Security Engineer Remote Jobs

42 Results

5d

Security System Engineer II

5 years of experienceDesign

Convergint Federal Solutions is hiring a Remote Security System Engineer II

Job Description

As a Security Systems Engineer II at Convergint Federal | SigNet Technologies, you will be an integral part of our team, responsible for designing, implementing, and supporting advanced security systems for our government and federal clients. The Security Systems Engineer II will play a pivotal role in delivering innovative security solutions, ensuring they meet the highest industry standards, and addressing the unique security challenges faced by our clients.

Value and Beliefs of this Role:
The person in this role must provide world-class service to customers, colleagues, and
communities. It requires a person of integrity, self-accountability, commitment to communicate openly and consistently, delivering results and having fun with laughter daily. In this role we want you to grow with us and deliver results as an exceptional Security Systems Engineer II. This job requires a person who remains professional, organized, collaborative, detail, and task oriented, timely, and creative at problem solving.

Key Responsibilities:

System Design:

  • Collaborate with clients and project teams to design, develop, and implement security systems, including access control, video surveillance, intrusion detection, and perimeter security.

Technology Integration:

  • Integrate a wide range of security technologies and systems to create comprehensive and effective security solutions.

Project Management:

  •  Manage the entire project lifecycle, from design and implementation to commissioning and handover, ensuring projects are completed on time and within budget.

Technical Expertise:

  • Provide technical support and expertise throughout all project phases, including troubleshooting and resolving technical issues.

Compliance:

  •  Ensure that all security system designs and implementations comply with relevant codes, regulations, and industry standards.

Documentation:

  • Generate detailed technical documentation, including system drawings, installation guides, and equipment lists.

Client Interaction:

  •  Build strong client relationships by providing expert guidance, project updates, and addressing client concerns.

Other Duties: Other duties assigned within reason of current role previously specified.

Qualifications

  • Bachelor of Science degree Engineering, Computer Science or related field
  • 3 to 5 years of experience in Computer Science or related field
  •  Ability to mentor SSE I
  •  3 to 5 years of experience working with,
    •  Access Control Systems; Video Management Systems; Intrusion Detection (Perimeter and Interior)
    •  Strong knowledge of security technologies, including access control, video surveillance, and intrusion detection systems.
    •  Infrastructure (Interior and Exterior Cabling, Fiber, Network, Wireless)
    •  Reviewing RFPs, technical specifications, and the production of cost estimate and proposals.
    • Providing cost estimates and change orders.
    • Interacting with internal and external customers to interpret technical requirements and provide guidance to shape solutions.
    • Producing a variety of written documents such as pre or post-bid engineering survey reports; read, interpret, and review electrical, electronic, and electromechanical schematics
    • Proficiency in project management and system integration.
    • Reviewing and assess CAD drawings produced by in-hours CAD team;
  • Excellent problem-solving and troubleshooting skills.
  • Strong communication and interpersonal skills.
  • Knowledge of government security regulations and clearances is a plus.

Requirements

  • Active Driver’s License
  • United States Citizenship
  • The job may require lifting objects weighing between 25 to 50 pounds. Accommodations can be provided upon request to enable individuals with disabilities to perform the essential functions.
  •  Security Clearances: This position requires a  Secret security clearance. The clearance requirements are determined by the agency(s) in which you are assigned. Convergint Federal will sponsor the level of clearance required. However, it will be your responsibility to obtain and maintain your required level of clearance.

See more jobs at Convergint Federal Solutions

Apply for this job

15d

Senior Security Engineer

PindropUS - Remote
Lambdaremote-firstazurelinuxpythonAWS

Pindrop is hiring a Remote Senior Security Engineer

Senior Security Analyst

US-Remote

Who we are

Are you passionate about innovating at the intersection of technology and personal security? At Pindrop, we recognize that the human voice is a unique personal identifier, increasingly susceptible to sophisticated fraud, including the threat of deepfakes. We're leading the way in developing cutting-edge authentication, fraud prevention, and deepfake detection. Our mission is to provide seamless and secure digital experiences, safeguarding the most personal aspect of our identity: our voice. Here, you'll be part of a team driven by values of Innovation, Customer Advocacy, Excellence, and Impact. We're not just creating a safer digital landscape by fortifying trust and integrity with those we serve, we’re also building a dynamic, supportive workplace where your contributions make a real difference.

Headquartered in Atlanta, GA, Pindrop is backed by world-class investors such as Andreessen-Horowitz, IVP, and CapitalG.

What you’ll do 

  • Represent security in internal and external meetings to discuss security analysis, findings and security/compliance responses. 
  • Review past incidents and identify attack trends. Finetune and reconfigure alerts based on prior incidents to improve detection.
  • Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization.
  • Identify and track internal and external assets to identify potential risks. Communicate these risks to internal and external stakeholders and build a plan of action.
  • Develop, update, and maintain a repository of cybersecurity threat information that may be used in conducting risk assessments and reports on cyber risk trends.
  • Build and maintain tools for automation of security events and reporting. Optimize and reconfigure tools to improve security processes.
  • Implement, maintain and monitor IDS/IPS rule sets, alerts and reports.
  • Perform investigations and improve detection processes on a wide variety of security events from various sources to determine whether they pose a threat to Pindrop
  • Identify, research and develop internal and open source tools used to improve security and threat intelligence workflows to support Pindrop's unique environment
  • Collaborate with internal and external teams to answer customer questionnaires, compliance audits.

Who you are

  • You are, hands-on problem solver that excels in dynamic fast paced environments, curious and always looking to learn., highly interested in how things work and gets excited by threat modeling and new exploits
  • You are resilient in the face of challenges, change, and ambiguity
  • You are optimistic and believe that you can make a problem into a solution
  • You are resourceful, excited to uncover innovative solutions and teach yourself something new when needed
  • You take accountability, do the things you say you’ll do, under-promise and over-deliver
  • You are nimble and adaptable when priorities change and continue to see the “forest through the trees” 

Your skill-set: 

  • 2+ years of security monitoring and incident response experience
  • Must have experience with Linux, Mac, and knowledge of Windows
  • Experience in configuration and maintenance of endpoint security solutions, eg. Crowdstrike, SentinelOne, Carbon Black.
  • Experience with security tools including SIEM, Metasploit, Splunk, Wireshark
  • In-depth knowledge of SIEM log ingestion and alert creation.
  • Hands-on experience with TCP/IP and networking
  • Ability to write scripts/code using Python or other scripting languages for automation
  • Knowledge of incident response and investigation tools and techniques
  • Experience with security operations in cloud platforms such as AWS, GCP, Azure etc.
  • Experience responding to security questionnaires and customer questions

Nice to have:

  • Experience with forensic analysis tools (commercial and open-source) and procedures desired
  • Experience with threat feeds and threat intelligence (e.g., STIX, TAXII, IOCs) desired
  • Experience with cloud logging applications, AWS Cloudtrail, VPC Flow Logs, Lambda, etc.

What’s in it for you:

As a Pindropper, you join a rapidly growing company making technology more human with the power of voice. You will work alongside some of the best and brightest. We’re a passionate group committed to excellence - but that doesn’t stop us from enjoying the journey as a team with chess and poker tournaments, catered lunches and happy hours, wellness programming, and more. Because we take our jobs seriously, we add in time for rest with Unlimited PTO, Focus Thursday, and Company-wide Rest Days.

Within 30 days:

  • You’ll focus on training and learning the basics of the company. This includes the company’s systems, procedures that should be adhered to, products and services, software, vendors, and/or clients.
  • You’ll have been introduced to your team, colleagues and have 1:1’s to assimilate into the company culture.
  • You will have the opportunity to learn the product in and out through training and a variety of resources. This then means that the majority of the things-to-do should fall along the lines of attending training sessions, gaining and mastering product knowledge, learning major corporate systems, meeting the members of your team, and getting the necessary access. 

Within 60 days:

  • You’ll have a good grasp of your working environment and you can now move onto more advanced tasks. 
  • You will start studying the best practices in the industry, create goals, meet up with your supervisor and get feedback on your performance, and build meaningful relationships with your co-workers along with taking on proper job responsibilities.  

Within 90 days

  • You’ll demonstrate a firm grasp of the company and confidence in your job function. Thus, you should be preparing to make breakthrough contributions to your team or department. 
  • The contributions may include finding new ways to improve security or coming up with ideas to save the company money. Instead of only identifying problems in the company, you should be at the forefront of brainstorming possible solutions. 
  • You will be able to spearhead new initiatives and collaborate with other teams for the good of the company. 

What we offer

As a part of Pindrop, you’ll have a direct impact on our growing list of products and the future of security in the voice-driven economy. We hire great people and take care of them. Here’s a snapshot of the benefits we offer:

  • Competitive compensation, including equity for all employees
  • Unlimited Paid Time Off (PTO)
  • 4 company-wide rest days in 2024 where the entire company rests and recharges!
  • Remote-first culture

What we live by

At Pindrop, our Core Values are fundamental beliefs at the center of all we do. They are our guiding principles that dictate our actions and behaviors. Our Values are deeply embedded into our culture in big and small ways and even help us decide right from wrong when the path forward is unclear. At Pindrop, we believe in taking accountability to make decisions and act in a way that reflects who we are. We truly believe making decisions and acting with our Core Values in mind will help us to achieve our goals and keep Pindrop a great place to work:    

  • Audaciously Innovate - We continue to change the world, and the way people safely engage and interact with technology. As first principle thinkers, we challenge standards, take risks and learn from our mistakes in order to make positive change and continuous improvement. We believe nothing is impossible.
  • Evangelical Customers for Life - We delight, inspire and empower customers from day one and for life. We create a partnership and experience that results in a shared passion.   We are champions for our customers, and our customers become our champions, creating a universal commitment to one another. 
  • Execution Excellence - We do what we say and say what we do. We are accountable for making the tough decisions and necessary tradeoffs to deliver quality and effective solutions on time.
  • Win as a Company - Every time we win, we win as a company. Every time we lose, we lose as a company. We break down silos, support one another, embrace diversity and celebrate our successes. We are better together. 
  • Make a Difference - Every day we have the opportunity to make a positive impact. We operate with dedication, passion, and uncompromising integrity, creating a safer, more secure world.

Not sure if this is you?

