Security Engineer

about nooks.ai

nooks is the ai sales assistant platform (asap) that automates the busywork so reps can focus on the human part of selling and generate more sales pipeline. nooks has helped thousands of sales reps hit quota, saved customers hundreds of thousands of hours, and powered hundreds of millions of dollars in pipeline. nooks is loved by sales teams at companies like 1password, fivetran, greenhouse, and hundreds more. for more information, visit nooks.ai.

the role

note: exact job title will be commensurate with experience

we're looking for a security engineer to join our team and help build robust security practices from the ground up in our rapidly growing organization. as an early security hire, you'll have the opportunity to shape our security strategy and implementation while working closely with our engineering teams to ensure security is built into our products from day one.

examples of security challenges you may touch

these are just examples, this list is non-exhaustive, and you definitely don't need experience in all of these areas. but hopefully, you find some of them exciting!

application security & secure development (appsec, engineering)

• work directly with engineering teams to implement secure coding practices, conduct security reviews of new features, and develop automated security testing pipelines. you'll help establish security guidelines that work with our fast-paced development environment, not against it.

vulnerability management & security tooling (automation, process)

• build and maintain our security tooling infrastructure, including vulnerability scanning, sast/dast implementation, and security monitoring solutions. you'll need to balance security requirements with engineering velocity, implementing processes that scale with our growth.

security incident response & red team activities (offensive security)

• lead security incident investigations, conduct internal penetration testing, and perform red team exercises to proactively identify security gaps. you'll help build our security response playbooks and train the engineering team on security best practices.

requirements

• bachelor's degree in computer science, information security, or related technical field
• 3+ years of hands-on application security experience in a fast-paced technology company
• basic programming skills (python, javascript, or similar languages) with the ability to implement security fixes and automation
• experience with modern cloud security practices and tooling
• demonstrated experience in conducting security assessments and penetration testing
• track record of building security programs that enable rather than inhibit engineering velocity

nice to haves

• experience working in series a/b stage startups
• prior experience on a security platform team at a larger technology company
• red team or offensive security background
• experience with modern authentication systems and api security
• background in building automated security testing pipelines

compensation and benefits

we offer competitive compensation because we want to hire the best people and reward them for their contributions to our mission. we pay all employees competitively relative to market. in compliance with pay transparency laws and in pursuit of pay equity and fairness, we publish salary ranges for our open roles. the target salary range for this role is 150,000 - 230,000 usd. on top of base salary, we also offer equity, generous perks, and comprehensive benefits.

equal employment opportunity statement

nooks is an equal opportunity employer committed to fostering a diverse and inclusive workforce. we believe in providing equal employment opportunities to all individuals regardless of race, color, religion, gender, gender identity, sexual orientation, national origin, age, disability, veteran status, or any other characteristic protected by law.

nooks does not discriminate in hiring, promotion, compensation, or any other employment practices, and we are committed to ensuring a workplace that is free from discrimination, harassment, and retaliation. we encourage individuals from all backgrounds to apply and join our team.