person looking for a Security Operations Remote Jobs

Get Remote Security Operations Jobs in your mailbox.

100 exciting remote jobs on file from 2500+ top remote companies.

  • Hot new jobs of this week
  • 100 active jobs from past weeks to consult
  • Segmented for USA, Europe or Worldwide.
  • Personally selected for you by our experienced remote hiring managers.


A selection of jobs from the previous newsleterrs.

TripActions is hiring a Remote Staff Security Analyst, Customer Trust

Job Application for Staff Security Analyst, Customer Trust at Navan

See more jobs at TripActions

Apply for this job

7d

Security Engineer, Corporate Security

GrammarlyUnited States; Hybrid

Grammarly is hiring a Remote Security Engineer, Corporate Security

Grammarly is excited to offer a remote-first hybrid working model. Team members work primarily remotely in the United States, Canada, Ukraine, Germany, or Poland. Certain roles have specific location requirements to facilitate collaboration at a particular Grammarly hub.

All roles have an in-person component: Conditions permitting, teams meet 2–4 weeks every quarter at one of Grammarly’s hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków.This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

Grammarly team members in this role must be based in the United States, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity 

Grammarly is the world’s leading AI writing assistance company, trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly’s product offerings help people at 96% of theFortune500 get their point across—and get results. Grammarly has been profitable for over a decade because we’ve stayed true to our values and built an enterprise-grade product that’s secure, reliable, and helps people do their best work—without selling their data. We’re proud to be one of Inc.’s best workplaces, a Glassdoor Best Place to Work, one of TIME’s 100 Most Influential Companies, and one of Fast Company’s Most Innovative Companies in AI.

Trust is critical to Grammarly’s mission. The Enterprise Security team’s mission is to defend Grammarly’s corporate assets from all threats through risk reduction. Enterprise Security reduces risk to Grammarly by advising, supporting, building, operating, and assuring multiple critical preventive and reactive security controls in tight collaboration with teams and stakeholders across the company.

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer on the enterprise security team, you will be entrusted with the crucial responsibility of safeguarding Grammarly's corporate environment, where our amazing employees work their magic every day. From our versatile laptop fleet (Mac and Windows) to our innovative SaaS apps and other Corporate Infrastructure, you will play a vital role in ensuring our success and keeping our valuable assets secure. With a confident and thoughtful approach, you'll build and implement solutions that raise the security bar for our corporate infrastructure. If you love working on both security and operations, we are excited to have you join our dynamic team!

In this role, the Security Engineer will:

  • Contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust.
  • Collaborate with our Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies.
  • Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains, including:
    • Endpoint Detection and Response (EDR)
    • Email Security
    • Ransomware Resilience
    • Data Loss Prevention (DLP)/Insider Risk
    • Conditional Access
    • Vendor/Business Process Outsourcing (BPO) Security
    • Device Posture and Attestation, Shadow IT
    • Threat and Vulnerability Management (TVM)
    • Identity and Access Management (IAM)
    • Public Key Infrastructure (PKI)
  • Perform risk assessments and security assurance (threat modeling, code review as necessary) on a range of systems that support Grammarly’s business operations:
    • Operating Systems and commercial/open-source desktop applications
    • Internally developed Enterprise Infrastructure Services
    • Third-Party Software as a Service (SaaS) solutions
    • Network Infrastructure (ZTNA, CASB, VPN)
  • Drive the remediation of security vulnerabilities identified through assessments.
  • Build security automation to secure our corporate infrastructure.
  • Evaluate cutting-edge Enterprise Security technology designed to increase our security posture.

We’re looking for someone who

  • Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
  • Is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
  • Is able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
  • Is excited to build security controls to safeguard our systems and services.
  • Has working experience in Security Assurance: Penetration Testing, Code Review, Threat Modeling.
  • Is familiar with programming languages such as Python, Java, or Go for automation purposes.
  • Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
  • Is knowledgeable about the best practices and technologies of cloud security.
  • Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
  • Has strong communication skills and can explain complex security issues in understandable terms.
  • Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Support for you, professionally and personally

  • Professional growth:We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
  • A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs. 

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

  • Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
  • Disability and life insurance options
  • 401(k) and RRSP matching 
  • Paid parental leave
  • Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days 
  • Home office stipends
  • Caregiver and pet care stipends
  • Wellness stipends
  • Admission discounts
  • Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region’s cost of labor index. For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

United States: 
Zone 1: $320,000 - $380,000/year (USD)
Zone 2: $290,000 - $340,000/year (USD)

We encourage you to apply

At Grammarly, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

Please note that EEOC is optional and specific to US-based candidates.

#LI-PM1

#LI-Hybrid

All team members meeting in person for official Grammarly business or working from a hub location are strongly encouraged to be vaccinated against COVID-19.

 

Apply for this job

Grammarly is hiring a Remote Security Engineer, Product Security

Grammarly is excited to offer a remote-first hybrid working model. Team members work primarily remotely in the United States, Canada, Ukraine, Germany, or Poland. Certain roles have specific location requirements to facilitate collaboration at a particular Grammarly hub.

All roles have an in-person component: Conditions permitting, teams meet 2–4 weeks every quarter at one of Grammarly’s hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków.This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

Grammarly team members in this role must be based in the United States or Canada, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity 

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly’s product offerings help people at 96% of theFortune500 get their point across—and get results. Grammarly has been profitable for over a decade because we’ve stayed true to our values and built an enterprise-grade product that’s secure, reliable, and helps people do their best work—without selling their data. We’re proud to be one of Inc.’s best workplaces, a Glassdoor Best Place to Work, one of TIME’s 100 Most Influential Companies, and one of Fast Company’s Most Innovative Companies in AI.

To achieve our ambitious goals, we’re looking for a Security Engineer to join the Grammarly Product Security team. Our commitment to user trust is unwavering, and this new team member will play a crucial role in maintaining the trust of millions of users who rely on our products. With their expertise, we can drive security enhancements throughout the entire stack, from the UI to the back-end and underlying server infrastructure.

