Staff Security Engineer, Threat Detection & Response

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or an equivalent experience.
• 8-10+ years of experience in security engineering, with a strong background in designing and implementing security solutions.
• Deep expertise in security technologies, including firewalls, intrusion detection/prevention systems, encryption, and vulnerability management.
• Proven experience with cloud security, network security, application security, and identity and access management.
• Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, PCI-DSS).
• Excellent problem-solving skills and the ability to handle complex security challenges.
• Strong communication skills, with the ability to convey technical information to non-technical stakeholders.

Responsibilities

• Security Strategy and Leadership:
• Lead the development and implementation of security strategies, policies, and procedures.
• Provide technical leadership and guidance to security engineering teams and other stakeholders.
• Stay current with industry trends, emerging threats, and new technologies to ensure our security practices remain effective.
• Design and Implementation:
• Architect and design secure systems, applications, and infrastructure to protect against threats and vulnerabilities.
• Develop and implement security controls, monitoring systems, and response mechanisms.
• Collaborate with engineering teams to integrate security practices throughout the software development lifecycle.
• Risk Management and Mitigation:
• Identify and assess security risks, vulnerabilities, and threats to our systems and data.
• Develop and implement risk mitigation strategies and incident response plans.
• Conduct regular security assessments, penetration tests, and vulnerability scans.
• Compliance and Governance:
• Ensure compliance with industry standards, regulations, and best practices (e.g., GDPR, CCPA, NIST, ISO 27001).
• Develop and maintain documentation related to security policies, procedures, and compliance requirements.
• Incident Response:
• Lead incident response efforts for security breaches, including investigation, containment, and remediation.
• Conduct post-incident analysis to identify lessons learned and improve security posture.
• Mentorship and Training:
• Mentor and train junior security engineers and other team members on security best practices and technologies.
• Promote a culture of security awareness and continuous improvement within the organization.
• Collaboration and Communication:
• Work closely with cross-functional teams, including IT, development, and operations, to address security concerns and integrate security solutions.
• Communicate security risks, strategies, and updates to senior management and other stakeholders.

Benefits

• Competitive starting pay
• A discretionary annual bonus
• Long-term incentive in the form of a new hire equity grant
• Comprehensive health plans
• 401K with company matching
• Paid Parental Leave
• Flexible time off