We want a diverse, global team, with a broad range of experience and perspectives. If this job sounds great, but you’re not sure if you qualify, apply anyway! We carefully consider every application and will either move forward with you, find another team that might be a better fit, keep in touch for future opportunities, or thank you for your time.

Pindrop is an Equal Opportunity Employer

Here at Pindrop, it is our mission to create and maintain a diverse and inclusive work environment. As an equal opportunity employer, all qualified applicants receive consideration for employment without regard to race, color, age, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetic information, disability, marital and/or veteran status.

#LI-Remote

See more jobs at Pindrop

Apply for this job

18d

Security Engineer

AcquiaRemote - Costa Rica
EC29 years of experience6 years of experienceagile3 years of experienceterraformdrupaldockerMySQLkubernetesubuntulinuxpythonAWS

Acquia is hiring a Remote Security Engineer

Acquia empowers the world’s most ambitious brands to create digital customer experiences that matter. With open source Drupal at its core, the Acquia Digital Experience Platform (DXP) enables marketers, developers, and IT operations teams at thousands of global organizations to rapidly compose and deploy digital products and services that engage customers, enhance conversions, and help businesses stand out.

Headquartered in the U.S., Acquia is positioned as a market leader by the analyst community and is listed as one of the world’s top software companies by The Software Report. We are Acquia. We are a global company with employees located in more than 30 countries, and we’re building for the future.We want you to be a part of it!

Does the challenge of finding security flaws in custom application code get your mind racing? Can you think like an attacker to misuse and break cloud services? Do you have an interest in compliance and simplifying the process for achieving it? Join Acquia and help enhance the security of the largest sites and brands on the planet, whose Drupal apps are powered by our PaaS platform and SaaS services built on top of many thousands of AWS EC2 instances.

Job Responsibilities:

  • Be a Security Champion in an agile Security Engineering team owning and operating the services you build
  • Research, specify, and test cloud hosting architectures leveraging your web, database, and OS knowledge
  • Debug the toughest distributed systems production issues

Skills:

  • 2-6 years of related experience
  • Cloud security and compliance experience using AWS (e.g., Firewalls, IDS/IPS systems, DDOS prevention and PCI-DSS, HIPAA, FedRAMP, etc.)
  • Strong software development background using any general programming language
  • Understanding of Kubernetes
  • Passion for websites and website delivery architecture
  • Deep, working knowledge of LAMP stack--OS, web server, and database systems (Linux, Apache, and MySQL preferred)
  • Linux packages (e.g., Debian or RPM packages); RHEL and Ubuntu experience
  • Networking (e.g., TCP/IP, Routing, DNS, load balancing, HTTP caching, clustering, VPN, etc.)
  • Holistic understanding of the Internet and hosting from the network layer up through the application layer.
  • Excellent organizational and communication skills, both verbal and written
  • BS in Computer Science or equivalent experience
  • Ability to work effectively across multiple teams and drive results

Preferred Qualifications: 

  • Software development using Python or Go
  • Experience with threat modeling, especially for web application and web APIs
  • Configuration management (e.g., Terraform, CloudFormation, etc.)
  • Containerization:  Docker, LXC, etc.
  • Kubernetes: Hands-on, working experience securing K8s deployments according to “hard multi-tenancy” guidelines and methods.

All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.

See more jobs at Acquia

Apply for this job

20d

Principal Platform Security Engineer

GeminiRemote (USA)
remote-firstterraformDesignkuberneteslinuxpythonAWS

Gemini is hiring a Remote Principal Platform Security Engineer

About the Company

Gemini is a global crypto and Web3 platform founded by Tyler Winklevoss and Cameron Winklevoss in 2014. Gemini offers a wide range of crypto products and services for individuals and institutions in over 70 countries.

Crypto is about giving you greater choice, independence, and opportunity. We are here to help you on your journey. We build crypto products that are simple, elegant, and secure. Whether you are an individual or an institution, we help you buy, sell, and store your bitcoin and cryptocurrency. 

At Gemini, our mission is to unlock the next era of financial, creative, and personal freedom.

In the United States, we have a flexible hybrid work policy for employees who live within 30 miles of our office headquartered in New York City and our office in Seattle. Employees within the New York and Seattle metropolitan areas are expected to work from the designated office twice a week, unless there is a job-specific requirement to be in the office every workday. Employees outside of these areas are considered part of our remote-first workforce. We believe our hybrid approach for those near our NYC and Seattle offices increases productivity through more in-person collaboration where possible.

The Department: Platform Security

The Role: Principal Platform Security Engineer

The Platform Security team secures Gemini’s infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure.

The Platform Security team covers a broad problem space that includes all areas of Gemini’s platform infrastructure. In the past, this team has focused specifically on cloud security and we continue to invest heavily in this area.  This role will bring additional depth and specialization in non-cloud infrastructure, containerization, and container orchestration security.  We also value expertise in neighboring areas of infrastructure and platform security engineering including: PKI, core cryptography, identity management, network security, etc.

Responsibilities:

  • Design, deploy, and maintain services/platforms for security and engineering teams
  • Build and improve security controls and capabilities at all layers of infrastructure
  • Partner with engineering teams on security architecture and implementation decisions
  • Collaborate with application security, threat detection, incident response, GRC and similar security functions to identify, understand, and reduce security risk

Minimum Qualifications:

  • 10+ years of experience in the field
  • Significant experience with container orchestration technologies and relevant security considerations. We often use Kubernetes and EKS
  • Significant experience in SRE, systems engineering, or network engineering
  • Significant experience with distributed systems or cloud computing. We often use AWS
  • Significant software development experience. We often use Python or Go
  • Experience building and owning high-availability critical systems or cloud-based services
  • Able to self-scope, define, and manage short and long term technical goals involving many teams and partners
  • Deep expertise in computer security principles and practices

Preferred Qualifications:

  • Experience securing AWS and Linux environments, both native and third-party
  • Experience designing and implementing cryptographic infrastructure such as PKI, secrets management, authentication, or secure data storage/transmission
  • Experience designing and implementing systems for identity and access management
  • Experience with configuration management and infrastructure as code. We often use Terraform
It Pays to Work Here
 
The compensation & benefits package for this role includes:
  • Competitive starting salary
  • A discretionary annual bonus
  • Long-term incentive in the form of a new hire equity grant
  • Comprehensive health plans
  • 401K with company matching
  • Paid Parental Leave
  • Flexible time off

Salary Range: The base salary range for this role is between $198,000 - $247,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

#LI-AH1

Apply for this job

20d

Offensive Security Engineer

MonzoCardiff, London or Remote (UK)
mobile

Monzo is hiring a Remote Offensive Security Engineer

???? We’re on a mission to make money work for everyone.

We’re waving goodbye to the complicated and confusing ways of traditional banking. 

With our hot coral cards and get-paid-early feature, combined with financial education on social media and our award winning customer service, we have a long history of creating magical moments for our customers!

We’re not about selling products - we want to solve problems and change lives through Monzo ❤️

Hear from our team about what it's like working at Monzo


 

????London or Remote (UK) | ???? £35,000 - £50,000 + Benefits | Hear from the team

⭐ Our Offensive Security team

This role sits within our Offensive Security team, reporting into the Offensive Security Manager. But this team is a part of the wider Security collective here at Monzo, a power-house team of passionate security professionals all working to make Monzo as secure as possible for our customers.

At our core though, the Offensive Security team is made up of breakers, not makers. We find the vulnerabilities, prove exploitability, then work with the other teams to fix those problems. We aren’t developers though, so we give advice to mitigate issues but don’t start coding fixes ourselves.

????You’ll play a key role by…

The work we do within the Offensive Security team is varied, but all involve hacking in one way or another. A lot of our work is project-based, with focus placed on areas we consider weak. This might mean hacking some new internal software or testing a new feature in the apps for example.

We also do projects that simulate a real adversarial attack (a bit like red teaming), and cooperate with our defensive teams to improve capabilities and skills.

The biggest service we provide to the other teams is placing a security mindset in the room. Ask those “what ifs” and get people thinking like an attacker. And it always helps to have a proof of concept to show to others!

As an Offensive Security Engineer, you’ll first be covering the smaller projects the more senior engineers can’t get to. This could include:

  • Testing new features in the Monzo apps (mainly the mobile apps, but sometimes web apps too)
  • Testing internal and public web services that support our products, tools and systems
  • Doing network testing (like attacking our office networks or hunting for vulnerabilities in sensitive networks)
  • Supporting the security bounty program

As you get more familiar and confident within the team, we’ll encourage you to take on some bigger, more challenging projects to help with your career progression at Monzo. But you won’t be alone, and always have the support of the others in the team!

????We’d love to hear from you if…

First and foremost you:

  • Have an unending curiosity to understand how the security of systems work at all levels
  • Have a strong attacker mindset, always thinking “what if I did…” when testing a system

The following would be nice, but aren’t requirements:

  • At least 2 years experience in security testing (ideally internal testers or consultants)
  • An industry recognised qualification such as CREST CRT, CCT (APP or INF), OSCP, OSCE or other equivalent (don’t be put off if you don’t have any, experience is preferred!)

????What’s in it for you

????£35,000 - £50,000 ➕ share options.

????This role can be based in our London office, but we're open to distributed working within the UK (with ad hoc meetings in London) (Please note, we are notable to offer sponsorship or relocation to the UK for this role)

⏰We offer flexible working hours and trust you to work enough hours to do your job well, and at times that suit you and your team. 

????£1,000 learning budget each year to use on books, training courses and conferences.

????We will set you up to work from home; all employees are given Macbooks and for fully remote workers we will provide extra support for your work-from-home setup. 

➕ Plus lots more! Read our full list of benefits.

???? The application journey 

If shortlisted after your application, you’ll firstly have a chat with one of the Hiring Team. If successful following on from this ⬇️

  • Initial call with a member of the security team
  • Technical interview
  • Values and Collaboration interview

This process should take around 2-3 weeks - your schedule is really important to us, so we promise to be as flexible as possible! 

We have some guidelines on using Artificial Intelligence (AI) to ace an application and interview at Monzo ???? You can read them here.

You’ll hear from us throughout the application process, but if you’ve got any questions, please reach out to business-hiring@monzo.com. You can also use this email address to let us know if there’s anything we can do to make the process easier for you because of disability, neurodiversity or anything else.

