Security Engineer (Remote)
About The Position
ezCater is the leading food for work technology company in the US, connecting anyone who needs food for their workplace to over 100,000 restaurants nationwide. For workplaces, ezCater provides flexible and scalable solutions for everything from recurring employee meals to one-off meetings, all backed by 24/7 customer service with real humans. ezCater also enables companies to manage their food spend in a single, customizable platform. For restaurant partners, ezCater helps them grow their business by bringing them more orders and new high-value customers. We're backed by top investors including Insight, Iconiq, Lightspeed, GIC, SoftBank, and Quadrille. We're looking for a Security Engineer to join our Security Engineering and Compliance team. As a Security Engineer, you will be responsible for designing and implementing risk management solutions to identify and address risks throughout IT Security, Incident Response, Security Operations, and Security Assurance Domains. We're looking for someone with strong technical skills in security engineering, automation, and cloud platforms. You'll need to be great at turning compliance and risk needs into practical, scalable engineering solutions.
Requirements
- Experience with development and scripting languages (Ruby, Go, Python) and leveraging API's to automate workflows.
- Articulate about risk management and compliance controls relating to industry best practices and frameworks.
- Experience performing and remediating risk and control gap assessments.
- Knowledge of Governance, Risk & Compliance (GRC) frameworks, Security Operations Center (SOC) processes, IT Security protocols, and privacy practices.
- Someone who is willing to challenge the existing norms and “Aim Higher, Make it Better” than the way it currently is.
- A continuous learning mindset to stay current with the latest security trends, threats, and technologies.
Responsibilities
- Collaborate with Technology and Product teams to conduct security assessments, ensuring code and infrastructure changes align with SOC 2, PCI-DSS, and internal policies.
- Automate compliance and control activities such as risk assessments, vulnerability scanning, third party risk management, and control validation.
- Create monitoring and detective alerts for security operations, non-compliance, and incident response.
- Responsible for maintaining a healthy posture of our security tools and automations.
- Provide support for third-party assessments from customers and audit evidence collection and review.
- Expand beyond purely identifying gaps and risks, and own the design and implementation of monitoring and remediating them.
- Span across multiple security domains, you'll be able to flex into technical and non-technical roles to drive risk detective and mitigative projects.
Benefits
- Market competitive salary
- stock options that you'll help make worth a lot
- 12 paid holidays
- flexible PTO
- 401K with ezCater match
- health/dental/FSA
- long-term disability insurance
- mental health and family planning resources
- remote-hybrid work from our awesome Boston office OR your home OR a mixture of both home and office
- a tremendous amount of responsibility and autonomy
- wicked awesome co-workers
- Relish (and many more goodies) when you're in our office
- knowing that you helped transform the food for work space
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
