This job post is closed and the position is probably filled. Please do not apply.
π€ Automatically closed by a robot after apply link
was detected as broken.
Description:
The Security Engineer at Signifyd assists cybersecurity operations and vulnerability management across the organization.
This role works with other security engineers and analysts on the team by contributing integrations, implementations, and reviews with our security systems.
They setup, configure, and use these solutions to identify threats and vulnerabilities within our networks and applications.
The Security Engineer cross coordinates with other departments to ensure timely remediation.
This position reports to the Director, Head of Information Security and Compliance while supporting the Security Risk Manager with auditable evidence of control effectiveness.
Responsibilities include engineering data feeds, rules, and tuning for the system information and event manager (SIEM).
The engineer will triage security operations center (SOC) alerts as the Level II/III escalation support.
They will also triage secrets scanning, static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools.
Additional responsibilities include triaging cloud security posture management (CSPM), infrastructure as code (IaC) security scanning, and attack surface violations.
The engineer will identify patch management gaps using vulnerability management software and collaborate with IT and Engineering teams on resolutions.
They will perform internal security testing, assessments, and triaging of alerts from security tooling.
Conducting secure code reviews, secure design reviews, and threat modeling activities is also part of the role.
The engineer will support GRC activities through control evidence collection.
They will contribute to operational support activities for all security capabilities, including preparing self-service operational support documentation for developers and project teams, and responding to internal support chat groups.
The engineer will contribute to the design and development of observability metrics and monitoring capabilities for all security capabilities utilizing DevOps or SRE principles.
Lastly, they will support the creation and publication of metrics on security functions usage and remediation status for consumption by developers and project teams.
Requirements:
The candidate must have the ability to automate or develop basic tasks in at least one programming language such as Java, JavaScript, or Python.
Professional certifications such as WAPT, PPT, OSCP, etc., and/or a computer science degree are required.
A minimum of 1+ years of security engineer experience or 2+ years as a Security Analyst or equivalent is necessary.
Experience working with cloud technologies such as AWS, GCP, Azure, Docker, or Kubernetes is required.
Benefits:
Signifyd offers a Discretionary Time Off Policy (Unlimited!).
Employees benefit from a 401K Match.
Stock Options are available for employees.
An Annual Performance Bonus or Commissions are provided.
Paid Parental Leave of 12 weeks is offered.
On-Demand Therapy is available for all employees and their dependents.
A dedicated learning budget through Learnerbly is provided.
Health Insurance, Dental Insurance, and Vision Insurance are included.
A Flexible Spending Account (FSA) is available.
Short Term and Long Term Disability Insurance is provided.
Life Insurance is included in the benefits package.
Company Social Events are organized for employees.