Grammarly’s engineers and researchers can innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer in Product Security, you will:

  • Partner with the product and engineering teams to integrate reproducible security practices into the product development lifecycle.
  • Develop and implement security processes to identify, evaluate, and mitigate security risks in our AI product.
  • Support our bug bounty security researcher community and maximize learning opportunities in our engineering processes.
  • Conduct threat models, code reviews, pen testing, and offensive security exercises.
  • Educate and mentor team members on best security practices.
  • Keep up-to-date with the latest security systems, standards, authentication protocols, and product offerings.
  • Represent Grammarly’s security engineering team both within and outside of the company.

We’re looking for someone who

  • It embodies our EAGER values—ethical, adaptable, gritty, empathetic, and remarkable.
  • Is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
  • Can collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
  • Has proven experience in security automation, DevSecOps, SRE, or a similar role.
  • Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
  • Is familiar with programming languages such as Python, Java, or Go.
  • Is knowledgeable about cloud security best practices and technologies.
  • Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
  • Has strong communication skills and can explain complex security issues in understandable terms.
  • Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Support for you, professionally and personally

  • Professional growth:We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
  • A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs. 

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

  • Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
  • Disability and life insurance options
  • 401(k) and RRSP matching 
  • Paid parental leave
  • Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days 
  • Home office stipends
  • Caregiver and pet care stipends
  • Wellness stipends
  • Admission discounts
  • Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region’s cost of labor index. For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

United States: 
Zone 1: $280,000 - $399,000/year (USD)
Zone 2: $250,000 - $350,000/year (USD)

We encourage you to apply.

At Grammarly, we value our differences and encourage all to apply. Grammarly is an equal-opportunity company. We do not discriminate based on race or ethnic origin, religion or belief, gender, disability, sexual identity, or age.

For more details about the personal data Grammarly collects during the recruitment process, for what purposes, and how you can address your rights, please see the Grammarly Data Privacy Notice for Candidates here

#LI-PF1

#LI-Hybrid

All team members meeting in person for official Grammarly business or working from a hub location are strongly encouraged to be vaccinated against COVID-19.

 

Apply for this job

7d

Security Engineer, Platform Security

GrammarlyUnited States; Hybrid
MLS3remote-firstterraformnosqlDesignjavac++elasticsearchpython

Grammarly is hiring a Remote Security Engineer, Platform Security

Grammarly is excited to offer a remote-first hybrid working model. Team members work primarily remotely in the United States, Canada, Ukraine, Germany, or Poland. Certain roles have specific location requirements to facilitate collaboration at a particular Grammarly hub.

All roles have an in-person component: Conditions permitting, teams meet 2–4 weeks every quarter at one of Grammarly’s hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków.This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

Grammarly team members in this role must be based in the United States, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity 

Grammarly is the world’s leading AI writing assistance company, trusted by over 30 million people and 70,000 professional teams daily. From instantly creating a first draft to perfecting every message, Grammarly’s product offerings help people at 96% of the Fortune 500 get their point across—and get results. Grammarly has been profitable for over a decade because we’ve stayed true to our values and built an enterprise-grade product that’s secure, reliable, and helps people do their best work—without selling their data. We’re proud to be one of Inc.’s best workplaces, a Glassdoor Best Place to Work, one of TIME’s 100 Most Influential Companies, and one of Fast Company’s Most Innovative Companies in AI.

We’re looking for a security engineer to join our Platform Security team to achieve our ambitious goals. This person will substantially impact maintaining the trust of the millions of users who rely on Grammarly product offerings daily. They will drive security improvements across our cloud and data platform while empowering engineering teams to operate fast and safely.

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer - Platform Security, you will:

  • Collaborate closely with product and engineering teams to integrate robust security features directly into our platform.
  • Design and implement advanced tooling and processes to comprehensively monitor and secure our platform infrastructure.
  • Facilitate cross-team efforts among Cloud and Data Platform engineering groups to enhance security without compromising development speed.
  • Develop and implement security processes to identify, evaluate, and mitigate security risks across our AI products.
  • Design and Implement Just-In-Time (JIT) and role-based access controls to safeguard our production environment and customer data effectively.
  • Craft and apply a strategic cloud and infrastructure security framework, contributing to the program's strategic direction and roadmap.
  • Engage in proactive collaboration with diverse teams, from full-stack developers to ML engineers and data scientists, ensuring the integration of security best practices into every phase of the development lifecycle.

We’re looking for someone who

  • Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
  • It is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
  • Can collaborate in person three weeks per quarter, traveling if necessary to the hub where the team is based.
  • Possesses a proven track record in enhancing security across various data platforms, including Databricks, NoSQL, ElasticSearch, S3, and Kafka.
  • Operates primarily as a 'security builder,’ working alongside engineering teams. This includes designing, implementing, and operating services with a strong focus on security.
  • Has significant experience deploying Cloud and Data Infrastructure through Terraform, CloudFormation, or Cloud Development Kit (CDK), along with proficiency in programming languages such as Python, Java, and Go.

Support for you, professionally and personally

  • Professional growth:We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
  • A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs. 

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

  • Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
  • Disability and life insurance options
  • 401(k) and RRSP matching 
  • Paid parental leave
  • Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days 
  • Home office stipends
  • Caregiver and pet care stipends
  • Wellness stipends
  • Admission discounts
  • Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region’s cost of labor index. For more information about our compensation zones and places where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future. 

United States: 
Zone 1: $280,000 - $399,000/year (USD)
Zone 2: $250,000 - $350,000/year (USD)

We encourage you to apply

At Grammarly, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

#LI-PM1

#LI-Hybrid

All team members meeting in person for official Grammarly business or working from a hub location are strongly encouraged to be vaccinated against COVID-19.

 

Apply for this job

Cloudflare is hiring a Remote IAM Security Analyst

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. 

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! 

Available Locations: Lisbon, Portugal or Mexico City, Mexico

About the role 

As an Identity and Access Management (IAM) Security Analyst you will play a key role in efficiently managing user identities and access across the enterprise. You will be responsible for implementing technologies and designing processes to ensure users have authorized access to resources and systems.   