We’ll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible to make sure you don’t miss out! 

If you’d prefer to work part-time, please let us know and we'll make this happen if we can.

Equal opportunities for everyone

Diversity and inclusion are a priority for us and we’re making sure we have lots of support for all of our people to grow at Monzo. At Monzo, we’re embracing diversity by fostering an inclusive environment for all people to do the best work of their lives with us. This is integral to our mission of making money work for everyone. You can read more in our blog, 2023 Diversity and Inclusion Report and 2023 Gender Pay Gap Report.

We’re an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status.

Linkedin Tags: #LI-REMOTE#LI-MY1


Equal opportunities for everyone

Diversity and inclusion are a priority for us and we’re making sure we have lots of support for all of our people to grow at Monzo. At Monzo, we’re embracing diversity by fostering an inclusive environment for all people to do the best work of their lives with us. This is integral to our mission of making money work for everyone. You can read more in our blog, 2023 Diversity and Inclusion Report and 2023 Gender Pay Gap Report.

We’re an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status.

If you have a preferred name, please use it to apply. We don't need full or birth names at application stage ????

See more jobs at Monzo

Apply for this job

28d

Security Engineer

SinchMelbourne,Victoria,Australia, Remote Hybrid
mobile

Sinch is hiring a Remote Security Engineer

Sinch, the Customer Communications Cloud, powers meaningful conversations at scale across messaging, voice, and email to help businesses deliver unified, personalized experiences that truly revolve around their customers — no matter the channels they use. Over 150,000 businesses, including 8 of the 10 largest tech companies in the world, rely on us for their customer communication needs, with over 700 billion customer engagements each year.

 

Providing innovative mobile messaging solutions that help businesses of all sizes – from SMBs to enterprise-level to better connect with customers. Our messaging solutions for alerts and notifications, billing and payments, appointment reminders, marketing, and staff scheduling are trusted by over 65,000 customers in industries such as healthcare, education, retail, and utilities. Sinch is the number one choice for easy and engaging business messaging.

 

We are seeking a Security Engineer to join our global team. In this role you will be responsible for designing, implementing, and maintaining security protocols to safeguard sensitive information, such as customer data and company intellectual property. Must have a deep understanding of networking and system architecture, as well as knowledge of current and emerging threats and technologies. The Security Engineer plays a crucial role in incident response and developing strategies to prevent future attacks. This position requires strong analytical and communication skills, as well as a commitment to staying up to date with the latest trends and best practices in cybersecurity.

 

Key responsibilities:

  • Responsible for assessing and understanding the threat landscape by working with other Cyber functions such as Offensive Security, Digital Forensics etc. and architecting solutions to calibrate risk consistent with risk tolerance.
  • Reviewing security intelligence information and researching emerging threats - to proactively identify and prevent potential threats. 
  • Build and/or tune Sinch security tools, such as EDR, email security, and vulnerability scanning and SIEM solution to ensure that alerts are effective and actionable.
  • Augment Incident Response team to ensure 24/7 coverage and operations. Responsibilities sometimes will require working evenings and weekends, sometimes with little or no advanced notice.
  • Be able to effectively communicate, both written and verbally, complex security and technical concepts to a wide variety of stakeholders and partners and build and leverage and earn the trust of stakeholders at all levels of the organization.
  • Establish and modify runbooks that provide other subject matter experts with a consistent manner of executing the processes.
  • Employing the security technologies to continuously monitor the company’s assets, conduct technical analysis of network traffic to identify anomalies and then taking action to respond to potential vulnerabilities and threats.  

 

The successful candidate will possess the following skills and attributes:

  • Proven experience in working on threat, vuln, fraud or compliance - ideally building or supporting cross-functional mitigation programs.
  • A background that involves creating a layered security perimeter in the context of a cloud- and container-based microservices.
  • Experience supporting (or building) a security operations function in startup environments, ideally serving as incident commander for security incidents.
  • Knowledge of networking fundamentals, including TCP/IP, OSI stack model, L2, L3 and L7 fundamentals and raw packet analysis. Fluency with common cryptographic modalities
  • Experience using tools like LogRhythm, Nessus, CASB manage threat telemetry.
  • One industry-recognized security certification (CEH, CISSP, CCSP, CISA) -- or the willingness to secure one within six months.

 

We dream big — for our company, our customers, and our employees — and we hire the best talent worldwide to help us bring our vision to life. We have a local presence in more than 60 countries — probably somewhere near you!

 

We are committed to building an engaged and talented workforce that represents an environment that is inclusive, supports flexibility and welcomes diversity.

 

Our values of Dream BigWin TogetherKeep it simple and Make it Happen are the foundation for fostering an environment where diversity of thinking, skills and experiences are embraced, delivering innovation and better business results.

 

We value our team by offering:

  • WHERE YOU WORK MATTERS: We understand the benefit of a flexible schedule where you can best impact both your personal and work life, so we offer a hybrid working arrangement, work from home set up reimbursement and a global mobility policy.
  • PUT FAMILY FIRST: We know that building a family take priority, therefore we offer a generous parental leave program: 26 weeks salary for primary care giver and 4 weeks salary for secondary care giver
  • CELEBRATE YOURESELF: By providing a day off for your birthday, we want you to take the time to celebrate the year you’ve had with your nearest and dearest.
  • TAKE A BREAK: Enjoy a generous annual leave program. We value balance and understand that performance at work requires time to rest at home and/or rejuvenate on vacation.
  • STAY HEALTHY: Physical wellness supports mental wellness, so we offer a monthly fitness reimbursement allowance and other wellness programs
  • TAKE THE NEXT STEP: Coaching and career development support, including access to a range of online professional development courses
  • CARE FOR YOURSELF: Take advantage of our free virtual counselling resources through our global Employee Assistance Program. Your mental health is as important as your physical health.
  • MAKE AN IMPACT: Support betterment in your community and beyond by taking paid time off to support a volunteer program of your choice.
  • TREAT YOURSELF: Access to Reward+ program that offers a wide range of discounts and deals across retail, entertainment and much more.

 

If you are looking for the next opportunity in your career and want to work for a people focused, growing tech company, then Apply Now.

See more jobs at Sinch

Apply for this job

29d

Security Engineer

Clover HealthRemote - Canada
remote-firstDesignlinuxpython

Clover Health is hiring a Remote Security Engineer

Clover is reinventing health insurance by working to keep people healthier.

We value diversity — in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds and swaths of life to help build the future of healthcare. Clover's engineering team is empathetic, caring, and supportive. We are deliberate and self-reflective about the kind of engineering team and culture that we are building, seeking engineers that are not only strong in their own aptitudes but care deeply about supporting each other's growth.

As a Security Engineer, you will forge and nurture trusted relationships with internal technology teams (Software Engineering, SRE, DS/ML, Product) and external customers (e.g., payers, accountable care organizations, integrated delivery networks). You will partner closely with the entire technology organization to architect, design, implement, and maintain system security and controls. This ideal candidate for this role will understand the needs of software development, technical system design, and data/information security.

As a Security Engineer, you will:

  • Implement, operationalize and monitor security applications such as EDR, DLP, SAST, Vulnerability Management, and CSPM systems.
  • Serve as a SME for security related code and technical design reviews.
  • Identify and collaborate with engineering and SRE to resolve areas of security vulnerability in our software, systems and infrastructure.
  • Assess and improve systems for compliance with security requirements, policies, guidelines and standards
  • Interface with external customers on CA security reviews and assessments
  • Work to improve our general security posture and processes ranging from secure development practices to SecDevOps
  • Contribute to the planning, definition and implementation of new security solutions or related development

You will love this job if:

  • You are passionate about transforming healthcare delivery through new technologies and want to make an impact.
  • You have a bias toward action and seek to intervene before issues arise.
  • You are comfortable navigating ambiguity and working in an evolving environment.
  • You are a problem solver and a team player. You love working within teams and helping them work more efficiently.
  • You are a strong communicator and able to influence behaviors to help drive desired outcomes.
  • You are empathetic and seek to build enduring relationships with our customers and users.
  • You are analytical and use data to drive actions and evaluate outcomes.

You should get in touch if:

  • You have 1+ years of experience in a security role with priority on engineering.
  • You have experience investigating, and triaging incidents.
  • You have a basic understanding of operating systems (Linux, OSX, etc.) and networking fundamentals.
  • You have a strong understanding of at least one of the following technologies: Python, JavaScript/TypeScript, Shell Scripting (You will be tested on one).
  • You are comfortable with conducting code reviews for security vulnerabilities on a frequent basis.
  • You have assessed the security of APIs and systems by analyzing authentication, authorization mechanisms, input validation, and potential vulnerabilities.
  • You have excellent written and verbal communication skills and are able to craft clear and comprehensive reports and research to present to engineering and other stakeholders.
  • You stay up-to-date with the latest research on threats, attack vectors, and security trends and are keen to apply them to our environment.
  • You have knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO, CIS).

Benefits Overview:

  • Financial Well-Being: Our commitment to attracting and retaining top talent begins with a competitive base salary and equity opportunities. Additionally, we offer a performance-based bonus program and regular compensation reviews to recognize and reward exceptional contributions.
  • Physical Well-Being: We prioritize the health and well-being of our employees and their families by offering comprehensive group medical coverage that include coverage for hospitalization, outpatient care, optical services, and dental benefits.
  • Mental Well-Being: We understand the importance of mental health in fostering productivity and maintaining work-life balance. To support this, we offer initiatives such as No-Meeting Fridays, company holidays, access to mental health resources, and a generous annual leave policy. Additionally, we embrace a remote-first culture that supports collaboration and flexibility, allowing our team members to thrive from any location. 
  • Professional Development: We are committed to developing our talent professionally. We offer learning programs, mentorship, professional development funding, and regular performance feedback and reviews.

Additional Perks:

  • Reimbursement for office setup expenses
  • Flexibility to work from home or from our office, enabling collaboration with global teams
  • Paid parental leave for all new parents
  • And much more!

About Clover: We are reinventing health insurance by combining the power of data with human empathy to keep our members healthier. We believe the healthcare system is broken, so we've created custom software and analytics to empower our clinical staff to intervene and provide personalized care to the people who need it most.

