Your Day to Day / Things You May Work On
- Architect secure-by-default frameworks and infrastructure, ensuring the easy path is also the secure path
- Help shape the security roadmap at both a strategic and tactical level
- Identify security flaws in technologies and processes through design reviews, code reviews, active penetration testing, and the establishment of practical security baselines
- Develop and operate tools to prevent, detect, investigate, and respond to security threats
- Reproduce vulnerability findings from multiple sources---including penetration tests, tooling, and external reports---and communicate the risk associated with those findings to the business
- Educate the company on security best practices by providing training and acting as a subject matter expert and mentor
The Experience We Are Looking For
- A strong interest in security and a curiosity for how things work
- Bachelor's Degree in Computer Science or in a relevant field of study (or equivalent experience)
- 5+ years of professional software engineering experience
- 3+ years of professional software security experience
- Development experience in Node.js, C#, Ruby, and/or Go
- Hands-on working experience with
- Penetration testing tools (e.g. Burp Suite, Nessus, Metasploit, or similar)
- DevOps (e.g. Kubernetes, AWS, Docker, monitoring tools, networking, git, etc.)
- A talent for communicating complex ideas in an easily-understandable way