What You’ll Do

  • Automate user provisioning and deprovisioning processes to enhance efficiency.
  • Design, implement, and manage Identity Access & Governance policies and procedures.
  • Conduct access certifications and enforce access controls based on organizational policies.
  • Define and enforce privileged access management (PAM) policies to secure sensitive systems and data.
  • Manage user onboarding, offboarding, and role changes, ensuring adherence to security policies and compliance requirements.
  • Define and enforce access control policies, including, but not limited to, role-based access control (RBAC), least privilege principle, and segregation of duties (SoD).
  • Conduct periodic access reviews and audits to maintain compliance.
  • Collaborate with cross-functional teams, including IT, security, and compliance, to ensure IAM aligns with business goals.
  • Communicate IAM-related updates and recommendations to stakeholders.
  • Maintain comprehensive documentation of IAM policies, processes, and configurations.
  • Generate reports and metrics related to IAM activities and security posture.
  • Stay current with industry best practices, regulations, and compliance standards related to IAM, such as FedRamp, SOX, GDPR, PCI, and NIST.

Examples of desirable skills, knowledge and experience.

  • In-depth understanding of IAM concepts, technologies, standards, and best practices.
  • Experience in Identity and Access Governance performing policy enforcement, role management, and access certifications
  • Experience implementing privileged access management (PAM)
  • Experience drafting IAM security standards and policies
  • Preferred background in scripting and/or application development to automate identity and access management processes.

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: We equip politically and artistically important organizations and journalists with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: We created Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration.

Path Forward Partnership: Since 2016, we have partnered with Path Forward, a nonprofit organization, to create 16-week positions for mid-career professionals who want to get back to the workplace after taking time off to care for a child, parent, or loved one.

1.1.1.1: We released 1.1.1.1to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitmentand ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer.  We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness.  All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.  If you require a reasonable accommodation to apply for a job, please contact us via e-mail athr@cloudflare.comor via mail at 101 Townsend St. San Francisco, CA 94107.

See more jobs at Cloudflare

Apply for this job

8d

Senior Application Security Engineer

CLEAR - CorporateNew York, New York, United States (Hybrid)

CLEAR - Corporate is hiring a Remote Senior Application Security Engineer

We’re looking for an experienced Senior Application Security Engineer to help us secure the next generation of products which will go beyond just ID and enable our members to leverage the power of a networked digital identity. As a Senior Security Engineer at CLEAR, you will participate in the design, implementation, testing, and deployment of applications to build and enhance our platform- one that interconnects dozens of attributes and qualifications while keeping member privacy and security at the core. 

A brief highlight of our tech stack:

  • Java / Javascript / React / Typescript / Python / Postgres
  • AWS cloud 

What you'll do:

  • Work side by side with engineering and product resources to define security requirements for new features and services
  • Build threat models, testing plans, and validation strategies to ensure a high secure bar for the system
  • Review code, infrastructure, and architecture for common security flaws, as well as bespoke, business logic flaws
  • Perform and manage penetration tests of critical features
  • Develop and maintain tools and infrastructure, such as SAST and DAST scanning 
  • Bridge and facilitate communication between engineering teams and other parts of the Security organization

What you're great at:

  • You understand how to analyze a system and look for potential threats at every stage of the SDLC. You have experience with system design reviews, threat modeling, and common vulnerabilities in Web and Mobile applications
  • You have worked with cloud-based architectures, especially those built on AWS and Kubernetes
  • You can write software beyond small scripts, and you are proficient in one (or more) of the following languages: Java, Javascript, Python
  • You are a strong communicator who can explain security concepts to a variety of audiences and levels, as well as work collaboratively across technical and non-technical teams
  • You are comfortable with high levels of autonomy and delivering on complex goals

How You'll be Rewarded:

At CLEAR we help YOU move forward - because when you’re at your best, we’re at our best. You’ll work with talented team members who are motivated by our mission of making experiences safer and easier. Our hybrid work environment provides flexibility. In our offices, you’ll enjoy benefits like meals and snacks. We invest in your well-being and learning & development with our stipend and reimbursement programs. 

We offer holistic total rewards, including comprehensive healthcare plans, family building benefits (fertility and adoption/surrogacy support), flexible time off, free OneMedical memberships for you and your dependents, and a 401(k) retirement plan with employer match. The base salary range for this role is $150,000 - $190,000, depending on levels of skills and experience.

The base salary range represents the low and high end of CLEAR’s salary range for this position. Salaries will vary depending on various factors which include, but are not limited to location, education, skills, experience and performance. The range listed is just one component of CLEAR’s total compensation package for employees and other rewards may include annual bonuses, commission, Restricted Stock Units

About CLEAR

Have you ever had that green-light feeling? When you hit every green light and the day just feels like magic. CLEAR's mission is to create frictionless experiences where every day has that feeling. With nearly 19 million passionate members and hundreds of partners around the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - unlocking easier, more secure, and more seamless experiences - making them all feel like magic.

CLEAR provides reasonable accommodation to qualified individuals with disabilities or protected needs. Please let us know if you require a reasonable accommodation to apply for a job or perform your job. Examples of reasonable accommodation include, but are not limited to, time off, extra breaks, making a change to the application process or work procedures, policy exceptions, providing documents in an alternative format, live captioning or using a sign language interpreter, or using specialized equipment.

#LI-Hybrid #LI-Onsite

See more jobs at CLEAR - Corporate

Apply for this job

RedSeal is hiring a Remote Security Engineer

Security Engineer - RedSeal - Career PageSee more jobs at RedSeal

Apply for this job

Celonis is hiring a Remote Senior Security Automation Engineer

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.

The  Team:

Our Global information security organization is responsible for security and trust. We think about security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape. The security engineering team is always looking for talented subject matter experts in application, platform and offensive security.

The Role:

Celonis is looking for talented senior security engineers to join our Security Engineering Org. You will work directly with our cloud platform to help engineer the next generation platform infrastructure stack. In order to be successful you will need to have hands-on experience in working on developing cloud systems at scale, a solid understanding of security controls, how to design enterprise systems with security in-mind, and a strong threat modeling experience. In this role, you will have the opportunity to significantly contribute to making Celonis's next generation platform infrastructure secure by design.

