Technical Lead Manager, Application Security

East Bay, CA, United States, Los Angeles, CA, United States, New York, NY, United States, Remote, Seattle, WA, United States, San Francisco, CA, United States, Silicon Valley, CA, United States

Cruise


Team

Security

Role Locations

  • East Bay, CA, United States
  • Los Angeles, CA, United States
  • New York, NY, United States
  • Remote
  • Seattle, WA, United States
  • San Francisco, CA, United States
  • Silicon Valley, CA, United States

Employees

501+ people

Address

333 Brannan Street
San Francisco, CA, 94107, US

Tech Stack

  • C++
  • ROS
  • PCL
  • OpenCV
  • CUDA
  • C
  • Python
  • Django
  • Linux
  • NodeJS
  • Javascript

Role Description

Technical Lead Manager, Application Security at Cruise San Francisco, CA We're Cruise, a self-driving service designed for the cities we love.

We’re building the world’s most advanced, self-driving vehicles to safely connect people to the places, things, and experiences they care about. We believe self-driving vehicles will help save lives, reshape cities, give back time in transit, and restore freedom of movement for many.

Cruisers have the opportunity to grow and develop while learning from leaders at the forefront of their fields. With a culture of internal mobility, there's an opportunity to thrive in a variety of disciplines. This is a place for dreamers and doers to succeed.

If you are looking to play a part in making a positive impact in the world by advancing the revolutionary work of self-driving cars, join us.

About the Role: The Application Security team at Cruise focuses on partnering with groups throughout the company to create and deliver applications and services that are secure. Our work includes audits such as code reviews, threat models and application assessments; building a partnership with engineering teams in defining security related requirements and providing input on design proposals. The team also creates libraries, tools, and practices which allow us to scale our work to cover an increasingly large and complex code base.

In this role you will both lead this small team as their manager as well as take an active role in engineering solutions to help protect applications at Cruise. Applicants should have strong application security engineering skills as well as either some experience as a manager or a record of technical leadership as an engineer that is looking to expand into a limited managerial role. Applicants should feel comfortable contributing to both roles as well as frequently switching between them.

We are especially interested in speaking with candidates that have diverse backgrounds and perspectives. We’re solving novel security problems at Cruise; novel perspectives make this easier!

We are ok with remote work!

What you’ll be doing: Lead the long-term technical strategy of an engineering focused security team responsible for ensuring Cruise applications and services are developed securely Be capable or prioritizing security efforts as well as help teams understand prioritization of performing security mitigation work Perform reviews ranging from architectural design to threat modeling and source code level assessments, providing actionable recommendations to make our products more secure Collaborate closely with engineering and security teams on security focused code reviews and implementation of security best practices in essential systems Write and use tools to help identify application security flaws and provide fixes or work with engineering teams to see issues are remediated What you must have: Extensive experience (10+ years) in the application security space; securing complex interconnected web applications and their architectures using Golang, Python and/or Node.js Previous technical leadership or managerial experience A documented history of finding high impact vulnerabilities or participating in the creation of tools to do the same A track record of developing projects from design to implementation and maintenance A broad and practical understanding of security fundamentals and their application Experience using a variety of static and dynamic security tools Practical knowledge and experience working in public cloud environments & IAM solutions (AWS, GCP, etc.) An interest in building creative solutions to challenging security problems with a focus on mentorship and scaling the team’s impact Bonus Points! Contributions to the security community (open source, white papers, talks, etc) Doing well at large CTF events Experience with mobile security Experience with embedded security Why Cruise? Our benefits are here to support the whole you: Competitive salary and benefits 401(k) Cruise matching program Medical / dental / vision, AD+D and Life One Medical membership Flexible vacation and company paid holidays Healthy meals and snacks provided for non-remote employees Paid parental leave Fertility Benefits Dependent Care Flexible Spending Account, subsidized by Cruise Flexible Spending Account Monthly wellness stipend Pre-tax Commuter Benefit Plan for non-remote employees We’re Integrated Through our partnerships with General Motors and Honda, we are the only self-driving company with fully integrated manufacturing at scale. We’re Funded GM, Honda, Microsoft, SoftBank, & T. Rowe Price, have invested billions in Cruise. Their backing for our technology demonstrates their confidence in our progress, team, and vision and makes us one of the leading autonomous vehicle organizations in the industry. Our deep resources greatly accelerate our operating speed. We’re Independent We have our own governance, board of directors, equity, and investors. Our independence allows us to not just work on the edge of technology, but also define it. We’re Vested You won’t just own your work here, you’ll have the potential to own equity in Cruise, too. We are competing in a market that is projected to grow exponentially, which gives our company valuation room to grow. Cruise LLC is an equal opportunity employer. We strive to create a supportive and inclusive workplace where contributions are valued and celebrated, and our employees thrive by being themselves and are inspired to do the best work of their lives.

