What is Knewton? At Knewton, we believe each student is unique and that their knowledge is not defined by their last answer. Sometimes what a student needs at any moment may not be the next lesson in their textbook. Teachers, schools and education companies use Knewton solutions to adapt to each student’s unique needs with tailored recommendations. Join us to help students have a more positive educational experience.
What have we accomplished since opening our doors in 2008? We’ve delivered more than 15 billion (that’s right, billion) personalized recommendations to over 14 million students on every continent (okay, except Antarctica). We’re headquartered in beautiful Union Square NYC with offices in London and Tokyo. Investments top $150M from well-known angel investors plus Accel, Bessemer, First Round Capital, Firstmark, Founders Fund, GSV and Atomico.
We’re seeking a Senior Security Engineer to ensure the security of our systems. Students and educators around the world trust us with their confidential data and safeguarding this data is our foremost priority. As our user base continues to grow, we need to maintain the highest standards of protection. You will play a key role in developing and executing key security initiatives including identifying vulnerabilities, assessing risk, and responding to security incidents. Partnering across the company, you will find gaps, consult and advise the right solutions for both now and in the future and architect the tools and approaches to deliver vital security management processes. You are the evangelist to an integrated security culture. Come join us and contribute to a broad range of information security disciplines in our broader mission to transform education. (Note:Ideally this person will work at HQ but we are also open to candidates that will work remotely much of the time with occasional travel to HQ).
This is a great opportunity to:
- Identify security issues and risks across Knewton’s products and services via threat modeling, design and code reviews, and security testing
- Collaborate with engineers to build scalable frameworks, APIs and processes to keep our web applications secure
- Research, evaluate, design, and implement security tools, monitors, and processes
- Lead security incident response and forensic investigations
- Evangelize security throughout the technical organization, including providing training
- Continually improve Knewton’s security posture (i.e. reduce MTTD and attack surface).
- Provide effective incident response and oversee remediation
- Respond to partner requests regarding security of the Knewton platform
- Work with non-technical teams in Knewton to define security policies and best practices
What we are looking for:
- 5+ years of experience in securing large-scale consumer web applications or APIs, ideally, in a continuously-deployed, cloud-based environment.
- In-depth knowledge of authentication/authorization systems (i.e. kerberos, OAuth, LDAP), and TLS/SSL.
- Excellent written and verbal communication
- Sound judgement and discretion regarding confidential matters
- Demonstrated ability to manage and prioritize responsibilities while maintaining calm in a high-energy and constantly evolving environment
- Experience with FERPA and COPPA, preferred
- Experience with using a scripting language, Python preferred
- BA/BS degree in Computer Science or related degree or equivalent practical experience
- Previous startup experience, preferred
- Competitive salary, great benefits, and equity including a 401k match
- Great coworkers with a passion for empowering students and educators
- Flexible hours, no vacation policy, and paid maternity/paternity leave
- High-quality equipment (default: a new Macbook Pro with a giant monitor)
- Social groups and sports teams
- Fully stocked kitchen with all-day snacks and a full bar
- Free lunches everyday and free dinners when you work late
- Free monthly MetroCards/PATH cards
By clicking the “Apply for Job” button, you will likely be redirected to a web page outside of our website. We cannot be held responsible for external sites’ content. Please take reasonable steps to confirm that you’re actually dealing with a company representative, not an impostor.Apply for this Job