Security Engineer
Security Engineer focused on security operations, incident response, monitoring/alerting, and securing SaaS applications and infrastructure. Requires Go experience, Elastic Stack, GCP, and on-call rotation participation.
Responsibilities
- Build world-class security into product offerings through security operations
- Maintain and improve monitoring and alerting stack
- Participate in on-call rotations and respond to security incidents
- Conduct application security testing and manage bug bounty programs
- Perform security reviews for application and infrastructure security
- Proactively improve security of codebase, product, cloud, and customers' on-premise deployments
- Discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers
- Maintain internal systems and automations for alert triaging
- Triage, troubleshoot, and mitigate customer security concerns
- Enhance application security through audits, best practices, code fixes, and continuous education
- Perform reactive incident response during security events
- Conduct proactive research to detect new attack vectors
- Perform threat modeling for existing and future applications
- Assess and integrate new tools and technologies to improve operational efficiencies
- Help maintain compliance with SOC 2, ISO 27001, and GDPR standards
Requirements
- Practical experience reviewing SIEM alerts and participating in on-call rotations
- Practical experience securing SaaS applications as a security generalist, including infrastructure security, application security, and/or compliance
- Experience with Go, including writing and maintaining internal tooling along with code reviews
- Experience with Elastic stack and GCP
- Experience using and automating a wide range of defensive security tools
- Experience working across engineering teams to secure projects across the organization
- High agency and effective written communication and documentation skills
Nice to Haves
- Experience developing software as an engineer (writing code and contributing directly to applications)
- Experience working in a startup environment
- Experience with TypeScript and Terraform
- Experience with Kubernetes
- Experience securing AI products
Fraud and Risk Specialist
Investigates fraud like multi-accounting, bonus abuse, and suspicious betting patterns in a sports prediction market. Analyzes data with SQL/tools, makes decisive calls to protect users; requires 1-3 years fraud/risk experience, preferably in fintech/gaming.
Senior Facility Security Officer (R4918)
Executes daily security operations for classified defense programs, including document control, personnel onboarding, foreign visits, access management, incident response, and compliance with NISPOM/ITAR. Requires active Top Secret clearance, 2-4+ years in industrial security, and FSO certification.
Senior Facility Security Officer (R4917)
Executes daily security operations for classified programs including document control, personnel onboarding, foreign visits, restricted area access, incident response, and compliance with NISPOM/ITAR in a defense environment. Requires active Top Secret clearance, 2-4+ years industrial security experience, and FSO certification.
Senior Facility Security Officer
Manages daily security operations for classified programs including document control, personnel onboarding, foreign visits, restricted area access, incident response, and compliance with NISPOM/ITAR in a defense environment. Requires active Top Secret clearance, FSO certification, and 2-4+ years in cleared industrial security.