Security Engineer at Signifyd
About the company:
Who we are
Signifyd is a fast-growing online retail fraud protection company that maintains a startup culture of curiosity, agility and compassion. Itâs a culture that has been recognized by Forbes, Entrepreneur, The Silicon Valley Business Journal and Inc. Magazine.
Our top-flight engineering team constantly improves our machine learning technology that protects merchants, while allowing them to ship more orders and open new markets without the fear of fraud.
Our values
At Signifyd we live by the following 6 values:
- Curious and hungry: Stay a lifelong learner with a bias for action. Itâs always Day 1.
- Design for scale: Build solutions to scale and last. We are here to stay.
- Tenacious: Be a pioneer and never give up. Creating something new is hard work.
- Agile: Be aware, nimble and adapt quickly. Everything changes.
- Customer compassion: Empathize with your customers and solve their problems. We exist to help them succeed.
- Roll up your sleeves: Be helpful, humble, learn from everyone and have fun. No one succeeds alone.
Employee benefits
Signifyd is a place where we find strength in our differences and thoroughly enjoy coming together to build solutions that stand the test of time and scale for bigger success. At Signifyd we offer out team the following benefits:
- 4-day workweek (32hrs)
- Discretionary Time Off Policy (Unlimited!)
- On Demand Therapy
- Dedicated learning budget through Learnerbly
- 401K Match
- Stock Options
- Annual Performance Bonus or Commissions
- Paid Parental Leave (12 weeks)
- Health Insurance
- Dental Insurance
- Vision Insurance
- Flexible Spending Account (FSA)
- Short Term and Long Term Disability Insurance
- Life Insurance
- Company Social Events
- Signifyd Swag
Description of the position:
Job located in United States of America
The Security Engineer at Signifyd assists cybersecurity operations and vulnerability management across the organization. This role works with other security engineers and analysts on the team by contributing integrations, implementations and reviews with our security systems. They setup, configure, and use these solutions to identify threats and vulnerabilities within our networks and applications then cross coordinate with other departments to ensure timely remediation. The Security Engineer reports to the Director, Head of Information Security and Compliance while supporting the Security Risk Manager with auditable evidence of control effectiveness.
Responsibilities
You will perform the following responsibilities alongside other members of the information security team:
-
Engineer data feeds, rules, and tuning for the system information and event manager (SIEM);
-
Triage security operations center (SOC) alerts as the Level II/III escalation support;
-
Triage secrets scanning, static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools;
-
Triage cloud security posture management (CSPM), infrastructure as code (IaC) security scanning, and attack surface violations;
-
Identify patch management gaps using our vulnerability management software and collaborate with IT and Engineering teams on resolutions;
-
Perform internal security testing, assessments, and triaging of alerts from security tooling;
-
Conduct secure code reviews, secure design reviews, and threat modeling activities;
-
Support GRC activities through control evidence collection;
-
Contribute to operational support activities for all security capabilities. This includes preparing self service operational support documentation for developers and project teams, responding to internal support chat groups;
-
Contribute to design and development of observability metrics and monitoring capabilities for all security capabilities utilizing DevOps or SRE principles;
-
Support the creation and publication of metrics on security functions usage and remediation status for consumption by developers and project teams.
Requirements
-
Ability to automate or develop basic tasks in at least one programming language such as: Java, JavaScript, Python
-
Professional certifications such as WAPT, PPT, OSCP, etc and/or computer science degree;
-
1+ years security engineer experience or 2+ years as a Security Analyst or equivalent;
-
Experience working with cloud technologies such as: AWS, GCP, Azure, Docker/Kubernetes.
#LI-Remote
Benefits in our US offices:
- Discretionary Time Off Policy (Unlimited!)
- 401K Match
- Stock Options
- Annual Performance Bonus or Commissions
- Paid Parental Leave (12 weeks)
- On-Demand Therapy for all employees & their dependents
- Dedicated learning budget through Learnerbly
- Health Insurance
- Dental Insurance
- Vision Insurance
- Flexible Spending Account (FSA)
- Short Term and Long Term Disability Insurance
- Life Insurance
- Company Social Events
- Signifyd Swag
We want to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.
Signifyd provides a base salary, bonus, equity and benefits to all its employees. Our posted job may span more than one career level, and offered level and salary will be determined by the applicantâs specific experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.
USA Base Salary Pay Range
$90,000â$135,000 USD