We seek applicants of all backgrounds and identities, across race, color, ethnicity, national origin or ancestry, citizenship, religion, sex, sexual orientation, gender identity or expression, veteran status, marital status, pregnancy or parental status, or disability. Applicants will not be discriminated against based on these or other protected categories or social identities. Cruise will consider for employment qualified applicants with arrest and conviction records, in accordance with applicable laws.

Cruise is committed to the full inclusion of all applicants. If reasonable accommodation is needed to participate in the job application or interview process please let our recruiting team know or email HR@getcruise.com.

We proactively work to design hiring processes that promote equity and inclusion while mitigating bias. To help us track the effectiveness and inclusivity of our recruiting efforts, please consider answering the following demographic questions. Answering these questions is entirely voluntary. Your answers to these questions will not be shared with the hiring decision makers and will not impact the hiring decision in any way. Instead, Cruise will use this information not only to comply with any government reporting obligations but also to track our progress toward meeting our diversity, equity, inclusion, and belonging objectives.

Note to Recruitment Agencies: Cruise does not accept unsolicited agency resumes. Furthermore, Cruise does not pay placement fees for candidates submitted by any agency other than its approved partners.

Apply for this Job* Required

First Name * Last Name * Email * Phone * Location (City) * Locate me Resume/CV * Attach Dropbox Google Drive Paste Cover Letter Attach Dropbox Google Drive Paste

School * Degree

Discipline

Start Date MM

YYYY End Date MM

YYYY + Add Another Education LinkedIn Personal Website How did you hear about Cruise? *

Export Compliance * Many positions at Cruise may include activities subject to U.S. rules concerning the export of controlled or protected technologies or information (Export Control Laws). Given that, we ask every candidate at this stage to answer these questions. We'll use your responses for the purpose of ensuring our compliance with Export Control Laws.

Please list all countries where you are currently a citizen or permanent resident. * Select one or more United StatesCanadaAfghanistanAlbaniaAlgeriaAndorraAngolaAntigua and BarbudaArgentinaArmeniaAustraliaAustriaAzerbaijanThe BahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCentral African RepublicChadChileChinaColombiaComorosCongo, Democratic Republic of theCongo, Republic of theCosta RicaCôte d’IvoireCroatiaCubaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEast Timor (Timor-Leste)EcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEswatiniEthiopiaFijiFinlandFranceGabonThe GambiaGeorgiaGermanyGhanaGreeceGrenadaGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiKorea, NorthKorea, SouthKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesia, Federated States ofMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmar (Burma)NamibiaNauruNepalNetherlandsNew ZealandNicaraguaNigerNigeriaNorth MacedoniaNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalQatarRomaniaRussiaRwandaSaint Kitts and NevisSaint LuciaSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSpainSri LankaSudanSudan, SouthSurinameSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamYemenZambiaZimbabweCountry Unlisted Are you a current, or former, General Motors (GM) employee? *

Have you worked, or currently work, within the Autonomous Vehicle industry? *

Are you legally authorized to work in the U.S.? *

Will you now, or in the future, require sponsorship for employment in the U.S.? *

Preferred Gender Pronoun * We are dedicated to fostering the same safe and inclusive environment for our candidates as our employees. If you are comfortable, please share your preferred gender pronoun.

Gender *

Ethnicity *

Veteran Status *

I acknowledge that I have read and understand the Cruise Candidate Privacy Statement and all answers provided by me within this application are true and correct. * Cruise Candidate Privacy Statement

U.S. Equal Opportunity Employment Information (Completion is voluntary) Individuals seeking employment at Cruise are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Gender

Are you Hispanic/Latino?

Race & Ethnicity Definitions If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A disabled veteran is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A recently separated veteran means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An active duty wartime or campaign badge veteran means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An Armed forces service medal veteran means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability Why are you being asked to complete this form? We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability? You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

Autism Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS Blind or low vision Cancer Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or hard of hearing Depression or anxiety Diabetes Epilepsy Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome Intellectual disability Missing limbs or partially missing limbs Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS) Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression Disability Status

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

About Cruise

We’re building self-driving vehicles to improve life in our cities. They’re safe, shared, and all-electric. Join us as we transform the future of transportation.

Company Culture

We want you, just as you are — When you’re building something that’s never been done before, it’s important to feel safe — safe to experiment, safe to fail, safe to share, and safe to express yourself. At Cruise, we’re committed to the safety, inclusivity, and development of our employees from the recruiting process through retirement — and every professional milestone along the way.

Interested in this role?
Skip straight to final-round interviews by applying through Triplebyte.