Senior Infrastructure Security Engineer

Self Financial Austin , TX 73301

Posted 2 months ago

At Self Financial Inc, our mission is to help millions of people establish and build credit - especially those who are considered underserved or credit invisible. This is a rare chance to join a successful, venture backed startup based in Austin.

Developing a successful fintech company requires deep collaboration across our teams, dedication, and truly disrupting the way the industry thinks about things. Our team is passionate about empowering people to take control of their credit and challenging the status quo of accessing and building credit. Understanding our consumers is core to our growth in the years to come.

How we act with each other is how we act with our customers. We are direct, transparent and respectful, and we hope you embrace that approach.


As a Security Engineer, you'll be empowered to shape the security of our IT and infrastructure that will allow thousands of people to build credit now and enable us to offer even more financial products in the future. Since our operations team is small, you'll be wearing many hats, but focused on improving our IT, compliance, and infrastructure security programs.

Some reasons why you might want to work with us:

  • You want to work in a secure financial environment without the overhead of an aging stack
  • You like the idea of helping people start (or restart) their financial journey
  • You want to shape the technology infrastructure of a rapidly growing startup
  • You love thinking about security
  • You like working on difficult engineering problems
  • You prefer a fast-paced environment, but care deeply about quality results

What you'll be doing:

  • Work with teams across the company to build out security best practices
  • Maintain and improve our AWS cloud network/infrastructure security
  • Participate in our on-call operations and monitoring pool
  • Stay up to date on trends in the software and security communities
  • Harden our infrastructure against malicious attacks of all kinds
  • Harden our internal IT security processes and technology
  • Adding monitoring tools across our stack to improve detection of security threats and potential downtime

Requirements

You don't need everything below, but we want you to have some experience working with a modern technology stack and the motivation to keep learning.



Qualifications:

  • Bachelor of Science degree in Computer Science or equivalent experience
  • 5+ years working as an infrastructure security engineer
  • 2+ years of experience working with AWS or similar cloud computing environment
  • 2+ years working with IT security and access management
  • Experience in developing and debugging in at least one programming language (Python preferred)
  • Experience with scripting languages (Python/Bash)
  • Experience using modern web application frameworks
  • Experience with multiple areas of AWS (EC2, RDS, S3, IAM, CloudFront)
  • Working knowledge of DNS, HTTP, SSL, WebSockets (web-related protocols)
  • Knowledge of cryptographic primitives and how they can be safely used
  • Familiar with the challenges of processing security events at scale
  • Excellent written and verbal communication skills
icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Lead Information Infrastructure Security Engineer

Bigcommerce

Posted 4 days ago

VIEW JOBS 2/25/2020 12:00:00 AM 2020-05-25T00:00 BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast-growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth. BigCommerce is growing our cybersecurity team. You will influence the culture and direction moving forward. As the BigCommerce e-commerce SaaS platform handles information at a large scale, we need to anticipate and protect against attackers targeting BigCommerce or our customers. As a Lead Information Security Engineer, you will perform realistic offensive security exercises to simulate real attacks, to test and improve our detection and response capabilities, and to identify how attackers could infiltrate and move inside our infrastructure. You will work closely with team members and affected product teams to improve our detection capabilities and design defense-in-depth controls that limit attackers' ability to move inside our network. Whether working on our Google Cloud systems, researching the latest in computer technology or keeping BigCommerce internal systems humming, BigCommerce customers rely on us to keep things running. We're back-end experts: protecting privacy and ensuring the security of our platform We are looking for a full-time Lead Information Infrastructures Security Engineer, who wants to make an impact at every level of society through protecting more than 60,000 merchants sitting on the BigCommerce e-commerce SaaS platform. By protecting our merchants you will be powering innovators, creative thinkers, entrepreneurs and business owners around the world to be successful at each stage of their business. The Lead Infrastructure Information Security Engineer will direct the work of the Information Security Operations Team. In this role, they will monitor, analyze, and detect Cyber vulnerabilities, events and incidents within information systems and networks. Lead Cyber Defense efforts to maintain our security toolsets, establish a framework by which cyber risk can be measured and quantified. Conduct multiple-disciplined penetration tests. Development of domain or problem-specific tools that leverage identified vulnerabilities, research on the latest exploitation techniques and threat vectors, and design and configuration of representative test environments. They will support various training events and mentor others. Their main mission is to lead the Information Security Operations team to excellence in their efforts to protect the BigCommerce platform and BigCommerce customers and employees from cyber threats. What you'll do: * Evangelize security within BigCommerce * Protect BigCommerce Merchants, their Shopper, and the company * Seamlessly improve Bigcommerce security posture with minimal impact to our employees daily operations * Assess security on existing infrastructures * Respond to information security incidents, providing technical expertise and conduct forensics * Reduce time-to-detect and time-to-remediate by driving the automation of security event management, vulnerability assessment, and intelligence correlation * Provide security guidance and experience to Engineering teams * Provide domain expertise regarding security events that impact applications and network design * Mentoring team members in best practice around information security standards * Design secure information systems that protect company data, empower users and drive business growth * Regular and ongoing pen testing of BigCommerce's changing environment * Utilize data to help generate insights into threats, and build solutions. Who you are: * Bachelor's degree in CS, EE or MIS; or equivalent experience * 7 + years of Experience in security engineering, system and network security, cloud security, authentication and security protocols, cryptography, and application security * Passion for Information Security * Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, etc.) on Windows and Linux * Have supported PCI, ISO 27001 , and SOX audits * Develops scripts, tools, methodologies and best practices to improve team capabilities * Knowledge of security testing standards and practices (is a must) * Proficient in Identity Management best practices * Scripting skills (i.e. Python / Perl / Ruby, shell scripting) a significant plus * Experience in using network protocol analyzers and sniffers, as well as the ability to decipher packet captures * Excellent verbal and written communication * Proven ability to work effectively with stakeholders, staff, vendors, and external consultants * Exceptional ability to provide a high level of support with a customer first attitude * Exceptional ability to seek out opportunities to increase internal client satisfaction and deepen client relationships * Passionate about technology, strong desire to make our environment better * Strong sense of ownership, urgency, and drive * A desire to help and train users so they better understand the solutions we offer * Presentation Experience, Conferences, White Papers, Bug bounties are most Welcome * Desired but not mandatory, Relevant information security certifications OSCP, OSCE, SANS GCIA, SANS GCIH, SANS GPEN, SANS GCFA and CISSP Diversity & Inclusion at BigCommerce We have the opportunity to build not only a great business, but a great company, with soul. Our beliefs and commitment to diversity and inclusion are a central part of achieving that. Our dedication to diversity and inclusion is grounded in two things: a moral belief in the dignity, value, and potential of every individual, and a practical belief that diverse, inclusive teams will create the best outcomes for our customers, partners, employees, and company. We welcome everyone to be a part of our journey. Bigcommerce Austin TX

Senior Infrastructure Security Engineer

Self Financial