The work you’ll do:

  • Improve and help shape the security posture of Celonis’s Platofrm Infrastructure.
  • Design, build and deploy automation at scale that improves Celonis’s production security infrastructure. 
  • Improve monitoring and alerting across Celonis’s platform to help our SOC react to security threats quickly and efficiently.
  • Identifying areas that can improve our cloud security and engineer solutions to increase our security posture..
  • Work closely with Celonis’s infrastructure team as the subject matter expert on all things Infrastructure & Cloud Security.
  • Collaborate with Security and Engineering teams to incorporate strong security controls, apply security best practices in our development life cycle, and mitigate risks and security vulnerabilities..
  • Implement technical prototypes to understand new technologies as well as identify and manage risks for projects in active development.
  • Help the engineers around you level-up on their own security reasoning and knowledge

The qualifications you’ll need:

  • Bachelor's degree in Computer Science, Information Science, Cyber Security, Computer or Electrical Engineering (or similar field), and 2+ years in security.
  • 4+ years software development and/or security engineering experience
  • Experience with infrastructure-as-code and using automation tools like Terraform.
  • Solid understanding of what it takes to build and operate secure systems at scale.
  • Experience with multi-cloud environments, container deployments, CI/CD pipelines, and orchestration with Kubernetes.
  • Significant technical exposure with AWS, GCP and Azure services and security controls.
  • Strong desire to perform and grow as a security engineer and educate other engineers
  • Demonstrated technical initiative and leadership

 

 

What Celonis can offer you:

  • The unique opportunity to work with industry-leading process mining technology
  • Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, L&D platform, mentorships, and more)
  • Great compensation and benefits packages (equity (restricted stock units), life insurance, time off, generous leave for new parents from day one, and more)
  • Physical and mental well-being support (subsidized gym membership, access to counseling, virtual events on well-being topics, and more)
  • A global and growing team of Celonauts from diverse backgrounds to learn from and work with
  • An open-minded culture with innovative, autonomous teams
  • Business Resource Groups to help you feel connected, valued and seen (Black@Celonis, Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
  • A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future

About Us

Since 2011, Celonis has helped thousands of the world's largest and most valued companies deliver immediate cash impact, radically improve customer experience and reduce carbon emissions. Its Process Intelligence platform uses industry-leading process mining technology and AI to present companies with a living digital twin of their end-to-end processes. For the first time, everyone in an organisation has a common language about how the business works, visibility into where value is hidden and the ability to capture it. Celonis is headquartered in Munich (Germany) and New York (USA) and has more than 20 offices worldwide.

Get familiar with the Celonis Process Intelligence Platform by watching this video.

Join us as we make processes work for people, companies and the planet.

 

Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Different makes us better.

Accessibility and Candidate Notices

See more jobs at Celonis

Apply for this job

Databricks is hiring a Remote Sr. Security Detection Engineer

Job Application for Sr. Security Detection Engineer at Databricks

See more jobs at Databricks

Apply for this job

BlueVoyant is hiring a Remote Security Engineer II

Security Engineer II - BlueVoyant - Career PageCr

See more jobs at BlueVoyant

Apply for this job

Lattice is hiring a Remote Senior Staff Cloud Security Engineer

This is Engineering at Lattice

Lattice’s Engineering team continuously works to better our product and our craft. We use a modern, cutting-edge tech stack and love experimenting with new technologies. We strive for maintainable, robust, and performant code. We’re highly collaborative and continuously iterative and work closely with designers and product managers. We prioritize not only great technical architecture but also an amazing product experience.

Lattice is looking for someone interested in taking on complex challenges in a fast-paced, collaborative environment and directly impacting the architecture of our cloud platforms, the maturity of our cloud security posture, and our security monitoring and investigative capabilities. 

Who you are

You have 10+ years of professional experience in cloud infrastructure development with AWS, containerization, and orchestration, as well as a deep understanding of security concepts and principles, including encryption, authentication and authorization, least privileged access, and security monitoring and incident response.

  • You have an advanced understanding of software and security architectures
  • Deep experience in performance, reliability, monitoring, and incident response
  • Proficiency in coding and scripting - including experience with either TypeScript or JavaScript
  • Very strong interpersonal skills - must be able to demonstrate an ability to work well with other non-technical members of the team.
  • You seek out the root cause of problems when investigating a security concern, or security incident, and champion improvements over time that will prevent future issues.

You are a great communicator and collaborator.

  • You take care to architect and implement solutions that your colleagues will be able to comprehend, own, and maintain.
  • You are clear and concise in explaining your thought process and in enumerating the tradeoffs made in your recommendations and in your own work.
  • You work well with platform engineering, as well as product managers, to come up with optimal solutions.

You enjoy taking an engaged role in the development process.

  • You love mentoring and guiding other software and security engineers who are newer to the industry.
  • You have experience spearheading planning and delivering the development roadmap for software projects.

You like variety and take pleasure in addressing problems for internal and external customers.

  • You enjoy working with a diverse set of stakeholders, tools, and partner to build and enhance foundational features.
  • You can identify and mitigate the risks inherent in foundational development work.
  • You grasp operational difficulties and devise and create maintainable, scalable solutions to them.

Responsibilities

The mission of the Lattice Security team is to enable the business, reduce organizational risk, and build customer trust by proactively identifying, assessing, and mitigating security and compliance risks in the organization, cloud infrastructure, and product.  

  • Provide technical assessments, enhancement opportunities, and process optimizations for the Lattice security monitoring, alerting, and security incident response program
  • Provide technical leadership, and guidance in the secure design, implementation, and maintenance of our cloud infrastructure and key platform services.
  • Collaborate with cross-functional teams to drive innovation and increase security, confidentiality, data integrity and privacy, and site reliability.
  • You will work with other engineers across a modern tech stack. Our current stack includes React, Relay Modern, GraphQL, Node, and PostgreSQL. We rely on AWS to host our infrastructure.
  • Your work will directly boost Lattice’s bottom line through EPD enablement, risk reduction, and support in building and bolstering customer trust - resulting in reduced customer churn, increased customer satisfaction, and enhanced customer ARR.

