Remote Security Engineer

Posted

This job is closed

This job post is closed and the position is probably filled. Please do not apply.  Automatically closed by a robot after apply link was detected as broken.

Description:

  • The Security Engineer at Signifyd assists cybersecurity operations and vulnerability management across the organization.
  • This role works with other security engineers and analysts on the team by contributing integrations, implementations, and reviews with our security systems.
  • They setup, configure, and use these solutions to identify threats and vulnerabilities within our networks and applications.
  • The Security Engineer cross coordinates with other departments to ensure timely remediation.
  • This position reports to the Director, Head of Information Security and Compliance while supporting the Security Risk Manager with auditable evidence of control effectiveness.
  • Responsibilities include engineering data feeds, rules, and tuning for the system information and event manager (SIEM).
  • The engineer will triage security operations center (SOC) alerts as the Level II/III escalation support.
  • They will also triage secrets scanning, static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools.
  • Additional responsibilities include triaging cloud security posture management (CSPM), infrastructure as code (IaC) security scanning, and attack surface violations.
  • The engineer will identify patch management gaps using vulnerability management software and collaborate with IT and Engineering teams on resolutions.
  • They will perform internal security testing, assessments, and triaging of alerts from security tooling.
  • Conducting secure code reviews, secure design reviews, and threat modeling activities is also part of the role.
  • The engineer will support GRC activities through control evidence collection.
  • They will contribute to operational support activities for all security capabilities, including preparing self-service operational support documentation for developers and project teams, and responding to internal support chat groups.
  • The engineer will contribute to the design and development of observability metrics and monitoring capabilities for all security capabilities utilizing DevOps or SRE principles.
  • Lastly, they will support the creation and publication of metrics on security functions usage and remediation status for consumption by developers and project teams.

Requirements:

  • The candidate must have the ability to automate or develop basic tasks in at least one programming language such as Java, JavaScript, or Python.
  • Professional certifications such as WAPT, PPT, OSCP, etc., and/or a computer science degree are required.
  • A minimum of 1+ years of security engineer experience or 2+ years as a Security Analyst or equivalent is necessary.
  • Experience working with cloud technologies such as AWS, GCP, Azure, Docker, or Kubernetes is required.

Benefits:

  • Signifyd offers a Discretionary Time Off Policy (Unlimited!).
  • Employees benefit from a 401K Match.
  • Stock Options are available for employees.
  • An Annual Performance Bonus or Commissions are provided.
  • Paid Parental Leave of 12 weeks is offered.
  • On-Demand Therapy is available for all employees and their dependents.
  • A dedicated learning budget through Learnerbly is provided.
  • Health Insurance, Dental Insurance, and Vision Insurance are included.
  • A Flexible Spending Account (FSA) is available.
  • Short Term and Long Term Disability Insurance is provided.
  • Life Insurance is included in the benefits package.
  • Company Social Events are organized for employees.
  • Employees receive Signifyd Swag.
About the job
Posted on
Job type
Salary
$ 90,000 - 135,000 USD / year
Experience level
Leave a feedback