Principal Security Engineer

Austin, TX


What if you could use your technology skills to develop a product that impacts the way communities’ hospitals, homes, sports stadiums, and schools across the world are built? Construction impacts the lives of nearly everyone in the world, and yet it’s also one of the world’s least digitized industries, not to mention one of the most dangerous. That’s why we’re looking for a talented Staff Security Engineer to join us on our journey to revolutionize a historically underserved industry.

We are looking for a Principal Security Engineer to join our Infrastructure team which supports the Procore application running on over +2300 cloud based systems. Our team is composed of highly skilled engineers spanning SRE, Security, Data Services and Production Engineering disciplines located in Carpinteria, CA and Austin, TX offices. The Procore’s tech stack consists of: Ruby on Rails, Apache, Nginx, PostgreSQL, AWS.

This position has the opportunity to be located in our Austin, TX office, at our headquarters in Carpinteria, CA or remote with potential travel to these offices occasionally. 

About You:

  • Your focus is both internal and external customers, transforming organizational and process challenges to achieve results
  • You will be part of a team that is directly responsible for security and uptime of production systems, possessing technical hands-on experience and a master at delivering projects
  • You pride yourself knowing that the platform and services are secure, available 24/7/365 and are comfortable as a 2nd level escalation point of contact
  • You are a master at influencing and drive complex and large security efforts 
  • Make the right security decisions critical to achieve company success across multiple organizations, in short - you own it
  • You handle multiple projects and tasks, make the right business decisions and solve problems on a schedule, and prioritize and organize effectively

What You’ll Do:

  • This position requires mastery background in many aspects of Security Engineering as it relates to Production Environments  
  • Advocate for security as a subject matter expert across multiple organizations, holding discussions on security topics.
  • Advocate for and drives for automation across the organization
  • Identify, plan and apply security advance concepts and principles to all of Procore
  • Drive designing, building, and reviewing security-related services and functionality of web applications, mobile applications, and desktop applications
  • Provide engineers with well-researched security advice to demonstrate vulnerabilities, collaborating with all teams to provide secure development guidance
  • Triage of vulnerabilities that are found internally, privately or publicly disclosed, or reported through our bug bounty program
  • Scope and perform security reviews of web applications, mobile applications, desktop applications, and private and public cloud environments

Security Projects

  • Penetration Testing, Secure Access, 2FA, Vaults, IP-geo & IP restrictions, Vulnerability assessments, 

What we are looking for:

  • BS degree in Computer Science or equivalent practical experience, MS in Computer Science preferred
  • 8+ years of experience in Cloud Production Security. 
  • Experience with penetration testing, threat, attack types, IDS capabilities
  • Coding/scripting experience in a general purpose language, preferably in  Ruby, Python, Go or Java
  • Experience with conducting threat assessments, building threat models, and creating remediation plans based on the results of threat assessments
  • Deep background and experience desirable in :
    • AWS services (EC2, ELB, RDS, Route53, S3, Lambda) 
    • IAM implementation
    • AWS and orchestration tools
    • Linux experience; 
    • OSCP Certification
    • Hashicorp Technologies (Consul, Terraform, Vault, Packer)
    • Containers and Container Management (Docker, Kubernetes)
    • Config Management (Puppet, Ansible, Salt)
    • Networking protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Technical Certifications are a plus (GIAC, OCSP, CISSP)

About Us
Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, housing complexes, and more. Our headquarters is located on the bluffs above the Pacific Ocean in Carpinteria, CA, with growing offices worldwide. Check us out on Glassdoor to see what others are saying about working at Procore!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Perks & Benefits
You are a person with dreams, goals, and ambitions—both personally and professionally. That's why we believe in providing benefits that not only match our Procore values (Openness, Optimism, and Ownership) but enhance the lives of our team members. Here are just a few of our benefit offerings: competitive health care plans, flexible paid time off (Procore Values Time), employee enrichment and development programs, and volunteer days.