We always put our members first, and our success as a team is measured by the quality of life of the people we serve. Those who work at Clover are passionate and mission-driven individuals with diverse areas of expertise, working together to solve the most complicated problem in the world: healthcare.

From Clover’s inception, Diversity & Inclusion have always been key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences and backgrounds, who share a passion for improving people's lives. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion and many other parts of one’s identity. All of our employee’s points of view are key to our success, and inclusion is everyone's responsibility.


#LI-REMOTE

See more jobs at Clover Health

Apply for this job

+30d

Security Engineer

BugcrowdRemote - United States
golangBachelor's degreekotlinjiragitrubyc++pythonAWSjavascript

Bugcrowd is hiring a Remote Security Engineer

We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform™. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero-day exploits. With unmatched scalability and adaptability, our data and AI-driven CrowdMatch™ technology in our platform finds the perfect talent for your unique fight. We aim to create a new era of modern crowdsourced security that outpaces threat actors. Unleash the ingenuity of the hacker community with Bugcrowd, visit www.bugcrowd.com. Based in San Francisco and New Hampshire, Bugcrowd is supported by General Catalyst, Rally Ventures, Costanoa Ventures, and others.

Job Summary 

The Security Engineer’s role is to aid the security efforts of Bugcrowd, while proactively making changes to further improve our security posture. 

To achieve this goal, we require a motivated team member who is willing to push their own boundaries and step out of their comfort zone.You will be challenged on a regular basis, especially because you are the last line of defense for one of the largest crowdsourced security platforms! The Security Engineer will provide mentoring to multiple junior security engineers and will work closely with other team members on a daily basis. 

**Please note this role will be working PST business hours

Essential Duties and Responsibilities

  • Aiding within the Incident Response process
  • Threat hunting
  • Developing patches and security controls within a Ruby on Rails application, Golang application, and Kotlin application
  • Communicating across multiple teams converting technical knowledge into palatable words for multiple audiences. 
  • Significant familiarity with AWS and network security controls
  • Identifying vulnerability root causes
  • Performing basic risk assessments and triaging
  • Educating developers on security best practices
  • Architecting solutions with developers to remediate any security concerns
  • Performing basic red team assessments (including but not limited to phishing, vishing, spoofing technologies, etc.)
  • Testing new features within the platform and services
  • Automating security tasks to increase workflow efficiency
  • Mentoring other team members

Education

  • Bachelor's Degree in a relevant field or commensurate experience
  • 3 - 5+ years of professional experience in a similar role or its equivalent.

Knowledge, Skills, and Abilities

  •  Experience with writing IR plans and operating within an IR practice (experience responding to incidents)
  • Working knowledge of Threat Intelligence and how it can be used to proactively create security controls (automation)
  • Familiarity with Pentesting techniques and OWASP Top 10
  • Ability to understand a vulnerability and work with developers to patch it
  • Scripting knowledge in at least one of: Bash, Python, JavaScript, Ruby
  • Self motivated and organized - must be able to operate from a calendar and be punctual
  • Cloud security experience or holds cloud certifications (AWS strongly preferred)
  • Experience with Identity and Access Management (IAM) controls
  • Ability to work autonomously within a global company, and critically think without intervention
  • Familiarity with git
  • Familiarity with a ticketing system / issue tracking system is a must (e.g: Jira)

Working Conditions & Physical Requirements

Sitting and / or standing - Must be able to remain in a stationary position 50% of the time

Carrying and / or lifting - Must be able to carry / move laptop as needed throughout the work day.

Environment - remote, work-from-home 100% of the time.

ADA Statement: Bugcrowd is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Bugcrowd will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact HR at ada@bugcrowd.com.

Pay Range Disclosure:The base pay range for this role takes into account the wide range of factors that are considered in making compensation decisions, including but not limited to Qualifications, Geographical Location, Education/certifications, Experience, Skill Sets, Training, and other business and organizational needs. 

A reasonable estimate of the current range for the position of Security Engineer base is: $97,000- $106,000.

This position may also be eligible to participate in a discretionary bonus program or commission plan, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Culture

  • At Bugcrowd, we understand that diversity in the workplace is vital to a company’s success and growth. We strive to make sure that people are included and have a sense of being part of making Bugcrowd not only a great product but a great place to work.
  • We regularly hear from both customers and researchers that Bugcrowd feels like a family, and we strive to maintain that internally as well.
  • Our team consists of a broad range of people: musicians, adventure sports junkies, nature lovers, parents, cereal enthusiasts, night owls, cyclists, artists—you get the point.

At Bugcrowd, we are solving security threats and vulnerabilities that are relevant to everyone, therefore we believe solving these problems takes all kinds of backgrounds. We value the perspectives and experiences people from underrepresented backgrounds bring.

 

Disclaimer

This position has access to highly confidential, sensitive information relating to the technologies of Bugcrowd. It is essential that the applicant possess the requisite integrity to maintain the information in the strictest confidence.

The company is authorized to obtain background checks for employment purposes under state and federal law. Background checks will be conducted for positions that involve access to confidential or proprietary information (including trade secrets).

Background checks may include Social Security verification, prior employment verification, personal and professional references, educational verification, and criminal history. Applicants with conviction histories will not be excluded from consideration to the extent required bylaw.


Equal Employment Opportunity:

Bugcrowd is EOE, Disability/Age Employer. 


Individuals seeking employment at Bugcrowd are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. 


Apply at: https://www.bugcrowd.com/about/careers/

 

See more jobs at Bugcrowd

Apply for this job

+30d

Splunk Security Engineer

SalesFull Time2 years of experienceDesignazureAWS

BlueVoyant is hiring a Remote Splunk Security Engineer

Splunk Security Engineer - BlueVoyant - Career Page
+30d

Security Engineer (Penetration Tester) - Remote

Paramo TechnologiesBuenos Aires, AR - Remote
jirasqlDesignmobileapilinux

Paramo Technologies is hiring a Remote Security Engineer (Penetration Tester) - Remote

To apply for this position, you must be based in the Americas, preferably Latin America (the United States of America is not applicable). Applications from other locations will be disqualified from this selection process.

We are...

a cutting-edge e-commerce company developing products for our technological platform. Our creative, smart, dedicated teams pool their knowledge and experience to find the best solutions to meet project needs while maintaining sustainable and long-lasting results. How? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative, and respectful culture.

What you will be doing...

You will protect our infrastructure by searching for and helping address vulnerabilities. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.

Must also be bilingual: English/Spanish.

Key Responsibilities:

  • Perform thorough penetration testing on various components of the organization's IT infrastructure, including networks, web applications, API, mobile applications, and cloud environments.
  • Use various tools and techniques to identify security weaknesses, such as SQL injection, cross-site scripting (XSS), privilege escalation, and other vulnerabilities.
  • Develop and execute attack scenarios to assess the effectiveness of security controls and defenses.
  • Conduct vulnerability assessments to identify and evaluate security flaws and weaknesses within systems and applications.
  • Analyze and prioritize vulnerabilities based on risk assessment and potential impact on the organization.
  • Create detailed reports documenting findings from penetration tests and vulnerability assessments, including descriptions of vulnerabilities, exploitation methods, and recommended remediation actions.
  • Triage vulnerabilities reported in a bug bounty program.
  • Prepare and present technical and executive-level reports that clearly communicate security issues, risks, and mitigation strategies.
  • Ensure that documentation is accurate, comprehensive, and delivered on time.
  • Work closely with IT, development, and security teams to address identified vulnerabilities and guide remediation efforts.
  • Advise on best practices for securing systems and applications based on penetration testing findings and industry standards.
  • Participate in developing and improving security policies, procedures, and practices.
  • Stay updated with the latest penetration testing tools, techniques, and threat vectors.
  • Develop custom scripts and tools to aid penetration testing and automate repetitive tasks.
  • Contribute to the refinement and enhancement of testing methodologies and frameworks.
  • Engage in ongoing training and professional development to enhance skills and stay current with emerging threats and technologies.
  • Share knowledge and expertise with the team to foster a culture of security awareness and continuous improvement.
  • Participate in internal and external security assessments, including red team exercises and vulnerability management programs.
  • Ensure penetration testing activities comply with industry standards, regulatory requirements, and organizational policies.
  • Maintain an open-source way of thinking when performing penetration testing.
  • Adhere to different policies set out by the organization.
  • Follow and improve existing procedures.
  • Keep your work organized based on tickets (Jira).
  • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
  • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
  • Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
  • Help the organization understand advanced cyber threats.

Knowledge and skills you need to have

  • Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
  • At least 5 years of work experience in similar roles.
  • Fundamental technical understanding and experience assessing vulnerabilities and identifying weaknesses in web applications, APIs, operating systems (Windows and Linux), networks, databases, and application servers.
  • Ability to prioritize remediation and handle mitigation planning.
  • Experience in working collaboratively with cross-functional/transverse IT teams.
  • Ability to apply a risk-based approach while working on assigned responsibilities.
  • Good understanding of reporting needs at various organizational levels and ability to design, create, and present them.
  • Experience in working with any BI tools to prepare dashboards.
  • Troubleshooting and problem-solving capabilities.
  • Excellent analytical, communication, and documentation skills.
  • Ability to organize work and prioritize work as per the operation's needs.
  • Ability to work independently and as part of the Information Security Team, and can work under minimal supervision.
  • Should have time management skills and manage work in a fast-moving environment.

Competencies:

  • Reading comprehension: You must be able to read and understand the existing procedures and the tasks assigned to tickets. This is crucial for you to work under minimal supervision and excel. If you are a technical guru but don't understand the assigned tasks in writing or don't clarify doubts, this is not your job.
  • Organization: This position has 50% recurring tasks (e.g. reviewing weekly vulnerability scans), 30% research tasks (e.g. identifying why a vulnerability scan isn't working as expected and solving it together with other teams), 10% chasing other teams (e.g. ensuring that a vulnerability is remedied), and 10% procedures (e.g. improving existing procedures).
  • Prioritization: You must attend to the priorities of the assigned tasks and assign the right priority to the discovered vulnerabilities.
  • Strong interpersonal, written, and oral communication skills.
  • Able to conduct research into security issues and products as required.
  • Ability to prioritize and execute tasks during a high-pressure moment and make sound decisions in emergencies.
  • Ability to present ideas in a user-friendly language.
  • Keen attention to detail.
  • Proven analytical and problem-solving abilities.
  • Strong customer service orientation.
  • Ability to manage multiple projects, activities, and tasks simultaneously.
  • Facilitation and change management skills.

