LastPass

Senior Information Security Engineer

Job Description

Posted on: 
November 1, 2024

About LastPass
LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.

We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us!

LastPass is looking for a Senior Information Security Engineer:

You will play a key part in enhancing our Edge Security posture, focusing on security services such as Web Application Firewall, Edge DNS and Bot Mangement. The ideal candidate should have a strong background in information security, a deep understanding of Edge technologies, and a passion for creating a secure and trustworthy digital environment. 

If you are passionate about user safety, have a keen eye for security and a strong technical background, and you thrive in a collaborative and innovative environment, then this is the role for you.  

Who will you work with?

Your interactions will span across various departments, fostering a collaborative and innovative work environment, including Engineering, Safety & Trust, Data Science, Security and Compliance, Product & UX teams in Hungary, Portugal, and the United States of America. 

What are some of the exciting challenges you will be working on?

Security and Trust-Centric Development 

  • Research, identify, and implement measures that address trust and safety concerns of new and existing LastPass products and services.  
  • Akamai Security Administration: Configure and maintain Akamai security services such as WAF, Kona Site Defender, Edge DNS, and Bot Manager to protect web applications and APIs. 
  • Security Configuration & Tuning: Proactively analyze, configure, and fine-tune security rules, custom rulesets, and access controls within Akamai products based on evolving security requirements. 
  • Performance Optimization: Collaborate with development and network teams to optimize security configurations without compromising performance or user experience. 
  • Policy Review & Compliance: Regularly audit and review Akamai security configurations to ensure alignment with internal security policies, industry best practices, and compliance requirements. 
  • Collaboration & Training: Work closely with cross-functional teams to share security best practices, provide technical guidance, and support DevSecOps initiatives. 
  • Threat Detection & Mitigation: Implement strategies for proactive threat detection using Akamai tools, log monitoring, and anomaly detection to stay ahead of emerging threats. 

Incident Management 

  • Lead the response to incidents, including mitigating attacks through Akamai configurations, monitoring traffic patterns, and collaborating with the incident response team. 
  • Collaborate with incident response teams to analyze and respond to security incidents promptly. 
  • Implement proactive measures to prevent future incidents and enhance the resilience of our systems. 

Collaboration and Communication 

  • Communicate effectively with stakeholders to convey complex security concepts and requirements. 

What does it take to work at LastPass?

  • Background in Computer Science, Information Security, or a related field is preferred.  
  • Strong experience in information security engineering, with focus on Edge security solutions (Akamai or Cloudflare or Fastly). 
  • Expert-level knowledge of Akamai products, including Kona Site Defender, Web Application Firewall, Bot Manager, and Edge DNS. 
  • Proven experience in implementing and managing Akamai’s advanced security configurations, such as rate limiting, anti-bot measures, and DDoS protections. 
  • Hands-on experience in optimizing Akamai configurations to balance security, performance, and end-user experience. 
  • Knowledge of industry-standard security frameworks and best practices.  
  • Proficiency in programming languages such as Python, PHP, or C# is desirable.  
  • Strong problem-solving abilities, collaborative mindset, and proactive approach.  
  • Effective communication skills across diverse stakeholder groups with varying backgrounds and technical expertise within LastPass.  
  • Excellent written and verbal communication skills in English. 

It's great, but not required:

  • Certifications such as CISSP, CISM, or related certifications in information security. 
  • Akamai Certifications 
  • Experience with machine learning frameworks and tools for building anomaly detection models. 
  • Knowledge of regulatory requirements and standards related to information security. 
  • Experience with penetration testing and ethical hacking. 
  • Experience working with global teams. 

Why LastPass? 

  • Market-leading password manager
  • High-growth, collaborative environment with inclusive teams
  • Remote first culture
  • Competitive compensation 
  • Flexible Paid time off policies including but not limited to: Monthly self-care days (12 extra paid days off annually), volunteering days
  • Generous Parental leave
  • Comprehensive health coverage, dependents included
  • Home office setup support
  • LastPass families free account up to 5 members
  • Continuous learning and development opportunities

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let's build the future together!

We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.

For all US based jobs please review our Applicant Privacy Notice

For all EU based jobs please review our Candidate Privacy Notice 

Please review our CCPA Notice