Security Engineer - remote

TaxJar
Posted 4 years ago
We Work Remotely
TaxJar’s remote-only team of 180+ people is growing quickly. We have an immediate opening for a Security Engineer who wants to help us make eCommerce easier for everyone.

Our core values:
  • We do the right thing for our customers
  • We're a team, built on trust
  • We're proud to be remote
  • We're in control of our own destiny

The Security Engineer will help grow and maintain our Security Operations Program as it continues to mature. This is an individual contributor to our organizational, application, and cloud security areas. They understand how to break a project down into sizable, deliverable tasks. This position reports to the Head of Information Security.

Security Engineers at TaxJar primarily contribute by protecting, analyzing, monitoring, and detecting threats from different company assets. They are responsible for the vulnerability management program, for performing threat analysis using our Cloud SIEM solution and running our incident response process. As our business scales Security Engineers will need to identify new threats, risks, adapt to new regulations, and have ownership of changes to the architecture of our systems.


Responsibilities:
  • Experience securing/monitoring/reporting for AWS and its services such as EC2, Lambda, ELB, ECS, IAM, S3, RDS, AWS Config, etc
  • Working closely with the DevOps team to build, maintain, and enhance current cloud monitoring and incident response processes and toolsets.
  • Define and implement appropriate policies for AWS security solutions
  • Analyze, track, and monitor security events from our Cloud SIEM (security analytics tool) and other sources to be able to identify unauthorized activity
  • Build required dashboards and reports to provide a high-level overview of the current security threats we are seeing 
  • Provide recommendations to the security team about necessary changes to our cloud resources based on current  security alerts and threats
  • Own the vulnerability management program and perform regularly-scheduled vulnerability scans to support regulatory compliance and identification of new vulnerabilities
  • Investigate and mitigate security incidents by following our incident response plans
  • Stay up to date with current threats and vulnerabilities and prioritize them based on the criticality
  • Perform security monitoring, security event triage, and lead incident response;including steps to minimize the impact and then conducting a technical and forensic investigation into how the incident happened
  • Assist with the management and configuration of our Web Application Firewall (WAF)
  • Improve the security logging in the current applications, platform, and tools
  • Perform threat analysis on security logging for the entire tech stack
  • Configure and manage the endpoint protection/detection and  phishing solutions

Requirements:
  • 3-5+ years of experience in a Security Operations role preferably in SaaS
  • 2-4+ years of AWS Cloud Security experience 
  • Strong knowledge of threats and vulnerabilities associated with application and network security in a cloud environment (AWS).
  • Strong understanding of Amazon Web Services(AWS) cloud application architecture &microservices
  • Hands-on experience configuring and working with SIEM, SOAR, and EPP/EDR solutions
  • Experience with security technologies such as WAF, File Integrity Monitoring (FIM), SAST/DAST tools, etc.
  • Experience leading incident response plans, working with SIEM tool for log analysis (i.e. Sumo Logic, Splunk, etc.) 
  • Experience with operating systems and hardening (Linux, OS X, and Windows) a plus
  • Certifications such as CISSP, GSEC, CEH or CISM highly desired
  • Agile, humble, trustworthy, and a team player

At TaxJar,  we believe a diverse team creates better solutions for our customers.  Read our Diversity statement below:

TaxJar is a human-first company. 

People are accepted and free to be who they are.

We embrace that diversity, equity, inclusion and belonging are essential sources of creativity and innovation that bring a richness of thinking and experience to the work that is celebrated at TaxJar. Simply put, we care. We will always put people - our team and our customers - first, by supporting our people to do their best work building products our customers love. 

Our formula is simple. We believe we have an elevated level of responsibility in everything we do. This means we empower our team to do the right thing for each other and for our customers, and we do the right thing, even when it's harder. We’ve built a team based on trust, that endeavors to maximize our team members’ individual talents so our workplace creates a sense of meaning and belonging for everyone.

TaxJar’s 2020 Diversity, Equity, Inclusion and Belonging report
here.

We are committed to providing reasonable accommodations for individuals with disabilities in our job application process. If you need assistance or an accommodation due to a disability, you may contact us at candidateexperience@taxjar.com.