Security Engineer

Venmo New York , NY 10007

Posted 2 months ago

About Us

Venmo was founded on the principles of breaking down the intimidating barriers around financial transactions to make them intuitive, friendly, and even fun. And it worked: people love sending money with Venmo, and we're growing by leaps and bounds!

But we're only just getting started. We want to take that magic of sending money with Venmo and cascade it into every place where people use money. That means connecting people to their money in the most intuitive and fun way possible, then connecting people with each other. Users already love Venmo, but we know there are lots of things we haven't thought of to make the experience of using Venmo even more delightful and valuable. All that's going to take a lot of figuring out. Let's figure it out together!

Information Security at Venmo

We are seeking an intelligent and motivated engineer to join Venmo's Information Security team. Our ideal candidate is excited about the opportunity to lead the Venmo identity and access management program. In this role, you will report directly to the Manager of Information Security and Compliance and work directly with other business units as a subject matter expert on all things related to Identity and Access Management. A typical day might include managing active access requests, building and refining onboarding and offboarding processes, or working with our Product and technical teams to roll out access management for new products. You'll also be driving our integration into PayPal's IAM tools, helping to streamline and automate compliance reporting. Finally, you'll partner with the rest of the Information Security team to secure Venmo and help wherever you can across network, data and application security initiatives. If you are up to the challenge and want to join our front line make moving money simple, please contact us immediately.

Responsibilities

  • Centralize, manage, and track the day-to-day user account onboarding/offboarding to support large ramp-ups for staffing growth

  • Document the current user on-boarding, off-boarding, and periodic authorization review processes and touch points

  • Perform regular user access reviews and own IAM components of compliance activities such as external audits from customers, regulatory compliance projects, and overall information security reviews

  • Support integration with the PayPal Information Security and be central point of contact for IAM activities including internal SSO integrations and other IAM projects

  • Advocate security awareness and teach secure behavior and methods

  • Implement best-practice security procedures, standards, and guidelines

Requirements

  • Bachelor's degree in Computer Science/Engineering/Information Security or equivalent work experience

  • Minimum 3 years of on the job IT experience

  • Self-starter, able to work with a mix of technical and non-technical clients

  • Excellent documentation and process management skills

  • Knowledge of account creation/management for various web-hosted tools

  • Basic knowledge of LDAP administration and account/group creation

  • Active Directory support experience

  • Understanding of Single Sign On (SSO) frameworks and mechanisms such as OAuth and SAML

  • Linux system administration for account creation/management

Preferred

  • Python and Shell Scripting Experience

  • Active Directory implementation experience

  • Experience with security infrastructure

  • Understanding of AWS IAM roles, API key management, and security groups

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

resumetriaasssdfel.jp… Change Resume
Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Engineer

Millennium Partners

Posted 2 days ago

VIEW JOBS 8/13/2018 12:00:00 AM 2018-11-11T00:00 Security Engineer The successful candidate will be a subject matter expert with hands-on experience in a wide range of Unix security technologies, tools and methodologies. The role is suited for an experienced Unix Engineer with proven understanding in enterprise security and will focus on building toolsets and processes to support the Information Security Program (ISP). The team fosters a collaborative environment and is building a best in class program to partner with the business to protect the Firm's information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority. Principal Responsibilities * Provide a vision and strategy for integrated security controls across Unix infrastructure on-premise solutions and in the cloud. * Able to demonstrate clear understanding of current risks and threats to Unix infrastructure and/or IT infrastructures at technical and managerial levels. * Provide security consultancy and engineering support for Unix for Infosec team. * Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams. * Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures. * Support the development and delivery of a comprehensive ISP for the entire organization. * Assist with the development and implementation of the ISP roadmap. * Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to key business initiatives and strategies. * Leverage collected Intelligence to improve success in defending Millennium against and responding to future attacks or intrusions. * Lead, implement and manage key monitors for internal control systems to ensure appropriate information access levels and security parameters are maintained. * Participate in Information Security Incident Response activities for the Firm's environment. * Perform periodic and on-demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities. * Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties. * Manage remediation efforts for any gaps reported in audits or recommended process improvements. * Collaborate with IT management, Legal, Human Resources and Compliance departments to manage security vulnerabilities and investigations. * Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production - and provide mentoring to junior level security professionals. * Liaison with key stakeholders to create and enforce policy including Technology organization, Trading units, Legal, Internal Audit, and Compliance. * Leads the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies. * Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required * Bachelor's degree in Computer Science or Engineering preferred. 7 + years experience working in a technical role with a minimum of 4 + years experience focusing on information security in the financial industry (preferred). * Hands-on technical experience with configuration management and hardening Unix systems (RedHat, CentOS) * Knowledge of Unix deployment security, lifecycle, and operations practices. * Development and scripting skills (Python, Perl, shell scripting, other) * Knowledge of technologies such as Linux containers (Docker), frameworks (Mesos, Chronos, Marathon), RBAC frameworks (SELinux/AppArmor), and BigData (Hadoop) a plus. * Familiarity with hardening standards related to Unix systems such as SANS, CIS, and others. * Strong knowledge and experience in a variety of technologies including: Unix, Networking, and Storage. * Strong knowledge of NIS, LDAP, Active Directory, Kerberos, SAML * Knowledge of Infrastructure, such as VMware vSphere, EC2, Xen, KVM, OpenStack * Possess a passion for Information Security and Technology. * Able to prioritize in a fast moving, high pressure, constantly changing environment; high sense of urgency * Ability to communicate and collaborate across teams. * At least one security certification (CISSP, GCIA, CISM, etc.). Millennium Partners New York NY

Security Engineer

Venmo