About TripleLift
We're TripleLift, an advertising platform on a mission to elevate digital advertising through beautiful creative, quality publishers, actionable data and smart targeting. Through over 1 trillion monthly ad transactions, we help publishers and platforms monetize their businesses. Our technology is where the world's leading brands find audiences across online video, connected television, display and native ads. Brand and enterprise customers choose us because of our innovative solutions, premium formats, and supportive experts dedicated to maximizing their performance.
As part of the Vista Equity Partners portfolio, we are NMSDC certified, qualify for diverse spending goals and are committed to economic inclusion. Find out how TripleLift raises up the programmatic ecosystem at triplelift.com.
The Role
TripleLift is seeking a Senior Data Security Engineer to join our team full-time. We are an established company in the advertising technology sector, trying to tackle some of the most challenging problems facing the industry. You will join a rapidly growing and complex environment and work as part of a small team responsible for developing, evangelizing, and executing our security roadmap. You'll help drive improvements in our security operations capability and support critical projects, enhancing our detect-and-respond capabilities.
Responsibilities
- Develop and implement data security policies, standards, and procedures that are in accordance with industry best practices and legal requirements.
- Provide technical expertise and guidance to internal teams on data security best practices, encryption technologies, and secure development methodologies.
- Collaborate with cross-functional teams to integrate data security controls into existing systems, applications, and workflows.
- Design, develop, and improve solutions for Data Loss Prevention and Detection.
- Design and maintain secure data infrastructure, including designing and implementing data pipelines, ETL processes, and data access controls
- Utilize Databricks, Snowflake, Looker, and Airflow to design and secure data models, queries, and integration workflows.
- Participate in agile planning, daily stand-ups, and retrospectives to ensure timely and efficient project delivery.
- Enhance and maintain application and infrastructure vulnerability management programs, perform threat-hunting activities, and facilitate penetration testing.
- Enhance and facilitate security incident-handling activities.
- Evaluate engineering and infrastructure projects for proper alignment to security controls and report identified risks through appropriate channels.
- Create and manage security procedure documentation related to data security.
Desired Skills And Attributes
- Proven experience in data security engineering and a strong background in designing and deploying secure data solutions in a cloud environment (ideally AWS)
- Understanding of data security fundamentals with relation to various cybersecurity and compliance frameworks, particularly NIST CSF, but any of PCI, SOC2, ISO 27001/2, or similar
- Deep understanding of the AWS Cloud, its services, technologies, and APIs
- Deep knowledge of authentication, authorization, encryption, data sanitization, data loss prevention and disaster recovery practices
- Able to design and evaluate data security controls, as well as how to design adequate compensating controls where necessary
- Experience managing tools in a Security Operations Center environment, i.e., monitoring and reacting to SIEM alerts/events
- Practical experience with coding and scripting languages to implement changes to cloud infrastructure and data systems
- Deep understanding of how to securely manage cloud-native environments and the ability to deploy tools in these environments
- Comfortable taking ownership of projects and showcasing key accomplishments
- Strives for continued learning opportunities to build upon craft
- Values correctness and efficiency and has an exceptional eye for detail
- Ability to work quickly and independently with minimal oversight
Experience Requirement
- At least five years of experience working within a security role or related/adjacent role.
Life at TripleLift
At TripleLift, we're a team of great people who like who they work with and want to make everyone around them better. This means being positive, collaborative, and compassionate. We hustle harder than the competition and are continuously innovating.
Learn more about TripleLift and our culture by visiting our LinkedIn Life page.
Diversity, Equity, Inclusion and Accessibility at TripleLift
At TripleLift, we believe in the power of diversity, equity, inclusion and accessibility. Our culture enables individuals to share their uniqueness and contribute as part of a team. With our DE&I initiatives, TripleLift is a place that works for you, and where you can feel a sense of belonging and support. At TripleLift, we will consider and champion all qualified applicants for employment without regard to race, creed, color, religion, national origin, sex, age, disability, sexual orientation, gender identity, gender expression, genetic predisposition, veteran, marital, or any other status protected by law. TripleLift is proud to be an equal opportunity employer.
Learn more about our DEI efforts at https://triplelift.com/diversity-equity-and-inclusion/
Privacy Policy
Please see our Privacy Policies on our TripleLift and 1plusX websites.
TripleLift does not accept unsolicited resumes from any type of recruitment search firm. Any resume submitted in the absence of a signed agreement will become the property of TripleLift and no fee shall be due.