Startup Careers

Be a part of our family by contributing to our portfolio companies’ innovation and success. Browse open positions below with Intel Capital portfolio companies.

Security Architect at Peloton
Mountain View, CA, US
Peloton Technology is looking for a Software Security Architect to focus on improving our application, system, and infrastructure security. You are obsessed with our customers’ trust. You have breadth and depth of security knowledge and can identify and advise on risks across multiple areas of an organization. You will be working to help other teams create solutions while developing strong security culture and practices.  You have industry-leading technical abilities and are strong in multiple domains. You are involved in hands-on security assessments, provide frequent code-reviews in embedded and cloud applications, develop and provide guidance, and advocate security engineering best practices. You proactively and continually improve your level of knowledge about Peloton’s business, information security, the threat landscape and relevant technologies.

Responsibilities

    • Perform security reviews to identify security issues and risks, and develop mitigation plans
    • Advise and consult with internal and external customers on risk assessment, threat modeling, code review, and vulnerability remediation
    • Provide expert advice to internal teams on developing secure architecturesDevelop, drive and evaluate security policies and procedures
    • Evaluate and recommend new and emerging security products and technologies
    • Develop and deliver training materials and perform general security awareness and specific security technology training
    • Participate in security compliance efforts
    • Participate in security escalations support
    • Participate in code reviews as voice of security

Required Experience

    • BA/BS degree in Computer Science, Information Systems or a related technical experience. A Master’s Degree is highly desired
    • At least 7 years of software engineering experience in a development or security role working with development team(s) that delivered commercial software or software-based services
    • Significant experience and detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
    • Experience with service-oriented architecture and web services security
    • Experience with the application of threat modeling or other risk identification techniques
    • Experience with source code and vulnerability scanning tools as well as manual analysis techniques to evaluate Peloton's embedded code and Web Services for effective use of security controls while identifying security gaps
    • Experience in risk identification, secure software design, secure architectures, penetration testing and vulnerability detection including remediation
    • Excellent written and verbal communication skills
    • Excellent leadership skills and teamwork skills
    • Ability to give directions and followup on results

Specialized Knowledge & Skills

    • Technical proficiency and knowledge in reviewing application source code with a focus on accepted industry guidelines (OWASP Top 10, SANS Top 20, CIS Benchmarks).
    • Familiarity with information security policies, standards, industry best practices and frameworks (NIST 800-53, FISMA ISO 27001).
    • Experience with C/C++, Java, JavaScript and Python
    • Strong scripting skills in one or more of the common languages (e.g., Perl, Python, shell scripting)
    • Knowledge of network and web related protocols (e.g., PKI, PKCS, TLS, UDP, TCP/IP, UDP, IPSEC and HTTP)
    • Relevant tool experience with static code analysis tools such as Fortify,  Codesonar ; web vulnerability scanners such as HP WebInspect or IBM AppScan; open source vulnerability scanners such as Blackduck or Sonotype; assessment support tools.

Nice to Have Skill and Experience

    • Product security incident response in mobile, IoT or automotive industry Operating system security and hypervisor security
    • Trusted execution environment
    • Hardware security including access control, secure debug, side channel attacks
    • Wireless communication systems and protocols (DSRC, WiFi, Bluetooth, LTE, etc.)