EverCommerce - Senior Security Engineer

EverCommerce-posted 3 months ago
$110,000 - $130,000/Yr
Full-time • Senior
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are looking for a Senior Security Engineer to help us build and grow our EverCommerce security program. The Senior Security Engineer will design, build, deploy, integrate, and optimize security solutions and processes. This role will require close coordination with other information security engineers, teams, security stakeholders, and with internal and external software development teams. The ideal candidate will have well-developed communication skills, proven technical ability, refined relationship management skills, and problem-solving skills. We are seeking an individual with a diverse background that includes aptitude across several technologies and skill sets.

  • Create and maintain security architecture and engineering processes and procedures.
  • Design system architectures that meet established cybersecurity requirements and align with customer needs.
  • Develop security architecture requirements and implementation guidance based on analysis of NIST 800-53 and other security control frameworks.
  • Architect, design, implement, maintain, and operate information system security controls and countermeasures.
  • Provide techniques and patterns for securing integration with external security system vendors and/or cloud providers.
  • Lead regular architecture and design reviews to ensure requirements implementation.
  • Evaluate and play an active role in life-cycle management of multiple security technologies.
  • Identify security risks and control gaps within systems, designs, products, data flows, and processes; recommend corrective architecture, integrations, controls, and operations.
  • Participate in the development of security requirements, architectures, and documentation to ensure security controls are seamlessly integrated into new technology deployments.
  • Perform secure architecture and design reviews of new technology and security systems deployments.
  • Collaborate with business teams to integrate secure-by-design principles into CI/CD pipelines and Agile development processes.
  • Maintain a clear view of the overall security architecture roadmap and strategic plan.
  • Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for our solution groups and our customers.
  • Build, maintain, and mature security architecture metrics and reporting.
  • Serve as a subject matter expert/contributor measurably improving the overall security framework and program.
  • Mentor junior security engineers and analysts.
  • Perform additional duties as required and assigned.
  • At least 7 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration).
  • Bachelor's Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience.
  • Have at least one current Industry recognized security certification; CISSP, CISM, CISA, GIAC or commensurate experience.
  • Excellent communication and interpersonal skills, with the ability to communicate and collaborate effectively with cross-functional teams, matrixed organizations, and technical/non-technical stakeholders.
  • Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks.
  • Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such as AWS and Azure.
  • Knowledge of Information Security risk assessment methodologies and standards.
  • Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security.
  • Excellent verbal and written English communication skills.
  • Broad understanding and expert level experience in multiple security technologies, security domains and sub-domains.
  • Advanced knowledge regarding common attacks, attack methods, and defense architectures.
  • Experience in securing multi-tenant compute services, microservices and modern APIs.
  • Working knowledge of common web and container-based vulnerabilities.
  • Experience with Information Security policies and procedure development and implementation.
  • Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers.
  • Continued investment in your professional development.
  • Day 1 access to a robust health and wellness benefits package, including an annual wellness stipend.
  • 401k with up to a 4% match and immediate vesting.
  • Flexible and generous (FTO) time-off.
  • Employee Stock Purchase Program.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service