Akamai Technologies, Inc. Security Architect in Cambridge, Massachusetts
Cambridge, United States
Aug 25, 2017 Post Date
009616 Requisition #
Can you look at a design or system and immediately spot how to break it, yet turn around and present those findings to the developers with kindness and understanding? Are you excited by the idea of working on a distributed system with hundreds of thousands of points of presence spanning every continent on the globe? Can you bring a deep understanding of system security to our team of experts? Are you passionate about a particular technical field, even if it isn’t security? Do you seek to apply compassion and understanding to interactions with your colleagues and partners?
As a Security Architect on the Adversarial Resilience team, you’ll work with a team of curious and brilliant architects and security researchers to discover vulnerabilities in planetary-scale systems; analyze and convey the resulting risk stance to product teams and executives; develop novel ways to compromise these systems; quantify the impact of these attacks; prioritize the development of countermeasures in collaboration with engineering teams; and support the rest of the business in building safe and secure systems.
The ideal candidate will be:
flexible, capable of supporting multiple engagements at once and pivoting from task to task gracefully;
diligent, able to patiently ferret out technical details that can make or break a system;
understanding; able to address security flaws while maintaining a kind working relationship with coworkers and partners;
* curious, seeking to constantly learn and grow
As a Security Architect, you will be responsible for:
Deep analysis of technical material -- design and architecture documents, specifications, RFCs, and code
Formal reviews following the Systems-Theoretic Process Analysis (STPA) method
Communicating findings in clear, legible, and precise writeups and presentations
* Developing internal tools including proof-of-concept attacks
Helping respond to Internet-wide security threats
Managing technical incidents
* Discovering new ways to make the company and its platform safer and more secure
About the Team
Akamai's InfoSec Department safeguards the security of the business, from production systems to customer product security. We provide advice, review, expertise, and support to organizations across Akamai. We design and debug control systems, organize security solutions, investigate and respond to security incidents, conduct compliance audits. We combine backgrounds in engineering, mathematics, computer science, biochemistry, and linguistics to solve complex problems. We value knowledge of all kinds and expect mutual sharing with all of our colleagues, emphasizing kindness and respect both inside and outside the team.
The Adversarial Resilience team within InfoSec supports the business in facing the quickly changing threat landscape and preparing for tomorrow’s attacks by combining an understanding of system safety, architectural analysis, network engineering, software development, and organizational cooperation. We emphasize building common understanding with one another and the rest of the business, in the knowledge that communication and trust are as important as any technical component to solving the problems we face.
Required Education and Experience
Applicants must meet one of the following education and experience requirements:
8 years of relevant experience and a Bachelor’s degree in Computer Science, Engineering, Mathematics, other systems focused engineering discipline or equivalent
6 years of relevant experience and a Master’s degree in a relevant field or
* 3 years of experience and a PhD in relevant field or
- Equivalent professional experience
8+ years of experience in security or a related field
2+ years of experience in at least two programming languages, including a scripting language, and ideally including a functional language. Exposure to a wide range of language types (e.g., scripting, Unix-like, procedural, functional, high-level) is especially helpful.
Deep knowledge of networking and foundational protocols of the Internet, including TCP, DNS, TLS/SSL, HTTP, etc.
Knowledge of cryptography and common security primitives, and experience applying them in real-world scenarios
Experience designing secure complex distributed systems
Experience with at least one of Haskell, OCaml, F#, ML, Scala, Clojure, Common Lisp, Scheme, Opa, or Erlang * Experience with formal security analysis, such as STPA
Experience in incident management
About Akamai Technologies
Akamai is the global leader in Content Delivery Network (CDN) services, making the Internet business ready—fast, reliable, and secure—for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. Headquartered in Cambridge, MA, Akamai has offices around the world and operates the most pervasive, highly distributed CDN—with more than 200,000 servers in 110 or more countries—delivering up to 30% of all Web traffic. Learn more atwww.akamai.com/careers.
Akamai is a growing, and evolving, company with offices and operations around the world. As such, we strive to foster inclusive and representative workplaces where all employees are wholly welcome, and enabled to share and benefit from each other’s diverse contributions, as one global team. Our commitment to diversity reaches beyond our corporate offices, to our business partners and suppliers who share the same principles, and whose employees we value as integral to the Akamai business family. Learn more atwww.akamai.com/diversity.
Akamai Technologies is an Affirmative Action, Equal Opportunity Employer that values the strength that diversity brings to the workplace. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of gender, race/ethnicity, protected veteran status, disability, or other protected group status. If you'd like more information about EEO rights under United States law, please click here.