Bonus points for the following

Additional requirements, not essential but "nice to have":

  • Any Penetration Testing certification (i.e. CEH, OSCP, GPEN, Pentest+).
  • Any Vulnerability Management certification.
  • Knowledge of Splunk SIEM.
  • Knowledge of CDN and WAF usage and configuration (i.e. Cloudflare, Imperva).
  • Any other Cybersecurity certification.

Why choose us?

We provide the opportunity to be the best version of yourself, develop professionally, and create strong working relationships, whether working remotely or on-site. While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do. We are dedicated to listening to our team's needs and are constantly working on creating an environment in which you can feel at home.

We offer a range of benefits to support your personal and professional development:

Benefits:

  • 22 days of annual leave
  • 10 days of public/national holidays
  • Health insurance options
  • Access to online learning platforms
  • On-site English classes in some countries, and more.

Join our team and enjoy an environment that values and supports your well-being. If this sounds like the place for you, contact us now!

See more jobs at Paramo Technologies

Apply for this job

+30d

Security Engineer (SIEM) - Remote

Paramo TechnologiesBuenos Aires, AR - Remote
jiraDesign

Paramo Technologies is hiring a Remote Security Engineer (SIEM) - Remote

To apply for this position, you must be based in the Americas, preferably Latin America (the United States of America is not applicable). Applications from other locations will be disqualified from this selection process.

We are...

a cutting-edge e-commerce company developing products for our technological platform. Our creative, smart, dedicated teams pool their knowledge and experience to find the best solutions to meet project needs while maintaining sustainable and long-lasting results. How? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative, and respectful culture.

What you will be doing...

You will protect our infrastructure by grabbing, analyzing and monitoring logs and events. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.

Must also be bilingual: English/Spanish.

Key responsibilities of this Role

  • Monitor security alerts and notifications from various sources, including applications, network devices, operating systems, EDR, etc.
  • Investigate and analyze security incidents, including potential breaches, malware infections, and policy violations.
  • Coordinate with other teams to contain and remediate security incidents, minimizing impact and recovery time.
  • Document and report on incident details, responses, and resolutions.
  • Perform continuous monitoring of network traffic, system logs, and security events to identify anomalies and potential threats.
  • Analyze security alerts and perform detailed forensic investigations to determine the root cause of incidents.
  • Maintain and optimize security tools and technologies, including SIEM platforms, IDS/IPS, endpoint protection, EDR, and threat intelligence feeds.
  • Configure and tune security systems to reduce false positives and improve detection capabilities.
  • Create and maintain detailed documentation for security incidents, including incident reports, post-mortem analysis, and lessons learned.
  • Prepare and present regular reports on security incidents, trends, and metrics to senior management.
  • Ensure compliance with relevant regulatory requirements and internal policies.
  • Work closely with IT to enhance our security posture and respond to emerging threats.
  • Collaborate with external partners, vendors, and law enforcement when necessary for incident resolution and information sharing.
  • Provide guidance and support to junior security staff and other teams on security best practices and incident handling.
  • Stay up-to-date with the latest cybersecurity trends, threats, and technologies.
  • Creation of dashboards and KPIs.
  • Participate in ongoing training and professional development to enhance skills and knowledge.
  • Contribute to developing and refining SIEM procedures, playbooks, and response strategies.
  • Assist in creating and updating security policies, procedures, and incident response plans.
  • Ensure that security controls are consistently applied and followed across the organization.
  • Adhere to different policies set out by the organization.
  • Follow and improve existing procedures.
  • Keep your work organized based on tickets (Jira).
  • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
  • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
  • Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
  • Help the organization understand advanced cyber threats.
  • Possibility to perform on-call after working hours and weekends.

Knowledge and skills you need to have

  • Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
  • At least 5 years of work experience in similar roles.
  • Working and hands-on experience in running and handling SIEM on Splunk.
  • Data analysis experience.
  • Experience in working collaboratively with cross-functional/transverse IT teams.
  • Ability to apply a risk-based approach while working on assigned responsibilities.
  • Good understanding of reporting needs at various organizational levels and ability to design, create, and present them.
  • Experience in working with any BI tools to prepare dashboards.
  • Troubleshooting and problem-solving capabilities.
  • Excellent analytical, communication, and documentation skills.
  • Ability to organize work and prioritize work as per the operation’s needs.
  • Ability to work independently and as part of the Information Security Team, and can work under minimal supervision.
  • Should have time management skills and manage work in a fast-moving environment.

Competencies:

  • Reading comprehension: You must be able to read and understand the existing procedures and the tasks assigned to tickets. This is crucial for you to work under minimal supervision and excel. If you are a technical guru but don't understand the assigned tasks in writing or don't clarify doubts, this is not your job.
  • Organization: This position has 50% recurring tasks (e.g. reviewing abnormal logs every day), 30% research tasks (e.g. understand why certain logs are received and identify the root cause), 10% chasing other teams (e.g. ensuring that we receive logs from every single application and device), and 10% procedures (e.g. creating new procedures).
  • Prioritization: You must attend to the priorities of the assigned tasks and assign the right priority to the SIEM alerts.
  • Strong interpersonal, written, and oral communication skills.
  • Ability to prioritize and execute tasks during a high-pressure moment and make sound decisions in emergencies.
  • Ability to present ideas in a user-friendly language.
  • Keen attention to detail.
  • Proven analytical and problem-solving abilities.
  • Strong customer service orientation.
  • Ability to manage multiple projects, activities, and tasks simultaneously.
  • Facilitation and change management skills.

Bonus points for the following

Additional requirements, not essential but "nice to have":

  • Knowledge of other SIEM (Graylog, Google Chronicle, etc.).
  • Knowledge of data analysis.
  • Any Cybersecurity certification.

Why choose us?

We provide the opportunity to be the best version of yourself, develop professionally, and create strong working relationships, whether working remotely or on-site. While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do. We are dedicated to listening to our team's needs and are constantly working on creating an environment in which you can feel at home.

We offer a range of benefits to support your personal and professional development:

Benefits:

  • 22 days of annual leave
  • 10 days of public/national holidays
  • Health insurance options
  • Access to online learning platforms
  • On-site English classes in some countries, and more.

Join our team and enjoy an environment that values and supports your well-being. If this sounds like the place for you, contact us now!

See more jobs at Paramo Technologies

Apply for this job

+30d

Senior Security Engineer II

SignifydUnited States (Remote);
DevOPSBachelor's degreeBachelor degreeDesignazurejavapythonAWSjavascript

Signifyd is hiring a Remote Senior Security Engineer II

The Security Engineer at Signifyd assists cybersecurity operations and vulnerability management across the organization. This role works with other security engineers and analysts on the team by contributing integrations, implementations and reviews with our security systems. They setup, configure, and use these solutions to identify threats and vulnerabilities within our networks and applications then cross coordinate with other departments to ensure timely remediation. The Security Engineer reports to the Director, Head of Information Security and Compliance while supporting the Security Risk Manager with auditable evidence of control effectiveness.

Responsibilities

You will perform the following responsibilities alongside other members of the information security team:

  • Engineer data feeds, rules, and tuning for the system information and event manager (SIEM);

  • Triage security operations center (SOC) alerts as the Level II/III escalation support;

  • Triage secrets scanning, static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools;

  • Triage cloud security posture management (CSPM), infrastructure as code (IaC) security scanning, and attack surface violations;

  • Identify patch management gaps using our vulnerability management software and collaborate with IT and Engineering teams on resolutions;

  • Perform internal security testing, assessments, and triaging of alerts from security tooling;

  • Conduct secure code reviews, secure design reviews, and threat modeling activities;

  • Support GRC activities through control evidence collection;

  • Contribute to operational support activities for all security capabilities. This includes preparing self service operational support documentation for developers and project teams, responding to internal support chat groups;

  • Contribute to design and development of observability metrics and monitoring capabilities for all security capabilities utilizing DevOps or SRE principles;

  • Support the creation and publication of metrics on security functions usage and remediation status for consumption by developers and project teams.

Requirements

  • Ability to automate or develop basic tasks in at least one programming language such as: Java, JavaScript, Python

  • Professional certifications such as WAPT, PPT, OSCP, etc and/or computer science degree;

  • 1+ years security engineer experience or 2+ years as a Security Analyst or equivalent;

  • Experience working with cloud technologies such as: AWS, GCP, Azure, Docker/Kubernetes.

#LI-Remote

Benefits in our US offices:

  • Discretionary Time Off Policy (Unlimited!)
  • 401K Match
  • Stock Options
  • Annual Performance Bonus or Commissions
  • Paid Parental Leave (12 weeks)
  • On-Demand Therapy for all employees & their dependents
  • Dedicated learning budget through Learnerbly
  • Health Insurance
  • Dental Insurance
  • Vision Insurance
  • Flexible Spending Account (FSA)
  • Short Term and Long Term Disability Insurance
  • Life Insurance
  • Company Social Events
  • Signifyd Swag

We want to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

Signifyd provides a base salary, bonus, equity and benefits to all its employees. Our posted job may span more than one career level, and offered level and salary will be determined by the applicant’s specific experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.

USA Base Salary Pay Range
$90,000$135,000 USD

See more jobs at Signifyd

Apply for this job

+30d

System Security Engineer (EMEA)

FortanixNetherlands, Remote
agile

Fortanix is hiring a Remote System Security Engineer (EMEA)

About Fortanix:  

In today's world, where data spreads across various clouds and devices, traditional security measures aren't enough. Businesses need a dynamic approach to defend against constant cyber threats and ensure agile data security. Fortanix leads the way in data-centric cybersecurity for hybrid multicloud environments, using advanced cryptography, encryption, and confidential AI solutions.  

As data breaches become more frequent and traditional defenses fall short, we focus on data exposure management to keep your information safe. Our unified data security platform addresses vulnerabilities in hybrid multicloud environments, defends against threats, and makes it easier to discover, assess, and fix data exposure risks. Whether implementing a Zero Trust model or preparing for the post-quantum computing era, we help businesses worldwide protect their most sensitive data, wherever it is. 