--

The estimated annual cash salary for this role is $181,500 - $281,000. This position is also eligible for incentive stock options, subject to the terms of Lattice’s applicable plans

Benefits: The Company offers the following benefits for this position, subject to applicable eligibility requirements: Medical insurance; Dental insurance; Vision insurance; Life, AD&D, and Disability Insurance; Emergency Weather Support; Wellness Apps; Paid Parental Leave, Paid Time off inclusive of holidays and sick time; Commuter & Parking Accounts; Lunches in the Office, Internet and Phone Stipend; One time WFH Office Set-Up Stipend; 401(k) retirement plan; Financial Planning; Learning & Development Budget; Sabbatical Program; and Invest in Your People Fund

*Note on Pay Transparency:

Lattice provides an estimate of the compensation for roles that may be hired as required by state regulations. Compensation may vary based on (a) location, as Lattice factors in specific location when benchmarking compensation for most roles; (b) individual candidate skills and qualifications; and (c) individual candidate experience.

Additionally, Lattice leverages current market data to determine compensation, so posted compensation figures are subject to change as new market data becomes available. The salary, other compensation, and benefits information is accurate as of the date of this posting. Lattice reserves the right to modify this information at any time, subject to applicable law.

#LI-remote

About Lattice

Lattice is on a mission to build cultures where employees and their companies thrive. In an age where employees have more choices than ever before, businesses that put employees first are winning ????– and Lattice is building the tools to empower those people-centric companies.

Lattice is a people success platform that offers performance reviews, employee engagement surveys, real-time feedback, weekly check-ins, goal setting, and career planning in a way that allows companies to focus on employee development, growth, and engagement – yielding stronger employee retention, performance, and impact to the bottom line ????. Since launching in 2016, we have grown to over 5,000+ customers globally, including brands like Slack, Robinhood, and Gusto. 


Lattice is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Lattice is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.

By clicking the "Submit Application" button below, you consent to Lattice processing your personal information for the purpose of assessing your candidacy for this position in accordance withLattice's Job Applicant Privacy Policy.

Apply for this job

14d

Senior Offensive Security Engineer

PraetorianRemote within United States or Canada

Praetorian is hiring a Remote Senior Offensive Security Engineer

Company Overview: 

At Praetorian, we are bringing together the world's brightest minds in pursuit of solving the cybersecurity problem by reducing the friction of security and enabling the next wave of technological innovation. From projects that range from cryptocurrency exchanges to autonomous vehicles and from medical device platforms to space telescopes, we apply expertise and engineering to help secure our customers.

Explore our exciting New Hire Survival Guide to dive into Praetorian's mission, vision, values, and culture! Discover our competitive benefits and perks we offer.

Career Opportunity:

  • Join an industry with massive socio, economic, and political importance in the 21st century
  • Work alongside some of the best and the brightest minds in the security industry
  • Work with prominent clients and help them solve hard security problems
  • Leave an indelible mark on a company where individual input has real impact
  • Align your career trajectory with a hyper-growth company that is on the move

Core Responsibilities:

  • Provide technical execution on challenging offensive security projects for our customers
  • Identify nuanced vulnerabilities in advanced systems
  • Develop custom methodologies, payloads, exploits, and tools to ensure project success
  • Develop documentation for novel mitigation strategies to emerging or undocumented security risks identified in client environments
  • Develop comprehensive reports and presentations for our customers
  • Serve as a mentor to other engineers in their technical and professional development
  • Collaborate with the security community to develop novel attack techniques, tactics, and procedures (TTPs) through Praetorian’s Security Blog and other forms of community engagement

Desired Qualifications:

  • Demonstrated passion for cybersecurity
  • 2+ years of experience in at least three of the following:
    • Product Security Testing (Application, Mobile, LLM)
    • Cloud Security (AWS, Azure, GCP)
    • Web Application Penetration Testing
    • Internal/External Network Penetration Testing
    • Red Team
    • IoT Security (Embedded, Firmware, Wireless)
    • Secure Code Review
    • Reverse Engineering 
    • Vulnerability Research/ Exploit Development 
  • Experience developing payloads, exploits or tools
  • Ability to write technical reports and present technical findings both internally and externally
  • Experience with startup and/or high-tech companies
  • PNPT, BSCP, OSCP, or OSWE certifications

+1 Qualifications:

  • Prior security consulting experience
  • Software or web application development experience in multiple languages
  • Experience with cutting edge technology stacks and modern security technologies
  • Capture-the-flag, CCDC, CPTC or other security related competitions
  • Ranked achievements on testing platforms such as Hack the Box, Tryhackme, Portswigger and similar 
  • Pursuit of advanced learning opportunities via security training courses, conferences, personal projects and similar 
  • Track record in vulnerability research and CVE assignments
  • Security community experience via presentations, conference attendance, blogs, white papers and similar 
  • OSCE, OSEP, OSED, CRTO, cloud certifications and similar 
  • Ability to travel up to 15% to support client engagements

Desired Behaviors:

  • Fanatical passion for cybersecurity and the challenges it presents
  • Customer centric focus with an obsessive need to wow and delight each client
  • Ability to maintain high levels of output and work ethic
  • Personable individual who enjoys working in a team-oriented environment
  • Self-starter and independent learner that is able to spin up quickly

Compensation & Benefits:

  • Competitive salary
  • Employee stock option plan
  • Annual budget for training, certifications, and conferences
  • Competitive coverage on health, dental, and vision insurance premiums
  • 4% company 401K matching vested immediately 

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

We are committed to an inclusive and diverse Praetorian.  We are an equal opportunity employer.  We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

 



See more jobs at Praetorian

Apply for this job

17d

Cybersecurity Analyst (Remote)

AxurSão Paulo,State of São Paulo,Brazil, Remote

Axur is hiring a Remote Cybersecurity Analyst (Remote)

Axurians are passionate professionals! We value the obsession towards efficiency and trust mature people to deal with all the freedom we provide in our environment. We truly believe in respect and true ownership, which are essential to our culture and an excellent customer relationship. We are guided by “more data, less opinion" and intellectual humility. At Axur, you will directly work with the latest technology in a challenging environment and have the autonomy to bring your ideas and make your own decisions!

Like all our other openings, this opportunity is open to professionals with disabilities (PwD).

Are you interested in cybersecurity?

We are looking for a Cyber Security Analyst to join our team, performing a support role in mapping threats and vulnerabilities and developing projects to mitigate them. An organized, communicative, proactive person willing to build a world-class cybersecurity team, which results in the growth of the whole Axur team.

