Descripción del puesto:
We're a team driven by the belief that we can change the world of work. We believe - and hear from our customers every day - that when an organisation understands itself better it can create more fulfilling jobs, and grow in ways never before imagined.
Enterprises big and small trust our products to provide visibility and clarity in areas once characterised by hearsay and uncertainty. With the insights delivered by (COMPANY NAME), these organisations become more agile, responsive, and able to make the changes and investments that their employees care about most.
We're in the business of creating great places to work, so it should be no surprise that this is our highest priority at (COMPANY NAME). With ambitions as big as ours, we see individual growth and development as the key strategy for growing our business.
Trust and transparency guide everything we do. At (COMPANY NAME) you'll find an open salary model, unlimited vacation, and autonomy to execute your own ideas. Our style of collaboration is based on honesty and friendship, and we always love making new friends.
As the (COMPANY NAME) engineering team grows, we are looking for a Security Engineer to take on the responsibility of defining, implementing and overseeing the technical implementation of internal and external security processes, both during application development and in the daily operations of (COMPANY NAME). You will be supporting the engineering team with security guidance and help provide training to make sure security is top of mind in every aspect of the daily work.
You will ensure that our systems meet the security and privacy expectations of our customers and are compliant with existing legislation. Our customers trust us to keep their data safe, and as (COMPANY NAME) grows, their trust will continue to be a top priority for the business and this role.
Additionally, you will be in charge of our external efforts to detect vulnerabilities and deter threats, including managing our bug bounty program, monitoring & alerting, intrusion detection and more.
You will spend significant time supporting the rest of the business on security-related matters, and work closely with our legal and sales teams in making sure our customers trust us at every point of their journey with (COMPANY NAME).
We make it a priority to stay on the cutting edge of tech. We are highly motivated by learning and growing in our roles, and constantly evolving is a key part of that.
We rely heavily on automated testing on all levels of the application, with thousands of tests checking every commit to our code base. We use CircleCI for hosted continuous integration to make sure our most recent changes are always available to test, and we deploy code to our production environment on a daily basis.
* Unlimited holiday
* Subsidised lunch everyday
* Flexible working
* Company wide trips
* Choice of hardware
* Flexible travel policy
* Quarterly bonuses
Requerimientos del candidato/a:
You are an engineer at heart, with a deep technical understanding of operating systems and web applications. You stay up to date on the latest news and technology trends and keep yourself informed about current security best practices.
You have a mix of engineering and security experience, perhaps working as a security engineer at a medium- or large-size company. You are looking to join a smaller team where you can drive the security roadmap and have a big impact on the company and its customers.
You are self-organizing, process-oriented and able to work independently to complete tasks and projects. You are a great communicator, used to interacting with many different parts of a business.
Our ideal candidate has
* Deep knowledge of application security and experience assessing the security impact of new products, features, systems and tooling
* Deep knowledge of network and infrastructure security
* Experience in operating security tooling and scripting
* Experience implementing systems for monitoring and threat detection/mitigation
* Experience with incident and response management
* Experience with pentesting and/or bug bounty programs
* Experience with external security audits and certification procedures
* A great communicator; comfortable interacting with many different parts of a business
* Experience working with product engineers and management in an agile environment
* An interest in DevSecOps
We welcome your application even if you do not meet all of the criteria listed above, but are excited about the challenge of mastering this role. We know that skills are not static and growth is continuous, so we are excited to help you take your career to the next level at (COMPANY NAME)