Staff Security Engineer

Engine-posted 3 months ago
$190,000 - $230,000/Yr
Full-time • Senior
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Engine is seeking a highly-skilled and motivated Staff Security Engineer to join our team. In this role, you will be responsible for ensuring the security and integrity of our company's applications and software systems. You will help build out a vulnerability management pipeline and contribute to our application security program. You will coordinate closely with senior leadership and engineering teams to deploy and execute the program, ensuring that Engine adheres to best practices in application security.

  • Develop and manage threat detection capabilities, including configuring, tuning, and managing a SIEM solution to identify, analyze, and respond to security threats across multiple layers.
  • Perform architecture reviews, code reviews, infrastructure config reviews, and light penetration testing on web applications, mobile apps, and other software systems to identify and resolve vulnerabilities and other security risks.
  • Maintain a vulnerability management CI/CD pipeline within our existing container/application delivery infrastructure while aligning security goals with business objectives.
  • Collaborate with development and infrastructure leadership to enforce secure coding practices, security controls, and remediation strategies throughout the software development lifecycle (SDLC).
  • Strategize and implement secure architectures, frameworks, and tooling for enterprise security.
  • Develop and maintain security guidelines for managing and deploying security tools.
  • Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices, and provide guidance to development teams accordingly.
  • Participate in incident response and forensic investigations related to application security breaches or incidents.
  • Develop relevant security training and awareness programs for developers, operations teams, and other stakeholders.
  • Proficiency in one or more programming languages (e.g., Ruby, Java, Python, C#, Node.js).
  • Expertise in implementing and managing SIEM solutions with comprehensive and efficient alerting and monitoring capabilities.
  • Knowledge of containerization technologies (e.g., Docker, Kubernetes) and experience with automated container vulnerability management.
  • Mastered static and dynamic application security testing tools (SAST, DAST, IAST, etc.) and comfortable with manual validation testing.
  • Expertise in web application security principles, browsers, OWASP Top 10, secure coding practices, and threat modeling with frameworks like the Mitre Top 25.
  • Knowledge of secure software development methodologies (e.g., DevSecOps, Secure SDLC).
  • Experience with Web Application Firewalls (WAF).
  • Experience with cloud security concepts and best practices.
  • Experience working with compliance frameworks such as SOC 2 and PCI.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work collaboratively with cross-functional engineering leadership, including developers, operations, and fraud teams.
  • A passion for mentoring others.
  • Competitive base pay tied to role and experience, with opportunities for bonuses, commissions, and equity.
  • Check out our full list at engine.com/culture.
  • Different roles have different needs in terms of the environments that drive success which is why we have a hybrid-hub model.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Network Security Engineer Resume Examples
Network Security Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service