic origin, gender, age, religion or belief, marital status, gender identification, sexual orientation, or disability. We look forward to your application!