A typical workday might include:

  • Analyzing security indicator reports (patches, vulnerabilities, etc.) and ensuring necessary actions are implemented;
  • Opening tickets for Cyber partners and the Infrastructure department for incident handling;
  • Serving as the point of contact for clarifying inquiries related to Cyber Security;
  • Participating in webinars and internal training sessions on topics such as LGPD, Phishing, Cyber Security, etc.;
  • Internally disseminating best security practices;
  • Participating in executions of the operation procedure for responding to security incidents;
  • Assisting in external and internal audits;
  • Developing and conducting monitoring activities;
  • Mapping threats and vulnerabilities and developing projects to mitigate them;
  • Contributing to the construction and enhancement of monitoring and detection processes;
  • Supporting users in installing security tools such as EDR, and XDR, among others;
  • Managing user accounts, permissions, and access to all systems and applications used by Axur;
  • Managing the company's IT infrastructure, including networks, operating systems, software, and hardware;
  • Ensuring all company computers are properly configured, updated, and operating efficiently;
  • Monitoring and troubleshooting issues related to operating systems, applications, and networks;
  • Providing technical support to employees regarding IT matters.

Indispensable Requirements:

  • Minimum 2 years of experience working with cybersecurity;
  • Fluency in Portuguese;
  • Fluency in English;
  • Knowledge in EDR/XDR and Firewalls;
  • Knowledge in WAF;
  • Knowledge in Vulnerability scanning and management;
  • Knowledge of AWS infrastructure;
  • Knowledge of Linux and Windows operating systems.

Additional Qualifications:

  • Fluency in Spanish;
  • SIEM knowledge;
  • Knowledge in Pentesting
  • Knowledge in Python;
  • Knowledge of cybersecurity frameworks (MITRE, ATT&CK, NIST, CIS, and others);
  • Knowledge in DevOps;
  • Knowledge of IAM and/or MDM;
  • Knowledge in DFIR;
  • Knowledge of Google Workspace management.
  • Home office assistance: an allowance of R$ 2,000.00 in the first month to buy all the items for your home office. Axur will send only the laptop (which must be returned to the company in case of departure);
  • Flexible benefit of R$ 924,00 per month;
  • Health insurance and dental plan (Bradesco Top Nacional);
  • Annual Employee Bonus Plan;
  • Possibility of Employee Stock Options Plan (equity participation in the company);
  • Anywhere Office work model;
  • Super flexible hours;
  • TotalPass;
  • Language classes and a platform for study with more than 25 idioms.
  • Culture focused on the individual development of Axurians (360º evaluation and Individual Development Plan (IDP);
  • Agreements and partnerships for individual development (Coursera, Udemy, OpenEnglish, Fisk, MBA USP ESALQ, and others);
  • Internal Rewards Programs (Best Recruiters, and others)
  • Parental Leave Program (Pregnant and Companion; Adopter and Adaptation period).

See more jobs at Axur

Apply for this job

Competitive Range Solutions, LLC is hiring a Remote Cybersecurity Engineer Senior

Job Description:

Competitive Range Solutions is looking for a Cybersecurity Engineer Senior to provide cybersecurity on a DoD classified environment and systems.

The Cybersecurity Engineer Senior contract specific tasks include:

  • Provide Cybersecurity support for the DoD organizations Cyber program and recommend improvements to include Tools, Techniques, and Processes and implement government approved improvements.
  • Maintain Cybersecurity Knowledge Articles and ensure information is current, relevant, and comprehensive for both Cybersecurity and IT staff, as well as the users within the DoD organization.
  • Continuously evaluate the implemented Cybersecurity processes to continuously identify efficient, effective, and compliant process improvements and submit recommendations to the government for approval.
  • Perform periodic inspections, audits and assessments of Cybersecurity specific functions and artifacts; remediate any findings and notify the Information System Security Manager (ISSM) of the corrected items.
  • Provide responses to Cybersecurity assigned task orders prior to applicable suspense dates.
  • Provide recommendations for briefings to leadership regarding the DoD organizations Cybersecurity program as needed.
  • Respond to classified spillage notifications, coordinating with ARL Security, ARL IT Staff, and Legal Offices to minimize the impact on ARL resources. The Contractor shall follow DoD and Army regulations, policies, and guidelines. The Contractor shall report to Army Cyber Command (ARCYBER) as required.
  • Process, track, and ensure proper decommissioning of Classified Equipment via the classified Turn-In process.
  • Manage the CTO 22-025: Data Loss Prevention (DLP)documentation processing, tagging, updating for all sites.

Qualifications/Experience:

  • At least 5 years of Cybersecurity Experience.
  • At least 2 years supporting classified networks.
  • Must be a US Citizen and have a Top-Secret security clearance.
  • Must have IAM II Level Baseline Certification.

Physical Demands

  • Ability to type, email, communicate via telephone effectively and sit for extended periods of time.

See more jobs at Competitive Range Solutions, LLC

Apply for this job

Samsara is hiring a Remote Security Engineer - Vulnerability Management

Job Application for Security Engineer - Vulnerability Management at SamsaraApply for this job

Square is hiring a Remote Senior Application Security Engineer

Job Description

Protect the Future of Finance
Block's Offensive Security team is on a mission to safeguard the financial systems of tomorrow. We're seeking a seasoned Senior Application Security Engineer to join our elite squad of security engineers. As a key player on our team, you'll be responsible for identifying and crushing security vulnerabilities in our applications, ensuring the integrity of our systems, and protecting the trust of our customers. We don't throw security problems over the wall. We understand the struggle of our engineers and provide contextual guidance for a diverse, complex and cutting edge tech stack that enables the business. We don't work in isolation, engineering and security teams at Block are our partners. We collaborate with our partners at every opportunity we can find and place the needs of our partners at the highest priority. 

Your Mission:

  • Conduct penetration tests, source code reviews, and design reviews to uncover hidden security threats
  • Participate in red and purple team operations, outsmarting attackers and fortifying our defenses
  • Dive deep into our tech stack to develop a mastery of our applications and services
  • Stay one step ahead of threat actors, understanding their tactics and motivations
  • Review and improve the designs of complex systems, ensuring they're secure by design
  • Communicate critical security findings to cross-functional teams, providing contextual remediation steps and guiding resolutions every step of the way
  • Help respond to incidents and reproduce bug bounty reports.

