Senior Information Security Engineer

About The Position

Requirements

• Thorough understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes
• Expertise with security best practices in hardening and protecting cloud environments, including common frameworks such as CIS Controls, AWS Well-Architected Framework, etc.
• Strong understanding of software development methodologies and secure coding practices
• Experience with reviewing source code written in JavaScript, Python, etc.
• Expert Python skills
• Expert level knowledge of security concepts and technologies - web application architecture, APIs, Networking, Linux, DevSecOps, etc.
• Excellent problem-solving and analytical skills.
• Strong communication skills, both written and verbal, for collaborating with technical and non-technical teams.
• Ability to work independently, prioritize tasks, and manage multiple security projects simultaneously.

Nice To Haves

• An understanding of containers and container orchestration technologies
• Familiarity with common Information Security frameworks and standards (i.e. CIS, NIST, MITRE, ITIL, ISO 270001, etc.)
• AWS Certifications
• Experience with securing AI/ML systems

Responsibilities

• Identify security issues and risks with Guild’s systems and environments.
• Develop and execute remediation/mitigation plans that provide long term risk reduction.
• Develop and tune security policy within various security tools and platforms (SIEM, CNAPP, EDR, Email Gateway, Vulnerability Management, etc…).
• Maintain SOC-2 compliance and assist with audit/client related requests.
• Review and upgrade internal policies and security controls where applicable to Guild’s managed infrastructure.
• Leverage CNAPP suite to protect cloud accounts
• Maintain a suite of application security tools that include SAST/DAST/SCA
• Assist with incident response and investigation activities.
• Fulfill regular on-call responsibilities as part of a team rotation.

Benefits

• Access to low-cost, high-quality health care options through Collective Heath and Kaiser (due to coverage limitations, Kaiser is currently only available in CA & CO)
• Access to a 401k to help save for the future
• Vacation policy to rest and recharge
• 8 days of fully-paid sick leave, to take the time to heal and or recover
• Family-friendly benefits, including 12 weeks of parental leave for non-birthing parents and 18-20 weeks for birthing parents; 4-week ramp-up period for when employees return from a leave of 6 weeks or more; as well as employer-paid short-term and long-term disability, employer-sponsored life insurance, fertility and caregiving benefits.
• Well-rounded wellness benefits including free and low cost mental health resources and financial wellbeing support services
• Education benefits and tuition assistance to help your future development and growth