Security Engineer

WHY WE'RE LOOKING FOR YOU

Retool aspires to be the single best way companies build internal tools, bringing good software to everyone. Central to this vision is an unwavering commitment to security. Retool both handles our clients' most sensitive data and offers a Turing-complete coding environment, so security is a core criterion for everything we build. Bringing our customers a powerful coding environment demands nothing less than top-tier security across every inch of our product and platform - and here's exactly where your expertise comes into play.

We're looking for a Security Engineer to help drive the planning, execution, and delivery of security initiatives and programs across the organization. To strengthen Retool's security posture, drive the security roadmap, and shape the trajectory of our security team, you'll work closely with fellow engineers, cross-functional stakeholders, and senior leadership across the entire company. In this role, you'll own key parts of our security program and provide mentorship to help level up the current team as we scale.

IN THIS ROLE, YOU WILL:

• Work with the broader engineering organization on new projects and initiatives that improve the security and resilience of Retool
• Regularly gather and examine customer and internal security team needs and opportunities for new information security programs, products and projects
• Develop technical solutions to help mitigate security vulnerabilities, solve systematic security weaknesses, and product security features-you'll be writing automations, code, and Retool apps!
• Regularly perform technical security assessments, code audits, and design reviews.
• Drive evaluations to identify and remediate attack vectors against Retool products and platforms.
• Support in overseeing our pen-testing and bug bounty programs
• Assist in managing governance, risk, and compliance
• Deliver guidance and education to developers on best practices for security and privacy, aiming to prevent the creation of vulnerabilities
• Champion, promote, and advocate for security and secure practices throughout Retool

THE SKILLSET YOU'LL BRING:

• 8+ years of experience in security engineering or related fields, implementing secure, scalable software used across multiple teams
• Excellent project management skills and a proven track record developing and implementing security programs and initiatives
• Enthusiasm for cross-functional collaboration, working with engineering, sales, people ops, finance, and more to drive impactful outcomes
• A keen ability to break down complex problems and lead cross-functional projects to robust solutions, with a focus on championing security initiatives and enhancing product security posture
• An empathetic approach to software engineering, actively identifying and mitigating potential vulnerabilities while mentoring and elevating the skills of fellow teammates
• Effective communication of threat models and risks to foster understanding and alignment across teams, while also demonstrating familiarity with communicating work through specifications or design documents