Senior Security Engineer
Remote
Jetty
Jetty is the financial services company for real estate. Our products are designed to improve the financial lives of renters and their property managers.Welcome to Jetty, the financial services platform on a mission to make renting a home more affordable and flexible. We’ve built multiple financial products that benefit both renters and property managers - and we’re just getting started.
As a member of the Infosec Team, you’re passionate about building fintech products that provide value to our customers and maintaining the security of our customer’s data. You love to learn, take on challenges, and are empowered in a fast-paced and transparent culture. You're comfortable finding the right tool or pattern for the job, and advocating for improvements to the way we work.
As a Security Engineer, you will be responsible for implementing and supporting Jetty’s security program. You will be responsible for building scalable and maintainable systems to monitor and secure Jetty’s environment. You will mentor team members on security best practices and ensure the Engineering teams adhere to these best practices.
What you will do:
- Act as a subject matter expert in multiple security areas (e.g. security architecture, application security, threat modeling etc.)
- Contribute to secure architecture and design of Jetty products in collaboration with adjacent teams
- Work across product and engineering teams to prioritize security features and bugs, and ensure implementation and mitigations
- Build and implement security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc
- Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of Jetty’s products, services, and associated cloud infrastructure
- Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
- Monitor threats and vulnerabilities impacting Jetty products; triage, respond to, investigate and mitigate while communicating associated risk
- Assist with the planning and delivery of the organization’s Information Security projects and programs
- Support third party Infosec risk assessments and management of third-party Infosec risk issues
- Collaborate with Jetty’s Product Engineering, SRE and corporate IT teams in compliance with security policies
- Continue to cultivate a “security first” mindset with adjacent teams
- Contribute to the creation and delivery of security training
- Research emerging attack vectors and techniques
Our current toolstack:
- Python, Javascript (React.js, Next.js)
- Postgresql, DynamoDB, Redis, Snowflake
- Python-Flask API Servers, Lambdas, Step Functions
- AWS, GitHub, GitHub Actions
- The right tool for the right job. We are not tied to any specific language or framework, but encourage our engineers to explore and learn better ways of building software
The experiences you will bring:
- 5+ years of experience in Information / Cloud / Application Security
- Understanding of secure software development process
- Experience implementing product vulnerability management lifecycle
- Understanding of common information security frameworks and standards such as NIST CSF
- Knowledge and experience with implementing security countermeasures and controls
- Experience with cloud-based security controls
- Industry recognized certification from ISC2, ISACA, etc preferred
- Experience with financial services, SOC2, PCI, DFS is a plus
- Strong AWS Security Skills (Certifications recommended)
- Experience with patching servers and containers
- Experience with container technologies, modern source control tools, and CI/CD build/deployment tools
- Experience with networking, Linux systems administration, and common cryptography practices and libraries
- Experience with configuration-as-code management and tooling to manage those configurations
- Proficiency in scripting languages such as Bash and Python
- BS in Computer Science or related field, or equivalent experience
About Jetty
Jetty's integrated suite of products help property managers increase lease conversions, improve resident retention, reduce bad debt, and boost NOI. For renters, Jetty decreases the financial burden of moving into a new home and offers greater flexibility with how and when to pay rent.
Jetty has raised more than $70M from investors including Khosla Ventures, Ribbit Capital, Citi and Valar, and has a highly collaborative team working remotely around the country. To learn more about Jetty, visit jetty.com.
Jetty is firmly committed to building a team as diverse as our Members. We are proud to provide equal employment opportunities for all candidates regardless of race, ancestry, citizenship, sex, gender identity or expression, religion, sexual orientation, marital status, age, disability, or veteran status.
Benefits & Perks
- Health, dental, and vision insurance through Aetna & MetLife
- 401(k) through Betterment
- Optional life and disability coverage, HSA & FSA
- 20 days of PTO + 12 holidays, “Jetty Winter Break," and unlimited sick days
- Generous parental leave policy
- Flexible work schedules to accommodate remote work
- Stipends to cover WFH set-up, monthly childcare, and monthly phone/internet bill
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security AWS Bash CI/CD Cloud Compliance Computer Science Cryptography DynamoDB FinTech Flask GitHub ISACA JavaScript Linux NIST PostgreSQL Product security Python Redis Scripting Security assessment SOC 2 Vulnerabilities Vulnerability management
Perks/benefits: Flex hours Flex vacation Health care Insurance Parental leave Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs