What are the responsibilities and job description for the Senior Data Security Engineer position at Cardlytics?
About Cardlytics
Remember that time you got cash back on a cup of coffee through your banking app? That was us!
Cardlytics (NASDAQ: CDLX) is the industry-leading purchase intelligence and incentives platform. We are a product-driven company that cares about three things: our people, our customers, and our partners. Together, we make commerce more rewarding for everyone by helping businesses attract, understand, and incentivize consumers through their banks’ digital channels.
About The Team
The Cybersecurity Team at Cardlytics is responsible for the cybersecurity of our systems, our data, and our people. We are creating a flexible and resilient security posture that manages risk and enables the company to meet its objectives. Our team is small and we like it that way. It keeps us attenuated to the needs of all of our stakeholders including senior leadership, our employees, and our customers.
About The Position
Reports to: Chief Information Security Officer
Location: Atlanta, GA or Menlo Park, CA
The Senior Security Engineer - Data Protection will design and implement robust security measures to fortify Cardlytics’ data and infrastructure across multiple cloud platforms, especially in access and governance controls. The successful candidate will ensure our data is secure and compliant with all applicable regulations. This role will be imperative to achieving our vision of being a data first organization.
Responsibilities:
Our shared values are the driving force behind everything we do. Across all roles, we are looking for teammates who embody these values:
Remember that time you got cash back on a cup of coffee through your banking app? That was us!
Cardlytics (NASDAQ: CDLX) is the industry-leading purchase intelligence and incentives platform. We are a product-driven company that cares about three things: our people, our customers, and our partners. Together, we make commerce more rewarding for everyone by helping businesses attract, understand, and incentivize consumers through their banks’ digital channels.
About The Team
The Cybersecurity Team at Cardlytics is responsible for the cybersecurity of our systems, our data, and our people. We are creating a flexible and resilient security posture that manages risk and enables the company to meet its objectives. Our team is small and we like it that way. It keeps us attenuated to the needs of all of our stakeholders including senior leadership, our employees, and our customers.
About The Position
Reports to: Chief Information Security Officer
Location: Atlanta, GA or Menlo Park, CA
The Senior Security Engineer - Data Protection will design and implement robust security measures to fortify Cardlytics’ data and infrastructure across multiple cloud platforms, especially in access and governance controls. The successful candidate will ensure our data is secure and compliant with all applicable regulations. This role will be imperative to achieving our vision of being a data first organization.
Responsibilities:
- Be the subject matter expert on data protection, encryption, and governance within the company.
- Conduct in-depth security reviews of new platforms and services, and build tools to enhance data security and privacy throughout its lifecycle.
- Implement and enforce data governance policies and procedures within the data lake, ensuring compliance with regulatory requirements and industry best practices.
- Define standards for sharing sensitive data both internally and with third parties.
- Collaborate with data engineers and data scientists to support initiatives, providing insights on data security and compliance.
- Implement automation and process improvement associated with our data security and compliance postures.
- Bachelor’s degree in Information Technology, Computer Science or related field preferred.
- 5 years subject matter expertise in cybersecurity.
- Hands-on experience with cloud-based data platforms, such as AWS Athena, Snowflake, Apache Hudi, etc.
- Proficiency in programming languages such as Python and SQL, with experience in leveraging these languages for data engineering tasks.
- Advanced understanding of data encryption, tokenization, and access control mechanisms.
- Strong verbal and written communication skills
- Proven experience with AWS services, particularly IAM (Identity and Access Management).
- Knowledge of compliance frameworks and regulations such as SOX, SOC2, NIST CSF, etc.
- Familiarity with other related fields, such as data science, machine learning, and artificial intelligence, to design solutions that can accommodate advanced analytics.
- Strong understanding of data classification frameworks and DLP solutions.
- Experience working with IaC and integrating security controls as a service.
Our shared values are the driving force behind everything we do. Across all roles, we are looking for teammates who embody these values:
- Customer and Partner-first
- Act with Urgency and Focus
- Integrity with our partners and data
- Accountability even when challenged
- Empowerment over hierarchy
- Growth over comfort
- Flexible paid time off plus company holidays
- Medical, dental, and vision insurance begins on your first day
- 401(k) retirement plan with company match, plan also includes a student loan debt repayment option
- Employee Stock Purchase Plan
- Educational assistance for continuing education
- Lifestyle Spending Account for physical, emotional, and financial wellness (like gym memberships, home down payments, art classes, park passes, and more!)
- Complementary Calm app subscriptions to support employee mental health and wellbeing
