About the position
The Senior Security Engineer at Justworks will be responsible for driving the execution of the company's Security Architecture & Engineering function. They will provide technical and architectural guidance to product managers, product engineers, and corporate IT on digital security, and implement security capabilities in AWS and for corporate. The ideal candidate will have a minimum of 3 years experience in information security concepts, common technical security controls, and security architecture design principles, ideally in a SaaS environment. They will also have extensive experience in security architecture, system design, and engineering scalable security solutions in a cloud-native (AWS) environment.
Responsibilities
- Conduct technical design reviews to evaluate existing security controls and identify opportunities to enhance the security posture of Justworks
- Bring adequate security capabilities to Justworks across multiple domains such as network and infrastructure, application security, identity and access management, data protection, and support Security Operations and GRC (Governance, Risks and Compliance)
- Provide technical and architectural guidance to product managers, product engineers, and corporate IT on digital security
- Implement security capabilities in AWS and for corporate. Work with the team to execute and deliver the roadmap.
- Develop security architecture, design, and coding standards across the Justworks applications and infrastructure to promote a standardized set of security requirements, aligning with internal policies and meeting external compliance requirements.
- Work collaboratively with the current product managers and staff engineers or future Enterprise Architecture team to design and implement enterprise security capabilities into solution architecture
- Participate in major new product development projects to ensure that appropriate security controls are built into systems prior to production cutover.
- Drive process improvement and control implementation projects in coordination with the larger Digital Technology team at Justworks.
- Act as a cross-functional tools and services expert, working with engineering and risk teams to build security control requirements
- Help Security Operation Center triage incidents as needed, especially related to product security, application security, and AWS security.
Requirements
- Minimum of 3 years experience in information security concepts, common technical security controls, and security architecture design principles, ideally in a SaaS environment
- Extensive experience in security architecture, system design, and engineering scalable security solutions in a cloud-native (AWS) environment
- Experience with secure coding practices and security scanning technologies
- Background as a software engineer, security architect, or security engineer with experience implementing DevSecOps
- Demonstrated expertise in security architecture, design, and secure coding practices with a focus on scaling solutions for complex enterprises, ideally in a SaaS environment
- Hands-on technical expertise with depth in modern cloud-based security architecture and engineering in an AWS environment
- Technical experience with DevOps, Jira, and other agile automation tools
- (Preferred) Security Certifications: CISSP, CISM, CRISC, GIAC, CCSP or CEH
- Proven track record as a strong communicator
- Strong analytical skills
- Exceptional organizational skills