Principal Engineer, Enterprise Security
at Pinecone, NYC
Pinecone is on a mission to build the search and database technology to power AI applications for the next decade and beyond. Our fully managed vector database makes it easy to add vector search to AI applications. Since creating the “vector database” category, demand has grown incredibly fast and it shows in our user base. We are a distributed team with clusters in New York, San Francisco, Tel-Aviv, and Manchester.
About the Role:
As the first Principal Engineer of Database Security and Platform Protection at Pinecone, you will be passionate about safeguarding cutting-edge technology products, driving security initiatives, and fostering a security-conscious culture. You will lead and oversee a team responsible for safeguarding the organization's data assets, focusing on data and memory protection within the database environment. You will have broad experience solving complex and highly exposed cyber security issues, as well as leading teams across security disciplines including penetration testing, security operations, encryption, or identity and access management. They need a deep understanding of the inner workings of the security department’s software and how these applications are effective against external threats, both for Pinecone and our external customers. They are “the point of contact” for various external customers when it comes to information security matters. You will report to the VP of Engineering, and you will work closely with your counterparts in Finance, Product, and Sales.
Lead and drive the development of Pinecone security strategy, policies, and best practices.
Conduct thorough security assessments, including code reviews, vulnerability assessments, and penetration testing, to identify potential weaknesses and risks.
Develop and enforce data memory protection strategies to prevent memory-based vulnerabilities, buffer overflows, and injection attacks within the database systems.
Implement and manage memory protection mechanisms and secure coding practices.
Oversee encryption protocols for securing data at rest and in motion within the database systems.
Ensure that sensitive data is adequately protected when transferred to and from the database internally and externally.
Oversee network security measures, including firewall configurations, intrusion detection and prevention systems, VPNs, and network segmentation.
Ensure that network traffic is protected and secure, both internally and externally.
Collaborate with engineering teams to integrate security practices into the software development lifecycle, ensuring secure coding standards are followed.
Design, implement, and maintain advanced security features, such as encryption, authentication, access controls, and logging mechanisms.
Monitor and respond to security incidents and vulnerabilities, performing root cause analysis and recommending corrective actions.
Stay up-to-date with the latest security threats, vulnerabilities, and industry trends, and apply this knowledge to enhance Pinecone.io's security posture.
Lead security training and awareness programs for engineering teams to promote a security-first mindset.
Collaborate with external partners and customers to address security concerns and provide guidance on secure implementation.
Bachelor's or higher degree in Computer Science, Information Security, or a related field.
Proven experience in a Director Security role with a track record of designing and implementing security solutions.
In-depth knowledge of database security, memory protection mechanisms, secure coding practices, encryption, and database access control.
Extensive experience in database security and platform security, with a strong focus on data memory protection.
In-depth understanding of application security, network security, cryptography, and secure coding practices.
Proficiency in programming languages such as Python, Java, or C++, and familiarity with web application frameworks.
Hands-on experience with security tools and technologies, including vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions.
Strong knowledge of cloud security principles and practices, preferably in AWS or similar cloud platforms.
Industry certifications such as CISSP, CISM, or CEH are a plus.
Excellent problem-solving skills and the ability to think creatively to address complex security challenges.
Exceptional communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.
We will consider exceptional candidates for remote work outside our main locations