Our commitment to solving the world’s toughest data security challenges has earned Fortanix multiple Cybersecurity Excellence and Innovation Awards, as well as recognition from industry giants such as Microsoft, Intel, ServiceNow, and Snowflake. 

Our team includes industry leaders and cryptography experts, creating a culture of trust, innovation and collaboration where every voice is valued. Recognized as a Great Place to Work, we're looking for passionate individuals to help us shape the future of data security and work towards a safer digital future. 

We are looking for a Systems Security Engineerto join our team.

The ideal candidate will be a technical leader who can provide strategic direction and hands-on expertise in developing tools and SDKs for our confidential computing platforms. This role requires a deep understanding of security, software development, computer architecture & operating systems. 

 

What you’ll do (Duties and Responsibilities):  

  • Work on computer architecture & organization & computer systems
  • Support software development on Confidential Computing platforms
  • Enable remote attestation using low-level platform primitives
  • Develop tools and SDKs for confidential computing platforms. 
  • Develop, and implement high-quality software solutions that meet security and performance standards. 
  • Stay current with emerging technologies and industry trends in security. 
  • Participate in code reviews to ensure best practices in software development, and maintain high standards of code quality.

 

What you’ll need (Basic Qualifications) 

  • Experience in computer architecture & operating systems 
  • 1+ years of hands-on experience with C/C++, Rust, and x86 or ARM assembly, and some other high level language 
  • Degree in Computer Security or Computer Systems, or equivalent experience  
  • Problem-solving skills and the ability to think critically and creatively. 

 

Preferred Technical And Professional Expertise  

  • Professional experience in secure enclave technology (e.g., Intel SGX, AMD SEV-SNP, Intel TDX, etc.) 
  • Knowledge of software development tools and methodologies, including CI/CD, Agile, and DevOps.  
  • Understanding of computer architecture & organization (CPU context, virtual memory, VT-x, SVM, etc.) & computer systems (VirtIO, synchronization, filesystems, etc.)
  • Experience with the following technologies:
    • Rust
    • Linux container images
    • Cloud offerings
    • Platform security enhancements
  • We offer a competitive salary and equity package
  • Quarterly recharge days 
  • 40 hours of Volunteer Time Off/year
  • The opportunity to redefine cloud computing in a friendly, collaborative work environment.  

Fortanix is an equal opportunity employer that celebrates diversity and is committed to creating an inclusive workplace with equal opportunity for all applicants and teammates. Our goal is to recruit the most talented people from a diverse candidate pool regardless of race, color, religion, age, gender, gender identity, sexual orientation or any other status. If you’re interested in working in a fast growing, exciting working environment – we encourage you to apply! 

See more jobs at Fortanix

Apply for this job

+30d

Lead Security Engineer

RoktSydney,New South Wales,Australia, Remote Hybrid
Designkubernetes

Rokt is hiring a Remote Lead Security Engineer

We are Rokt, a hyper-growth ecommerce leader. We enable companies to unlock value by making each transaction relevant at the moment that matters most, when customers are buying. Together, Rokt's AI-based relevance Platform and scaled ecommerce Network powers billions of transactions. In December 2022, Rokt’s valuation increased to $2.4 billion USD, allowing us to expand rapidly across 15 countries. 


The Rokt engineering team builds best-in-class ecommerce technology that provides personalized and relevant experiences for customers globally and empowers marketers with sophisticated, AI-driven tooling to better understand consumers. Our bespoke platform handles millions of transactions per day and considers billions of data points which give engineers the opportunity to build technology at scale, collaborate across teams and gain exposure to a wide range of technology.

At Rokt, we practice transparency in career paths and compensation.

At Rokt, we believe in transparency, which is why we have a well-defined career ladder with transparent compensation and clear career paths based on competency and ability. Rokt’stars constantly strive to raise the bar, pushing the envelope of what is possible.

We are looking for a Senior Machine Learning Engineer

Compensation:$190,000-$235,000 including superannuation, plus employee equity plan grant & world class benefits.

As a Lead Security Engineer, you are someone has some experience leading a team at a fast-past startup or in a recognised cybersecurity consulting firm, leading delivery of Cloud-first products or have been involved in the re-architecture of existing Cloud infrastructure towards Cloud-native design patterns that are horizontally scalable with always-up guarantees.

You'll be able to drive design decisions to establish a ‘paved road’ for the business to be able to deliver software and services using secure-by-default and secure-by-design patterns where security is automatically baked in, with a vision for what a highly secure Kubernetes environment and modern SSDLC process should like and are excited to get an opportunity to have the autonomy and remit to take charge and help drive change at Rokt to deliver on that vision.

About the Role:

  • Lead the existing Security Engineering team in Sydney, whom are focused on Cloud, Data, Network, and Application security
  • Assist in the design and delivery of a secure-by-default and secure-by-design core operating environment based on ‘Zero Trust’ principles
  • Assist in the design and delivery of a standardized SDLC process with automated CI/CD pipelines to provide security assurance and address supply chain risks throughout the development lifecycle
  • Develop security standards, guidelines and architectural patterns that facilitate rapid deployment of new applications and services while maintaining security best practices.
  • Define a comprehensive Cloud security strategy and change management process, ensuring all infrastructure, configuration, applications and policies are managed ‘as code’ and pass necessary security gates.
  • Ensure all data stored in the Cloud is discovered and appropriately governed and protected in accordance with compliance requirements and business goals..

About You:

  • 8+ years in security engineering, and 3+ years as a hands on team lead or manager.
  • Navigated large scale and multi-Cloud environments, in active-active configurations with an expectation of zero downtime, using either or both AWS & GCP, with strong expertise in Kubernetes and familiarity with CNCF projects (Istio/Envoy, Cillium, OPA, Tetragon, …)
  • Good understanding of security technologies, including network security, cryptography, workload identity and authorization, secure coding practices, cloud security, and more. Stay updated on the latest security threats and mitigation techniques.
  • Some software engineering background including coding patterns and foundational algorithms
  • Experience maturing a software delivery pipeline using modern supply chain best practices and technologies, including immutable builds, hermetic builds, SLSA, OpenSSF, SBOM, CBOM, code signing, etc.

About Rokt’stars:

As a mission-driven, hyper-growth community of curious explorers, our ambition is to unlock the full potential in ecommerce and beyond. Our bias for action means we are not afraid to quickly venture into uncharted territories, take risks or challenge the status quo; in doing so we either win or learn. We work together as one aligned team never letting egos get in the way of brilliant ideas. We value diversity, transparency and smart humble people who enjoy building a disruptive business together. We pride ourselves on being a force for good as we make the world better. 

About The Benefits:

We leverage best-in-class technology and market-leading innovation in AI and ML, with all of that being underlined by building and maintaining a fantastic and inclusive culture where people can be their authentic selves, and offering a great list of perks and benefits to go with it:

  • Accelerate your career. We offer roadmaps to leadership and an annual $5000 training allowance
  • Become a shareholder. Every Rokt’star gets equity in the company
  • Enjoy catered lunch every day and healthy snacks in the office. Plus join the gym on us! 
  • Extra leave (bonus annual leave, sabbatical leave etc.) 
  • Work with the greatest talent in town
  • See the world! We have offices in New York, Seattle, Sydney, Tokyo and London

We believe we’re better together. We love spending time together and are in the office most days (teams are in the office 4 days per week). We also get that you need to balance your life and your commitments so you have the flexibility to manage your own hours and can spend up to a week of every quarter working from anywhere.

If this sounds like a role you’d enjoy, apply here and you’ll hear from our recruiting team.

See more jobs at Rokt

Apply for this job

+30d

Senior Security Engineer

Clover HealthRemote - Canada
remote-firstDesignpython

Clover Health is hiring a Remote Senior Security Engineer

Clover is reinventing health insurance by working to keep people healthier.

We value diversity — in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds and swaths of life to help build the future of healthcare. Clover's engineering team is empathetic, caring, and supportive. We are deliberate and self-reflective about the engineering team and culture that we are building, seeking engineers that are not only strong in their own aptitudes but care deeply about helping each other's growth.

As a Senior Security Engineer, you will forge and nurture trusted relationships with internal technology teams (Software Engineering, SRE, DS/ML, Product) and external customers (e.g., payers, accountable care organizations, integrated delivery networks). You will partner closely with the entire technology organization to architect, design, implement, and maintain system security and controls. This role will be an expert who understands the needs of software development, technical system design, and data/information security.

As a Senior Security Engineer, you will:

  • Implement, operationalize and monitor security applications such as EDR, DLP, Vulnerability Management, and CSPM systems.
  • Serve as a SME for security related code and technical design reviews.
  • Identify and collaborate with engineering and SRE to resolve areas of security vulnerability in our software, systems and infrastructure.
  • Serve as security point-of-contact for audit/certification programs such as HITRUST, SOC 2, and HIPAA
  • Assess and improve systems for compliance with security requirements, policies, guidelines and standards (see above)
  • Interface with external customers on CA security reviews and assessments
  • Monitor and regularly review our system for intrusions, threats, and anomalies
  • Work to improve our general security posture and processes ranging from secure development practices to SecDevOps
  • Contribute to the planning, definition and implementation of new security solutions or related development

You will love this job if:

  • You are passionate about transforming healthcare delivery through new technologies and want to make an impact.
  • You have a bias toward action and seek to intervene before issues arise.
  • You are comfortable navigating ambiguity and working in an evolving environment.
  • You are a problem solver and a team player. You love working within teams and helping them work more efficiently.
  • You are a strong communicator and able to influence behaviors to help drive desired outcomes.
  • You are empathetic and seek to build enduring relationships with our customers and users.
  • You are analytical and use data to drive actions and evaluate outcomes.

You should get in touch if:

  • Experience investigating, and triaging incidents.
  • Strong understanding of at least one of the following technologies: Python, JavaScript/TypeScript, Shell Scripting (You will be tested on one).
  • You are comfortable with conducting code reviews for security vulnerabilities on a frequent basis.
  • You have assessed the security of APIs and systems by analyzing authentication, authorization mechanisms, input validation, and potential vulnerabilities.
  • You have excellent written and verbal communication skills and are able to craft clear and comprehensive reports and research to present to engineering and other stakeholders.
  • You stay up-to-date with latest research on threats, attack vectors, and security trends and are keen to apply them to our environment
  • You demonstrate influence and are able to lead/mentor internal teams and customers toward shared goals and objectives.