Qualifications

Your Secret Weapons:

  • 5+ years of experience in penetration testing, with a proven track record of being able to write proof-of-concept exploits that demonstrate impact.
  • Exceptional communication, collaboration, and problem-solving skills.
  • Ability to work independently, managing multiple projects with ease and navigating technically complex apps and services. 
  • In-depth knowledge of secure design patterns
  • Bonus points for experience with:
    • AWS Security
    • AI Security
    • Red teaming
    • Kubernetes and Docker security
    • Mobile app security

What You'll Get:

  • The opportunity to make a real impact on the security of our applications and the financial industry as a whole.
  • A collaborative and dynamic work environment with a team of security experts.
  • Freedom to do security research that has the potential to have a deep impact on Block.
  • An environment where conference presentations are highly encouraged.

See more jobs at Square

Apply for this job

BlueVoyant is hiring a Remote Senior Cloud Security Engineer

Senior Cloud Security Engineer - BlueVoyant - Career PageSee more jobs at BlueVoyant

Apply for this job

InMarket is hiring a Remote Staff Information Security Engineer

Title: Staff Information Security Engineer                        

Location:Remote - US ONLY

About inMarket

Since 2010, InMarket has been the leader in 360-degree consumer intelligence and real-time activation for thousands of today’s top brands. Through InMarket's data-driven marketing platform, brands can build targeted audiences, activate media in real time, and measure success in driving return on ad spend. InMarket's proprietary Moments offering outperforms traditional mobile advertising by 6x.* Our LCI attribution platform, which won the MarTech Breakthrough Award for Best Advertising Measurement Platform, was validated by Forrester to drive an average of $40 ROAS for our clients.
*Source: Wordstream US Google Display Benchmarks for Mobile Media

About the Role

Join the team responsible for protecting our customers, our data, and our company from malicious actors at all levels. We are an outcomes focused team, focused on enabling our internal customers for success by providing them with clear guidance and strong security controls. We're looking for an exceptional engineer to join the team at the center of security and safety here at InMarket.

Your Daily Impact as a Staff Information Security Engineer
In this role you will be responsible for working with great depth and breadth to build safeguards, detections, and controls to protect InMarkets vast amounts of data. Here you’ll truly be at the front lines taking on meaningful work to defend our company and our peers.

You will be working and communicating closely with many technical teams to develop context and foresight into what our true risks are, and work towards holistic long lasting remediation with guidance and real world solutions. Our goal is to create a cohesive balance between risk, operational effectiveness, and compliance.

The ideal candidate for this team is someone who is a strong, interested, well rounded engineer with a passion for security as well as a natural collaborator who can understand business needs and develop security solutions that empathize with people's experiences.

Your Experience and Expertise

  • BS in computer science / cybersecurity, or equivalent experience
  • 5+ years of experience in engineering, information security operations or related IT operations
  • Strong experience in Linux administration
  • Strong development & scripting experience. (Javascript / Ruby, Python preferred)
  • Strong experience in AWS, GCP, or both
  • Good networking fundamentals

Nice to Haves 

  • Experience working in Hackthebox, CTF, Hackathons, etc.
  • Ability to provide a sample portfolio or work examples (GitHub, Hackthebox, CTF, Hackathon) is highly preferred
  • Varied security engineering experience with a specialty in one or more areas of security such as: (Cloud Security, Vulnerability Management, Application Security, Penetration Testing / Offsec, DevSecOps, Third Party / SaaS Security, Identity and Access Management, Incident Response)
  • Experience performing security / architecture / code reviews
  • Good hands-on background in building tooling using many security products
  • Terraform / IaC experience
  • Kubernetes / Container experience
  • Controls and Standards knowledge (SOC2, NIST CSF, 800-53, CIS)
  • SOC2 audit experience
  • Familiar with Security Reference Architectures and actual best practices
  • Experience building out security tooling from common vendors
  • Active member or speaker in the security / technology community
  • Ability to work and multitask under high pressure situations
  • Excellent written and verbal communication skills. Ability to communicate highly complex security concepts to both technical and non-technical audiences

Finally, here are a few more reasons why we love this work and think that you will too:

  • This is a diverse role with unparalleled visibility where you’ll be able to learn new tech daily.
  • You will have the opportunity to shape the security function with the support and autonomy to actually do it.
  • Great support from executive leadership who understand the true value in security and genuinely back the mission.

Benefits Summary

  • Competitive salary, stock options, flexible vacation
  • Medical, dental and Flexible Spending Account (FSA)
  • Company Matched 401(k)
  • Unlimited PTO (Within reason)
  • Talented co-workers and management
  • Agile Development Program (For continued learning/professional development)
  • Generous Paid Parental Leave

 

For candidates in California, Colorado, and New York City, the Targeted Base Salary Range for this role is $145,000 to $195,000. 

Actual salaries will vary depending on factors including but not limited to work experience, specialized skills and training, performance in role, business needs, and job requirements. Base salary is subject to change and may be modified in the future. Base salary is just one component of InMarket’s total rewards package that also may include bonus, equity, and benefits.  Ask your recruiter for more information!

At InMarket we are committed to a culture that supports diversity, inclusion, belonging and equal opportunity. We celebrate all people and believe everyone deserves respect regardless of race, gender, sexual orientation, backgrounds, experiences, abilities or beliefs.

InMarket is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability, or veteran status.

Privacy Notice for California Job Applicants: https://inmarket.com/ca-notice-for-job-applicants/

#LI-Remote

See more jobs at InMarket

Apply for this job

iManage is hiring a Remote Senior Application Security Engineer (Remote, India)

Senior Application Security Engineer (Remote, India) - iManage - Career Page LaFrate), has to say about the role: “You will work on an enterprise application security team supporting continual improvement while leveraging a wide range of industry best practices. You will work both independently and collaboratively with a global team of engineers to deliver quality, hardened, industry leading enterprise solutions. Your contributions will be noticed, impactful and rewarding.

