Cloud Security Engineer at Signifyd
About the company:
Who we are
Signifyd is a fast-growing online retail fraud protection company that maintains a startup culture of curiosity, agility and compassion. It’s a culture that has been recognized by Forbes, Entrepreneur, The Silicon Valley Business Journal and Inc. Magazine.
Our top-flight engineering team constantly improves our machine learning technology that protects merchants, while allowing them to ship more orders and open new markets without the fear of fraud.
Our values
At Signifyd we live by the following 6 values:
- Curious and hungry: Stay a lifelong learner with a bias for action. It’s always Day 1.
- Design for scale: Build solutions to scale and last. We are here to stay.
- Tenacious: Be a pioneer and never give up. Creating something new is hard work.
- Agile: Be aware, nimble and adapt quickly. Everything changes.
- Customer compassion: Empathize with your customers and solve their problems. We exist to help them succeed.
- Roll up your sleeves: Be helpful, humble, learn from everyone and have fun. No one succeeds alone.
Employee benefits
Signifyd is a place where we find strength in our differences and thoroughly enjoy coming together to build solutions that stand the test of time and scale for bigger success. At Signifyd we offer out team the following benefits:
- 4-day workweek (32hrs)
- Discretionary Time Off Policy (Unlimited!)
- On Demand Therapy
- Dedicated learning budget through Learnerbly
- 401K Match
- Stock Options
- Annual Performance Bonus or Commissions
- Paid Parental Leave (12 weeks)
- Health Insurance
- Dental Insurance
- Vision Insurance
- Flexible Spending Account (FSA)
- Short Term and Long Term Disability Insurance
- Life Insurance
- Company Social Events
- Signifyd Swag
Description of the position:
Job located in United States of America
Please apply in EnglishAbout the roleAs a Senior Cloud Security Engineer at Signifyd, you will work to control and improve security outcomes across the company. You will operate at the front line of risk, identifying vulnerabilities and threats, and collaborate cross-functionally across the organization to implement defenses.
As a core member of our security team, you will have the latitude to further define and mature our application security capabilities. You will work directly with the various groups within the engineering team as the voice of security, where you will guide our security architecture, secure software development, and ensure consistent and effective mediation of risks.
You will also own one or more foundational security projects, and work with project managers and engineers to successfully execute the software specifications you help develop.
Finally, you will work to increase our visibility into data, infrastructure, entitlements, and logs; you will develop and improve detections for things that matter within our SIEM and other systems, and make sure our infrastructure is always on and customer data stays secure.
About youYou are passionate about information security and desire to solve security problems at scale. You have experience implementing security guardrails and building controls in a software development environment.
Job Responsibilities
- Set up, configure, customize, and implement cloud-based security services to business specifications in a company environment.
- Own the security posture for Signifyd’s infrastructure and applications in AWS primarily and GCP.
- Use cloud-native services to ensure that security guardrails are in place for application teams to use AWS services securely.
- Define standards and develop reusable templates for the application teams to use.
- Review architecture plans as part of “Shift Left” approach. Be a ready, willing, and proactive partner with other teams to achieve secure and agile development.
- Participate and contribute to security planning sessions with Platforms cloud operations and development teams.
- Work collaboratively with application and Platforms teams to define standards for secure development pipelines.
- Develop and deploy continuous compliance monitoring capabilities.
- Serve as a key technical security partner for engineering teams.
- Coordinate with developers, cloud platform engineers, the business, and cloud service providers on security framework design requirements for cloud application services.
- Research Cyber Security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of Cyber Security solutions.
- Required to work Tuesday through Friday during normal working hours instead of the company’s Monday through Thursday work schedule.
Required
- Bilingual with business proficiency in English
- BS or MS degree in Computer Science / Engineering or a related field, or equivalent experience
- 5+ years overall related software engineering experience
- 3 - 5+ years of hands-on experience building, maintaining, and securing Cloud environments in AWS and GCP
- A minimum of 2 years of experience implementing security solutions within cloud environments is required.
- Ability to work outside of business hours to support incidents and business needs.
- Experience reviewing architectural diagrams for proposed solutions and implementing the standard cloud or on-prem services based on compute, data, or security requirements.
- Experience with a diverse set of security products like Okta IAM, AWS Security tools (Cloudtrail, Guard Duty, Inspector) SIEM, key management systems (KMS), PKI.
- Experience with Infrastructure as Code (IaC) like Terraform, Ansible, Strong understanding of DevOps practices/tools including CI/CD Pipelines, IaC. Utilize continuous integration and automation tools such as GIT, Jenkins, Ansible, PowerShell, HashiCorp Terraform.
- Hands-on experience with Docker, Kubernetes, and development of modern CI/CD pipelines.
- AWS cloud security certifications and GCP.
- Experience with cloud operating environments.
- Experience with third-party vendor/supplier risk management, vulnerability management, workforce security training and phishing awareness, DR/BCP development.
- Experience with networking security in a software development environment.
- Experience with compliance frameworks like ISO27001, SOC2, and PCI.
- AI/ML environments are a plus.
Benefits in Mexico:
- Health, Dental & Vision Insurance
- Life Insurance of 24 months salary
- Annual Performance Bonus
- Christmas Bonus of 1 Month’s Salary
- Food Vouchers
- Stock Options
- Paid Parental Leave
- Flexible Work Arrangements
- Telework Stipend for Home Internet
- 12 Paid Vacation Days with 85% Vacation Premiums
- Paid Holidays
- Company Social Events
- Signifyd Swag
- Dedicated learning budget through Learnerbly
- On-Demand Therapy for all employees & their dependents
Signifyd’s Applicant Privacy Notice