Benefits Overview:

  • Financial Well-Being: Our commitment to attracting and retaining top talent begins with a competitive base salary and equity opportunities. Additionally, we offer a performance-based bonus program and regular compensation reviews to recognize and reward exceptional contributions.
  • Physical Well-Being: We prioritize the health and well-being of our employees and their families by offering comprehensive group medical coverage that include coverage for hospitalization, outpatient care, optical services, and dental benefits.
  • Mental Well-Being: We understand the importance of mental health in fostering productivity and maintaining work-life balance. To support this, we offer initiatives such as No-Meeting Fridays, company holidays, access to mental health resources, and a generous annual leave policy. Additionally, we embrace a remote-first culture that supports collaboration and flexibility, allowing our team members to thrive from any location. 
  • Professional Development: We are committed to developing our talent professionally. We offer learning programs, mentorship, professional development funding, and regular performance feedback and reviews.

Additional Perks:

  • Reimbursement for office setup expenses
  • Flexibility to work from home or from our office, enabling collaboration with global teams
  • Paid parental leave for all new parents
  • And much more!

About Clover: We are reinventing health insurance by combining the power of data with human empathy to keep our members healthier. We believe the healthcare system is broken, so we've created custom software and analytics to empower our clinical staff to intervene and provide personalized care to the people who need it most.

We always put our members first, and our success as a team is measured by the quality of life of the people we serve. Those who work at Clover are passionate and mission-driven individuals with diverse areas of expertise, working together to solve the most complicated problem in the world: healthcare.

From Clover’s inception, Diversity & Inclusion have always been key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences and backgrounds, who share a passion for improving people's lives. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion and many other parts of one’s identity. All of our employee’s points of view are key to our success, and inclusion is everyone's responsibility.


#LI-REMOTE

See more jobs at Clover Health

Apply for this job

Lampenwelt GmbH is hiring a Remote IT Security Engineer (f/m/d)

Stellenbeschreibung

Wir suchen einen engagierten IT Security Engineer (f/m/d), der unsere Sicherheitsarchitektur mit Leidenschaft stärkt. In deiner Rolle als Experte für IT Security spielst du eine zentrale Rolle bei der Identifizierung, Analyse und Minderung von Sicherheitsrisiken. Du arbeitest Hand in Hand mit verschiedenen Teams, um unsere Sicherheitsstrategien, überwiegend in Projekten, weiterzuentwickeln, zu implementieren und kontinuierlich zu verbessern und bist Sparringspartner in der täglichen Analyse von Security Alerts. 

Gelegentliche Vor-Ort-Einsätze sind erforderlich, ansonsten ist auch Remote-Arbeit möglich. 

 

Wo deine Skills gefragt sind

  • Weiterentwicklung, Implementierung und Überwachung von Security Policies, um die Einhaltung von Standards und Best Practices sicherzustellen 
  • Administration und Beratung hinsichtlich unserer Security Infrastruktur, inklusive IAM, Cloud-, Endpoint- und Network Security
  • Durchführung von Security Assessments, inklusive Risiko-, Schwachstellen- und Compliance-Management
  • Proaktives Incident Management, von der schnellen Reaktion auf Sicherheitsvorfälle bis hin zum Business Continuity Management
  • Förderung der Sicherheitskultur durch Unterstützung bei der Durchführung regelmäßiger Security Awareness Trainings und Penetrationstests sowie Sicherheitsscans
  • Stetige Weiterentwicklung und Verfeinerung der Shared LUQOM IT-Services mit Fokus auf IT Security

Qualifikationen

Lampenwelt ist der richtige Ort für dich, wenn du Veränderungen als Chance begreifst und neugierig auf das Unbekannte bist. Wenn du dich jeden Tag aufs Neue herausforderst, um die beste Lösung zu finden. Hier wird dir Verantwortung übertragen, damit du deine Ideen nicht nur einbringen, sondern auch selbst umsetzen kannst. Bei Lampenwelt gehen wir jeden Tag ein Stück weiter, handeln schnell, sind offen und setzen auf eine direkte und lösungsorientierte Kommunikation auf allen Ebenen. 

Was dir helfen wird, zukünftige Herausforderungen zu meistern 

  • Tiefgehendes Verständnis für IT-Sicherheitskonzepte und -technologien
  • Fundiertes Wissen über Netzwerktechnologien, Cloud- & On-Prem Security Lösungen, End Point Protection, Betriebssystemen und SIEM
  • Kenntnisse im Umfeld von Microsoft Defender von Vorteil, insbesondere im Bereich Defender for Endpoint, Cloud sowie Identity
  • Starkes Interesse an neuen Technologien und fortlaufender persönlicher sowie beruflicher Weiterentwicklung
  • Eigeninitiative und Teamgeist bei der Durchführung von IT-Projekten
  • Analytische, konzeptionelle, strukturierte und eigenständige Arbeitsweise
  • Ausgeprägte Teamfähigkeit, Kommunikationsstärke und Engagement
  • Abgeschlossene Ausbildung im IT-Bereich oder ein Studium in Wirtschaftsinformatik, Informatik oder einem verwandten Feld
  • Sehr gute Deutsch- und Englischkenntnisse in Wort und Schrift

See more jobs at Lampenwelt GmbH

Apply for this job

+30d

Staff Platform Security Engineer

GeminiRemote (USA)
remote-firstterraformDesignkuberneteslinuxpythonAWS

Gemini is hiring a Remote Staff Platform Security Engineer

About the Company

Gemini is a global crypto and Web3 platform founded by Tyler Winklevoss and Cameron Winklevoss in 2014. Gemini offers a wide range of crypto products and services for individuals and institutions in over 70 countries.

Crypto is about giving you greater choice, independence, and opportunity. We are here to help you on your journey. We build crypto products that are simple, elegant, and secure. Whether you are an individual or an institution, we help you buy, sell, and store your bitcoin and cryptocurrency. 

At Gemini, our mission is to unlock the next era of financial, creative, and personal freedom.

In the United States, we have a flexible hybrid work policy for employees who live within 30 miles of our office headquartered in New York City and our office in Seattle. Employees within the New York and Seattle metropolitan areas are expected to work from the designated office twice a week, unless there is a job-specific requirement to be in the office every workday. Employees outside of these areas are considered part of our remote-first workforce. We believe our hybrid approach for those near our NYC and Seattle offices increases productivity through more in-person collaboration where possible.

The Department: Platform Security

In the emerging industry of digital assets, there is nothing more important than trust. The Gemini security team forms the backbone of trust. In fact, Gemini’s very first hires were security specialists and we continue to tackle unique challenges in the crypto space.  Our team ensures that our customers, clients, and employees are safe, secure, and supported.

The Platform Security team secures Gemini’s infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure.

The Role: Staff Security Engineer

The Platform Security team covers a broad problem space that includes all areas of Gemini’s platform infrastructure. In the past, this team has focused specifically on cloud security and we continue to invest heavily in this area.  This role will bring additional depth and specialization in non-cloud infrastructure, containerization, and container orchestration security.  We also value expertise in neighboring areas of infrastructure and platform security engineering including: PKI, core cryptography, identity management, network security, etc.

Responsibilities:

  • Design, deploy, and maintain services/platforms for security and engineering teams
  • Build and improve security controls and capabilities at all layers of infrastructure
  • Partner with engineering teams on security architecture and implementation decisions
  • Collaborate with appsec, threat detection, incident response, GRC and similar security functions to identify, understand, and reduce security risk

Minimum Qualifications:

  • 6+ years of experience in the field
  • Significant experience with container orchestration technologies and relevant security considerations. We often use Kubernetes and EKS
  • Experience in SRE, systems engineering, or network engineering
  • Experience with distributed systems or cloud computing. We often use AWS
  • Significant software development experience. We often use Python or Go
  • Experience building and owning high-availability critical systems or cloud-based services
  • Able to self-scope, define, and manage short and long term technical goals
  • Familiarity with computer security principles and practices

Preferred Qualifications:

  • Experience securing AWS and Linux environments, both native and third-party
  • Experience designing and implementing cryptographic infrastructure such as PKI, secrets management, authentication, or secure data storage/transmission
  • Experience designing and implementing systems for identity and access management
  • Experience with configuration management and infrastructure as code. We often use Terraform
It Pays to Work Here
 
The compensation & benefits package for this role includes:
  • Competitive starting salary
  • A discretionary annual bonus
  • Long-term incentive in the form of a new hire equity grant
  • Comprehensive health plans
  • 401K with company matching
  • Paid Parental Leave
  • Flexible time off

Salary Range: The base salary range for this role is between $172,000 - $215,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

Apply for this job

+30d

Corporate Security Engineer

GrammarlyGermany; Hybrid
remote-firstDesignjavapython

Grammarly is hiring a Remote Corporate Security Engineer

Grammarly is excited to offer aremote-first hybrid working model. Grammarly team members in this role must be based in Germany, and, depending on business needs, they must meet in person for collaboration weeks, traveling if necessary to the hub(s) where their team is based.


This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

About Grammarly

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of theFortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we are looking for a Corporate Security Engineer to join the enterprise security team. This role is crucial to safeguarding Grammarly's corporate environment, where our extraordinary employees work their magic daily. From our versatile laptop fleet (Mac and Windows) to our innovative SaaS apps and other Corporate Infrastructure, this role will be instrumental in ensuring our success and securing our valuable assets. With a confident and thoughtful approach, they’d build and implement solutions that raise the security bar for our corporate infrastructure. If you love working on security and operations, we are excited to have you join our dynamic team!

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog

Trust is critical to Grammarly’s mission. As a Corporate Security Engineer, the Enterprise Security team’s mission is to defend Grammarly’s corporate assets from all threats through risk reduction. Enterprise Security reduces risk to Grammarly by advising, supporting, building, operating, and assuring multiple critical preventive and reactive security controls in tight collaboration with teams and stakeholders across the company.