See more jobs at iManage

Apply for this job

Vidyard is hiring a Remote Senior Security Analyst

At Vidyard, we make life easier for sellers, marketers and corporate communicators. Our video messaging tools, digital sales room platform, and other products are used by Microsoft, LinkedIn, and thousands of other companies. We're passionate about elevating our customers, our teammates, our communities, and ourselves.

About the Role

Vidyard is looking for a Senior Security Analystto join our IT & Security team. Reporting to the Manager, IT & Security, you will work alongside our talented group of Vidyardians currently comprising the IT & Security team to grow and shape our security framework, as well as provide insight and collaboration with the Product and Engineering teams during the software development process. The Senior Security Analyst will be a pivotal role on the IT & Security team, and will lend their experience and mentorship expertise in secure software development and secure Engineering practices to the rest of the team, navigating exciting and new technology, and leveling up Vidyard’s posture and framework while also growing and shaping their own skills. This role is new to the team, and tailored toward a candidate who is excited about cybersecurity, secure coding, and secure development practices, while also looking for an avenue to display their own talents and leadership skills with a team that is eager to grow, and eager to learn. 

This is a remote role open to candidates located in Canada

About the Team

Our IT & Security team consists of the Manager, IT & Security, and IT & Security Specialists. This fully cross-functional team manages all IT and Security requests and requirements, manages our security framework, obligations, and compliance initiatives. Working closely with all other teams within Vidyard, the IT & Security team is positioned to provide world class support both to Vidyardians and our current and prospective clients throughout the sales enablement process. In addition, the team works alongside the Product and Engineering teams to ensure the security and protection, availability, and confidentiality of customer data remains top of mind and a company-wide priority.  

What You’ll Work On

Strategy and Policy Development

  • Lead the development, implementation and maintenance of Security policies and procedures
  • Work alongside management to define protocols that align with Vidyard’s objectives, goals, and compliance initiative

Threat Analysis and Risk Assessment

  • Perform advanced screening and risk assessment and analysis to proactively identify and resolve Security threats and vulnerabilities 
  • Develop and lead the implementation of risk management strategies
  • Stay updated with trends and threats, using this intelligence to anticipate and guard against bad actors or exploits

Incident Response and Management

  • Lead the Security team’s responses to Security events or incidents in conjunction with Security leadership, and assist in remediation efforts.
  • Conduct analysis and post-mortems to identify root causes and recommend changes, working in conjunction with Security leadership, and mentoring Security staff throughout

Monitoring and Analysis

  • Monitor security access and identify any anomalies or breaches to company assets.
  • Instrument security tooling (SIEM systems, etc) to collect and analyze data, identifying potential threats
  • Review and action logs and reports as needed
  • Monitor and respond to security tickets that are more advanced, and assist others with more complex issues

Software Development Lifecycle

  • Requirement gathering and risk assessment during initial planning phases of software development process; work closely with product design and development teams 
  • Conduct threat modeling and risk assessments early in the process of development, to inform of security requirements and the overall design of the product
  • Secure coding practices; provide guidelines and best practices to developers and engineering Vidyardians
  • Ensure that security controls are integrated into the framework of our products, to protect the integrity of Vidyard and customer data
  • Ongoing testing and secure coding review; perform regular audits and checks to maintain the overall security posture at Vidyard during the development process 

Team Leadership and Development

  • Mentor and provide guidance to Security team members, enhancing their skills and capabilities
  • Champion and lead Security initiatives, setting clear goals and expectations, and manage longer term projects in conjunction with Security leadership.
  • Foster a culture of continuous growth and improvement, and support and contribute to the learning and development of the entire Security team

What You’ll Bring to this Role and Your New Team:

  • ~ 6+ years of experience in cybersecurity at software development or SaaS companies
  • Experience with mentorship is preferred, as this will be a pivotal role in the Security team.
  • Experience with software development lifecycle and secure coding practices is preferred, as this role will be uniquely positioned to guide these processes  
  • Deep expertise in the OWASP Top 10 and a thorough understanding of web application security principles and common vulnerabilities.
  • Expertise in cloud security, preferably in AWS, with a strong understanding of cloud security best practices.
  • Strong communication and collaboration skills, with the ability to work effectively across teams and influence stakeholders.

Our Tech Stack

  • Cloud Compliance Platforms
  • SIEM products
  • Network Security (eg. WAF, Security Groups)
  • Cloud Security Tooling (eg. AWS Inspector)
  • Static Application Security Testing (SAST) Tools
  • Dynamic Application Security Testing (DAST) Tools

Job descriptions can be overwhelming. At Vidyard we are motivated to drive change togetherand deeply value the unique experiences, abilities and opinions you possess, so if this role sounds like your next adventure, but you don’t feel entirely qualified, apply! We value candidates who own it, and if you’re relentlessly resourceful too, you might be exactly who we are looking for. 

As we also value user obsession, we prioritize our users, customers and community so you can expect to hear from our team even if you are not selected to move forward.

What You’ll Love about Vidyard:

  • Competitive pay
  • Comprehensive, flexible benefits on day one*
  • Wellness allowance to spend on what's important to you 
  • Flexible hours + unlimited vacation + programs to support travel while working, enabling you to live your best life
  • Access to Inkblot, a digital mental health platform + $1,500/person/year for mental health coverage*
  • Allowance to support your ongoing growth and development
  • Parental leave top-up
  • Paid volunteer hours
  • Employee resource groups to empower and drive change at Vidyard and in our communities
  • RRSP match*
  • Stock options
  • Flexible holiday program
  • Home office stipend 
  • Flexibility to work in the place that brings out your best: whether you thrive in the comfort of your home office, or are local to, and prefer the energy of our collaboration space in Kitchener, Ontario, Canada, there is flexibility for all. Although we default to remote-first there will be occasional in-person meetings/events purposefully designed for connection and collaboration.

We thank all applicants for your interest in Vidyard. Only those applicants selected for an interview will be contacted. Unsolicited resumes from Agencies will not be accepted.

Vidyard is an equal opportunity employer. Applicants who require reasonable accommodation to complete the application and/or interview process should notify us atrecruitment@vidyard.com.

See more jobs at Vidyard

Apply for this job


Other Job subscriptions you might be insterested in