Security engineer
Security engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About this Role
Writer is seeking a highly skilled and experienced Security engineer to join our dynamic and innovative team. The Security engineer will play a crucial role in enhancing our information security and privacy posture by engaging with engineering and operations teams to perform security reviews threat modeling and other critical security activities. This role requires a deep understanding of information security principles a strong technical background and the ability to collaborate effectively across various teams.
The Security engineer will report to the Head of Information Security & Compliance and will work closely with the information security management leadership the engineering product and design team and other relevant stakeholders.
Location(s): London; New York Austin Chicago San Francisco Remote
Your Responsibilities
Design and implement robust security architectures that align with industry standards and best practices; ensure that security controls are integrated into the design and implementation of new systems and applications.
Provide technical guidance and recommendations to engineering and operations teams to enhance the security of our infrastructure; help ensure security is integrated into the secure software development lifecycle (SSLDC).
Conduct comprehensive security reviews of software applications and systems to identify potential vulnerabilities and security gaps.
Build and maintain threat models for new and existing applications ensuring that all potential attack vectors are identified and mitigated.
Develop and maintain security automation scripts and tools such as SAST/DAST to detect and respond to threats; automate security monitoring and alerting using Splunk ELK or Chronicle; develop securityascode practices using Terraform Ansible or Kubernetes security policies.
Harden and secure AWS/Azure/GCP endpoint and IAM environments and enforce cloud security best practices.
Perform offensive activities and proactively hunt for vulnerabilities.
Participate in the incident response process providing technical expertise to manage and resolve security incidents; contribute to the development and maintenance of incident response plans ensuring that they are uptodate and effective.
Is This You
CISSP CISA or CISM certification is strongly recommended but not required.
ISO 27001/27701/42001 SOC2 PCI DSS and GDPR knowledge experience and qualifications are highly desirable.
At least 5 years of relevant industry experience in information security with a focus on security architecture and threat modeling.
Proven experience in performing security reviews threat modeling and risk assessments; strong understanding of information security principles including confidentiality integrity and availability.
Experience with security tools and technologies including vulnerability scanners intrusion detection systems and security information and event management (SIEM) systems.
Excellent communication and interpersonal skills with the ability to collaborate effectively with crossfunctional teams.
Strong problemsolving and analytical skills with the ability to identify and mitigate complex security risks.
Ability to work in a fastpaced environment managing multiple priorities and meeting deadlines.
Benefits & perks (UK fulltime employees):
Generous PTO plus company holidays
Comprehensive medical and dental insurance
Paid parental leave for all parents 12 weeks)
Fertility and family planning support
Earlydetection cancer testing through Galleri
Competitive pension scheme and company contribution
Annual worklife stipends for:
Home office setup cell phone internet
Wellness stipend for gym massage/chiropractor personal training etc.
Learning and development stipend
Companywide offsites and team offsites
Competitive compensation and company stock options
Employment Type
Full-Time
