Principal Information Security Engineer

Our client is looking for a Principal Information Security Engineer to lead our security engineering function. You will be responsible for all aspects of security to keep our employees and infrastructure protected against threats. Ideal candidates have led security efforts in early-stage companies in the past. You will have a broad mandate and will be expected to drive change and be an evangelist of security throughout the company. This means working a tall levels of system building: network, infrastructure, application, phishing, compliance, and everything in between.

Perks and Benefits

 
• Competitive salary based on experience.
 
• Equity in a high growth Fintech startup.
 
• Fully remote
 
• Medical, dental, and vision insurance and HSA.
 
• Paid time off, sick leaves, COVID sick leave, paid maternal leave, and paid paternal leave.
 
• 401(K) and retirement planning.
 
• A great startup in banking with so much wonderful potential.
 
• Lots of autonomy and massive career growth opportunities for the go getters.
 
• The coolest coworkers you could ever dream of.

‍

 
• Drive company’s security roadmap. Propose, design, build, and deploy security improvements across all aspects of company’s infrastructure and product      surface.
 
• Partner with other teams at company to constantly improve our defensive model.
 
• Perform security assessments on web applications, mobile clients, and architectural designs.
 
• Implement and maintain intrusion detection, continuous security monitoring and risk assessment for our cloud infrastructure.
 
• Create and maintain secure development practices.
 
• Communicate security risks to stakeholders and engineers.
 
• Develop and maintain our security compliance and certification programs. 
 
• Work with our third-party vendors and auditors on pen test, security report and compliance projects. 

‍

Basic Qualifications

 
• Bachelors in Computer Science or equivalent field.
 
• 7+ years of experience in a similar role.
 
• Strong understanding of threat modeling, web security vulnerabilities, as well as their mitigation.
 
• Excellent written and verbal communication skills with the ability to communicate with confidence, clarity, and focus. Able to convey concepts and considerations to any audience. 
 
• Highly autonomous with a strong track record of launching and delivering projects of significant complexity and high level of ambiguity.
 
• Experience designing and building highly available, large-scale distributed systems.
 
• Strong understanding of core internet technologies (e.g. TCP/IP, UDP, Load Balancing, Auto Scaling etc).
 
• Strong understanding of system, network, infrastructure and security concepts.
 
• Expert in securing SaaS, PaaS, and IaaS cloud environments.
 
• Familiar with Javascript, Node, Python, Linux, and AWS — or comparable technologies — and are able to think through the security implications of systems built using them.
 
• Expert level of knowledge of network security monitoring (NSM) techniques.
 
• Able to effectively communicate and work remotely with cross regions, cross cultural, and geographically dispersed teams.

Preferred Qualifications

 
• Masters in computer science or equivalent field.
 
• Previous experience working in Fintech.
 
• Previous experience working in a startup environment.
 
• Experience in building and managing InfoSec teams.

‍