In this role, you will:

  • Contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust.
  • Collaborate with our Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies.
  • Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains, including:
    • Endpoint Detection and Response (EDR)
    • Email Security
    • Ransomware Resilience
    • Data Loss Prevention (DLP)/Insider Risk
    • Conditional Access
    • Vendor/Business Process Outsourcing (BPO) Security
    • Device Posture and Attestation, Shadow IT
    • Threat and Vulnerability Management (TVM)
    • Identity and Access Management (IAM)
    • Public Key Infrastructure (PKI)
  • Perform risk assessments and security assurance (threat modeling, code review as necessary) on a range of systems that support Grammarly’s business operations:
    • Operating Systems and commercial/open-source desktop applications
    • Internally developed Enterprise Infrastructure Services
    • Third-Party Software as a Service (SaaS) solutions
    • Network Infrastructure (ZTNA, CASB, VPN)
  • Drive the remediation of security vulnerabilities identified through assessments.
  • Build security automation to secure our corporate infrastructure.
  • Evaluate cutting-edge Enterprise Security technology designed to increase our security posture.

Qualifications

  • Is excited to build security controls to safeguard our systems and services.
  • Has working experience in Security Assurance: Penetration Testing, Code Review, Threat Modeling.
  • Is familiar with programming languages such as Python, Java, or Go for automation purposes.
  • Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
  • Is knowledgeable about the best practices and technologies of cloud security.
  • Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
  • Has strong communication skills and can explain complex security issues in understandable terms.
  • Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.
  • Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
  • Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust.
  • Is able to meet in person for their team’s scheduled collaboration weeks, traveling if necessary to the hub where their team is based.

Support for you, professionally and personally

  • Professional growth:We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We also support professional development and advancement with training, coaching, and regular feedback.
  • A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities including BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs. 
  • Comprehensive benefits for candidates based in Germany:Grammarly offers all team members competitive pay along with a benefits package encompassing life care (including mental health care and risk benefits) and ample and defined time off. We also offer support to set up a home office, wellness and pet care stipends, learning and development opportunities, and more.

We encourage you to apply

At Grammarly, we value our differences, and we encourage all to apply. Grammarly is an equal-opportunity company. We do not discriminate on the basis of race or ethnic origin, religion or belief, gender, disability, sexual identity, or age.

For more details about the personal data Grammarly collects during the recruitment process, for what purposes, and how you can address your rights, please see the Grammarly Data Privacy Notice for Candidates here

#LI-AD3

#LI-Hybrid

 

Apply for this job

+30d

Security Engineer, Detection & Response

GrammarlyUnited States; Hybrid
remote-firstDesignswiftc++python

Grammarly is hiring a Remote Security Engineer, Detection & Response

Grammarly is excited to offer aremote-first hybrid working model. Grammarly team members in this role must be based inthe United States, and, depending on business needs, they must meet in person for collaboration weeks, traveling if necessary to the hub(s) where their team is based.

This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

About Grammarly

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of theFortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we’re looking for a Security Engineer to join our Detection and Response (DART) team.  As a key member of our organization, you will be instrumental in safeguarding our digital assets and ensuring our security posture remains robust against emerging threats. If you have a passion for cybersecurity, a keen eye for detail, and extensive experience in security operations, we want to hear from you!

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

As a DART engineer, you will 

  • Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities within our environment.
  • Perform forensics and spearhead response efforts during security incidents. This includes triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.
  • Continuously tune our alerting rules to reduce false positives and enhance our signal-to-noise ratio, ensuring our detection systems are both effective and efficient.
  • Participate in our team’s on-call rotation, providing expert guidance and rapid response to security incidents as they arise.
  • Assist with the definition, creation, and maintenance of SIEM (Security Information and Event Management) detection rules and dashboards to provide clear, actionable insights.
  • Streamline our security operations by authoring comprehensive runbooks, writing automation scripts, and building SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
  • Improve our overall Incident Response process and ensure our readiness against adversaries.
  • Actively work to burn down the detection backlog, enhancing our detection coverage and accuracy across all monitored systems and applications.
  • Develop advanced detection strategies and tactics.
  • Collaborate on project and roadmap planning.

Qualifications

  • Has a minimum of 10 years in cybersecurity, with a focus on detection and response.
  • Is proficient in SIEM platforms and scripting languages (Python) and has familiarity with SOAR tools.
  • Has hands-on experience combating adversaries of varying sophistication (script kiddies to APT).
  • Has a foundational understanding of Corporate Security, including Mac endpoint security and Crowdstrike EDR.
  • Has professional experience with a commercial SIEM (Sumologic preferred).
  • L1, L2 SOC experience or "SOC-less" model (MDR, etc.).
  • Can define detection strategies and multi-quarter roadmaps.
  • Has strong expertise in incident handling and forensic investigation, with a proven track record of managing complex security incidents.
  • Has excellent analytical and problem-solving skills, with the ability to think critically under pressure.
  • Demonstrates strong verbal and written communication skills, capable of interacting with technical and non-technical stakeholders alike.
  • Has relevant industry certifications such as CISSP, GCIA, GCIH, or equivalent.
  • Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
  • Has strong communication skills and can explain complex security issues in understandable terms.
  • Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Compensation and Benefits

  • Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 
  • Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
  • Disability and life insurance options
  • 401(k) and RRSP matching 
  • Paid parental leave
  • 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and flexible sick time 
  • Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
  • Annual professional development budget and opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

United States: 
Zone 1: $270,000 – $320,000/year (USD)
Zone 2: $240,000 – $290,000/year (USD)

For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

We encourage you to apply

At Grammarly, we value our differences, and we encourage all to apply—especially those whose identities are traditionally underrepresented in tech organizations. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).


#LI-PM1

#LI-Hybrid

 

Apply for this job

+30d

Senior Security Engineer

PodiumRemote, US
Bachelor's degreeDesignrubypythonAWSjavascriptPHP

Podium is hiring a Remote Senior Security Engineer

At Podium, our mission is to help local businesses win. Our lead conversion platform, powered by AI and integrations, helps local businesses convert leads faster, communicate easier, and make more sales. Every day, thousands of local businesses utilize our review management, communication, marketing, and payments products. 

Our work and focus on helping local businesses thrive has been recognized across the industry, including Forbes’ Next Billion Dollar Startups, Forbes’ Cloud 100, the Inc. 5000, and Fast Company’s World’s Most Innovative Companies.

At Podium, we believe in fostering a culture that thrives on hiring and developing exceptional talent. Our operating principles serve as a compass, guiding daily behavior and decision-making, and ensure we hire people who will thrive at Podium. If you resonate with our operating principles and are energized by our mission, Podium will be a great place for you!

The Role

As a Senior Security Engineer at Podium, you will play a key role in shaping and implementing our corporate security strategy. Reporting to the Director of Security and collaborating with audit and compliance teams, you will design, implement, and manage secure solutions that align with our architectural designs, best practices, and regulatory requirements. Your expertise will help us navigate the evolving threat landscape and ensure our security measures are robust and forward-thinking.

In this position, you will be responsible for architecting solutions that secure our business operations and enable innovation. You'll work closely with diverse teams, including IT infrastructure, application development, security operations, and end users, to protect our organization and its assets. Your role will also involve guiding less experienced team members and providing technical leadership.

What you will be doing:

  • Stay updated on new security threats and ensure our systems can defend against them.
  • Own cloud infrastructure security
  • Own AI security
  • Manage vulnerability management system
  • Research and recommend new security solutions to enhance our security posture.
  • Develop and enforce security team standards, policies, procedures, and processes.
  • Plan and execute incident response and postmortem exercises, creating measurable benchmarks.
  • Conduct table-top exercises for Business Continuity/Disaster Recovery (BC/DR) and Incident Response testing.
  • Drive security efficiencies through automation and integration across technology and security architecture.
  • Collaborate with IT, engineering, development, and business teams to ensure security measures are effective and do not impede business processes.
  • Perform engineering performance testing to ensure security solutions are robust.
  • Provide day-to-day support for hardware, software, and managed solutions, ensuring they meet security standards.
  • Lead security team meetings and participate in security projects to evaluate and improve our security infrastructure.
  • Assist with incident response and system stability issues as needed, including outside regular work hours.
  • Ensure compliance with privacy laws and work with various teams to secure business-to-business initiatives, third-party relationships, and outsourced solutions.
  • Respond to service and escalation tickets and develop security test plans.
  • Regularly participate in change management meetings and follow security engineering fundamentals and processes.

What you should have:

  • 6+ years of experience in cybersecurity, including compliance and risk management.
  • Experience with cloud environments (AWS, GCP).
  • Strong technical and analytical skills, with a system and network security engineering background.
  • Experience in cloud computing technologies, including software-, infrastructure-, and platform-as-a-service.
  • Extensive knowledge of security controls and technologies, such as SIEM, IDS/IPS, PKI, IDAM, antivirus, firewalls, EDR, threat intelligence platforms, security automation, and orchestration.
  • Proficiency in meeting vulnerability management and penetration testing requirements.
  • Excellent communication skills to articulate business risk from cybersecurity issues.
  • Experience managing various security monitoring tools and platforms.
  • A track record of integrity, excellence, curiosity, and adaptability.
  • Additional qualifications include proficiency in scripting languages (Python, JavaScript, PowerShell, PHP, or Ruby) and regulatory standards (ISO 27001, NIST, PCI DSS, HIPAA, GDPR, etc.).

What we hope you have:

  • Familiarity with state privacy laws and ability to think strategically and tactically.
  • Highly trustworthy, with solid leadership qualities and a proactive approach to anticipating threats.
  • Bachelor's degree in computer science, information assurance, MIS, related field, or equivalent experience.
  • Relevant certifications such as CISSP, CRISC, CGEIT, or related.

Benefits:

  • Open and transparent culture 
  • Life insurance, long and short-term disability coverage
  • Paid maternity and paternity leave
  • Fertility Benefits
  • Generous vacation time, plus three 4-day summer holiday weekends
  • Excellent medical, dental, and vision benefits
  • 401k Plan with competitive company matching
  • Bi-annual swag drops with cool Podium gear and apparel 
  • A stellar HQ (Utah) gym with local professional coaches and classes offered
  • Onsite HQ (Utah) child care center, subsidized for employees
  • Additional benefits for fully remote employees

Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.

See more jobs at Podium

Apply for this job