Staff Engineer - Backend

What do we do?

ThoughtSpot is on a mission to create a more fact-driven world. Our platform is disrupting the $200B+ analytics market industry by making it 1000x faster and easier for non-technical business people to answer their own data questions, based on innovations in search engines, in-memory large-scale computing & AI technology. With ThoughtSpot, anyone from C-suite executives to front-line employees can use a simple search to instantly analyse billions of rows of data, and leverage artificial intelligence to get relevant insights on questions they might not have thought to ask. If you’re looking to solve hard problems in a large market, this is the role for you!

ThoughtSpot is a pioneering company at the forefront of the data analytics and business intelligence industry. Our platform empowers organizations to transform their data into actionable insights, enabling them to make smarter, data-driven decisions.

Key Responsibilities

• Define and execute the security posture for ThoughtSpot services running across multiple cloud and hybrid environments.
• Provide technical leadership, mentor team members, and lead initiatives across the R&D org across geographies
• Experiment and drive technology decisions across multi-cloud environments - AWS , GCP, private cloud.
• Requirements
• Architect and implement state-of-the-art security solutions and services to secure deployment and operations of ThoughtSpot services running in both public cloud and on-prem
• Implement frameworks and best practices in addressing all security domains such as endpoints, networks, applications, and infrastructure
• Work with customers to understand their security requirements, recommend best practices to deploy and manage ThoughtSpot to comply with those requirements, and work with engineering teams to plug any feature gaps
• Implement capabilities for static and dynamic analysis, monitoring, intrusion detection, vulnerability management, and incident response across ThoughtSpot product suite
• Work towards achieving various industry certifications and meeting compliance requirements
• Experience in defining strategy and technical roadmap for continuously improving security posture of product and services

Must-Haves Skills

• 10+ years in cloud security, security engineering, security solutions, network security, architecture, and operations experiences in SaaS and on-prem products
• You bring in expertise in either of these security domains: network, cloud, application security, and infrastructure
• Proficient in SaaS and cloud-based development practices and familiar with development for AWS, GCP, or Azure cloud environments
• Experience with IAM, encryption, key management, firewall technologies, IDPS, anti-malware and vulnerability scanning tools
• Strong security architecture and hands-on engineering skills with deep knowledge of cloud operational models and secure SaaS architecture
• Experience in diverse cross-functional teams working across different geographic time-zones is good to have for the role
• Familiarity with SOC 2, ISO 27001, OWASP, SANS or CSA standards and best practices
• Standout Skills/Key Differentiators
• Hands on experience on handling security posture for SaaS platforms.
• Experience in multiple cloud native security tools - GCP security center, WAF configuration handling, implementation of OWASP principles
• Deep understanding of technical security across a spectrum of cloud infrastructure environments
• security controls and capabilities (e.g., DDoS, Firewalls, WAF, Network Segregation)
• Deep understanding and experience of multi-layer security controls ensuring confidentiality, integrity, and availability
• Considerable experience with security tools (e.g., SAST/DAST, SCA, vulnerability scanning, penetration testing)
• Experience with Identity and Access Management security solutions and protocols (e.g., SAML, OpenID, and OAuth)
• Understanding of security by design principles, architecture level security, API security, and Zero Trust security concepts
• Experience and understanding of Container/Kubernetes security and controls