We are looking for a skilled security professional—be it an engineer, architect, or leader—with experience in Blue or Purple Team roles to strengthen our defenses and safeguard the systems that allow people to order food quickly and securely. We want people who are passionate about identifying risks, analyzing data, and working collaboratively to develop effective strategic mitigation measures. Our mission is to reduce risk while fostering and supporting innovation.
Reporting to the Security Engineering Manager, the Staff Security Engineer will identify risks and transform them into opportunities for improvement while also having the opportunity to design and implement robust security measures that ensure the resilience of our systems while protecting the sensitive data of our clients and their customers. Our Team thrives on solving complex problems, supporting innovation, and making a real impact. Whether you’re passionate about threat detection, automation, or building secure-by-design systems, this is a place where your skills can truly shine.
You can work remotely from anywhere in the U.S. or at Olo’s headquarters in NYC. Olo employees are typically expected to be available 9am-6pm ET.
What You'll Be Doing
- Define architectural and technology standards that impact information, system and data security across the organization.
- Create and update security architecture diagrams and processes utilizing industry standard frameworks.
- Write and contribute to architecture RFC documentation.
- Coaches other engineers in how to develop security automation to further support our internal and cross-functional teams’ workflows.
- Define and implement leading security practices for Kubernetes clusters, serverless architectures, API guidelines, and other dev-centric workloads.
- Secure AWS IAM and other AWS services using Terraform.
- Perform POV/POC evaluations of tooling and provide recommendations based on cost/benefit analysis and risk posture.
- Proactively investigate atypical traffic, logs, and supporting data to introduce new and improved security mitigations.
- Lead the team in all areas within incident response including: triage, investigation, and management as an incident commander.
- Train other engineers in how to best evaluate and tune dashboarding, monitors, and alerting for security-related events while improving operational efficiencies.
- Set an example in excellent white-glove service across teams and stakeholders - resolving security support requests, delivering initiatives, and managing day-to-day business operations while mentoring and supporting other engineers.
- Drive the implementation of new technologies, processes, and automation of security activities.
- Develop highly available, scalable, secure solutions that exceed our internal and external customer needs.
- Collaborate cross-functionally, with customers, and with external third-parties to help introduce appropriate risk mitigation controls while influencing stakeholders towards more risk averse approaches.
- Build out and contribute to supporting documentation and runbooks.
What We'll Expect From You
- Blue Team, Security Operations, Security Engineering, Security Architecture, DevOps or Operations experience.
- Experienced with development and leading of a threat hunting program.
- Experience with mentoring and leading members of the security team for incident response, threat detection, and threat hunting activities.
- Experience with developing and leading the strategy and implementation of security automation and orchestration for incident response.
- Proven experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports.
- Experience with Kubernetes, container, and other microservices technologies
- Experience architecting, deploying, maintaining and administering security technologies. (e.g. Anti-Malware, Intrusion Detection System (IDS), Data Leak Prevention (DLP), File Integrity Monitoring (FIM), Firewalls, Security Information and Event Monitoring (SIEM), Static Inspection, Multi Factor Authentication (MFA), Vulnerability Assessment, Web Proxies and Web Application Firewalls (WAF))
- Experience with cloud providers and Infrastructure-as-Code (IAC) (e.g., Terraform, Ansible, CloudFormation or similar).
- Proficient with AWS security best practices.
- Experience with automation, development, or scripting.
- Experience with Application Security, modern web protocols and Web Application Firewalls.
- Experience with SIEM platforms.
Olo (NYSE: OLO) is a leading restaurant technology provider with ordering, payment, and guest engagement solutions that help brands increase orders, streamline operations, and improve the guest experience. Each day, Olo processes millions of orders on its open SaaS platform, gathering the right data from each touchpoint into a single source—so restaurants can better understand and better serve every guest on every channel, every time. Over 700 restaurant brands trust Olo and its network of more than 400 integration partners to innovate on behalf of the restaurant community, accelerating technology’s positive impact and creating a world where every restaurant guest feels like a regular. Learn more at olo.com.
We’re remote-friendly. Since 2015, we have been evolving our culture to continue to support a more distributed workforce and now over 75% of our team works remotely across the U.S. If you're in the New York City area, you can choose to work remotely or from Olo's headquarters, on the 82nd floor of One World Trade Center.
We offer great benefits, such as 20 days of paid time off, 10 separate sick days, 11 holidays, plus year-end closure, health, dental, and vision coverage for yourself and your family, a 401k match, remote-office stipend, company equity, a generous parental leave plan, volunteer time off, gift matching policy, and more!
Our best estimate of the compensation range for this opportunity is $162k-220k annually, depending on the experience you bring and your location. We look forward to discussing your salary expectations and our full total rewards offerings throughout the interview process.
We encourage you to apply!
We value diversity. At Olo, we know a diverse and inclusive team makes our workplace better. Don't meet every single qualification in the job description? Market data shows that women and people of color are less likely to apply to jobs unless they meet every single qualification. We are dedicated to building a diverse, inclusive, and authentic workplace that is free from discrimination and harassment; this allows us to make better decisions and better serve the communities we’re a part of. So if you're excited about this role but your previous experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
All applicants receive consideration for employment. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, pregnancy, age, marital status, veteran status, or disability status.
California Residents: CCPA notice