To view more jobs from this company, please visit their other roles at:
Carta Roles
Senior Security Engineer II
Carta (View all Jobs)
San Francisco, CA; Santa Clara, CA; New York City, NY; Seattle, WA
Interview Process
1. Chat with recruiter 2. Chat with one of our engineering leaders 3. Take home assignment that is not timed ( thinking about code production quality in arriving to a solution) 4. Virtual onsite (5 sessions: take home follow up discussion, architecture and design white boarding, chat with a product manager, chat about teamwork, and another meeting with hiring manager ~ about 4 hours) 5. Team matching (non-evaluative)
Salary
$229,500 - $270,000
Programming Languages Mentioned
Python
The Company You’ll Join
Carta develops purpose-built software that transforms traditional accounting into a powerful growth engine.
Carta’s world-class fund administration platform supports nearly 7,000 funds and SPVs, and represents nearly $130B in assets under management in venture capital and private equity.
Trusted by more than 40,000 companies, Carta also helps private businesses in over 160 countries manage their cap tables, valuations, taxes, equity programs, compensation, and more.
Together, Carta is setting a new standard as the end-to-end platform for private markets. Our best-in-class solution for fund management seamlessly integrates investor and portfolio company insights via a suite of tools designed ground-up to support the strategic impact of the fund CFO.
For more information about our offices and culture, check out our Carta careers page.
The Problems You'll Solve
At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow. As a Senior Security Engineer II, you’ll help us solve problems that include:
- How do we enable automated security practices (vulnerability management, detection & response, etc.) without interrupting business processes?
- How do we maintain situational awareness across multiple cloud infrastructures, corporate environments, and data sensitivity levels, all in a growing environment?
- How do we incorporate threat intelligence into proactive defense in an automated and reliable fashion?
- How do we preserve a high level of customer privacy while also establishing an effective response posture?
The Team You'll Work With
You’ll be joining our Security Operation team as a Senior Security Engineer II.
This role is within the Security Engineering Organization. You will gather logs & telemetry from many sources, identify risks, create automations to boost efficiency, as well as investigate and remediate threats. To complete this mission, we need people who are passionate about detection, response, automation, and monitoring - willing to go the extra mile to find the needle in the haystack. We believe in creating teams (not rockstars), progress (not immediate perfection), and fostering a creative environment for research. We measure success not by how many bugs you find or tasks you complete, but by how much risk you reduce in the organization and how you work to improve the security of those around you.
We get to work in an environment that uses infrastructure-as-code, Kubernetes, role-based access, with engineers who care about the integrity and security of our data. When things go bump in the night (or during the day!), you’ll be there to help guide the business to a safer path. You’ll help craft the next generation of Carta’s security operations programs, working with our team to help secure the future of our business. Your work will span across technologies, stacks, and languages, and you’ll help ensure a safe and secure workplace for all Cartans.
About You
- Strong knowledge of cloud services and infrastructure (e.g., Google Cloud, GSuite, AWS, Okta) with experience in associated automation tools (Terraform, GAM).
- Proficient in attack models, notably MITRE’s ATT&CK framework, and their defensive applications in enterprise settings.
- Minimum of 8-10 years hands-on experience in security operations, emphasizing detection, response, identity/access, auditing, alerting, automation, orchestration, and threat hunting.
- Demonstrable experience with incident response practices, including creating rapid response automations to expedite incident remediation.
- Ability to identify security visibility gaps and collaborate with engineering teams to ensure comprehensive log/signal availability and data normalization across diverse sources.
- Skilled in:
- Administering SIEM solutions (SnowFlake, DataDog, Splunk, etc).
- Security automation development, preferably in Python or with a SOAR platform.
- Establishing and maintaining logging pipelines, parsing logs, and creating monitoring alerts/detections.
- Implementing endpoint state attestation tools.
- Superior written communication skills adaptable to varied audiences.
Role locations: NYC, SF, Santa Clara, Seattle.
We are also open to candidates with diverse technical backgrounds, including SRE and other complementary experiences (not exclusively security-focused).
Salary
Carta’s compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our minimum cash compensation (salary + commission if applicable) range for this role is:
- $229,500 - $270,000 in San Francisco, CA; Santa Clara, CA; or New York City, NY
- $218,025 - $256,500 in Seattle, WA
Final offers may vary from the amount listed based on geography, candidate experience and expertise, and other factors.
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email.
Interested in data privacy? Check out our policies on Privacy and CA Candidate Privacy. Please note that all official communications from us will come from an @carta.com domain.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