IT Security Engineer

Our mission is simple: we want to set people free to do meaningful work. People love our software, and it turns out that people love working here too. We have been recognised as a "Best Company to Work For", and we are proud of our team for receiving awards for workplace effectiveness and flexibility.

As our Security Engineer, you will be responsible for managing our security posture as well as keeping our application safe from external threats. Our ideal Security Engineer will be able to manage IT-related security issues, such as firewall management, HIDS/HIPS configuration, log monitoring, and audit compliance (SOC II). You will ensure that our software application is both manually and automatically pentested for security vulnerabilities (both Red Team and Blue Team exercises), and be a decision maker in all things security management - able to "pull the plug" on a feature, application, or other business function if it represents a significant risk to the company.

You will:

• Conduct penetration tests against web applications infrastructure
• Validate security on new hardware and software infrastructure
• Assist front-line company representatives with security questions
• Manage firewall rules and internal pentesting
• Manage SOC II controls and external pentesting
• Manage priorities through backlog management system (Jira)

What You Need to Get the Job Done:

• 3+ years experience performing penetration testing (against web applications)
• Experience securing cloud-based infrastructures and solutions
• Previous experience working on an information security team
• Advanced knowledge of common security vulnerabilities (OWASP) and best practices
• Familiarity with SOC II controls and how to review them
• Experience in other technical roles (SysAdmin, Helpdesk, etc.)
• Strong understanding of Linux server environments
• Experience with Kanban and Agile DevOps workflows
• A good attitude and willingness to learn

What Will Make Us REALLY Love You:

• You have a degree in CS, IT, or similar field
• CISSP, Security+, or other security related or linux or cloud related certifications
• Previous scripting experience (Python, Perl, Ruby, or PHP)
• You possess strong time prioritisation skills
• You are proactive and look for ways to continuously increase efficiency
• Real world examples of demonstrated technical leadership

What You Will Love About Us:

• Great Company Culture. Business Best Companies to Work For (2020 & 2021) and the Sloan Award for Business Excellence in Workplace Effectiveness and Flexibility (2020 & 2021)
• Work that Stays at Work. Genuine work/life balance served here!
• Rest and Relaxation. 3 weeks paid time off, 11 paid holidays, and we pay you to go on vacation (ask us about this!)
• Health Benefits. Medical with HSA and FSA options, dental, and vision
• Prepare for the Future. 401(k) with company match
• Financial Peace University. Take the class, get reimbursed, get a bonus

An Equal Opportunity Employer--M/F/D/V. Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.