Senior Security Engineer
Remote - USA
Applications have closed
Plastiq
Manage your cash flow, automate your payables, and start accepting payments with no fees - all in one place. Plastiq simplifies your payments.Success in this role requires a strong passion for cyber security, demonstration of Plastiq GOAT values, and staying abreast of industry trends, standards and love to learn new technologies.
Your Responsibilities
- Implement and Manage Security Tools, EDR, MDM (Intune & JAMF) OS & Software Management
- Manage Cyber Security Response Team, and external Security Service Providers
- Perform daily reviews of different security systems and tools. Analyze security system logs, AWS Security Hub, Splunk logs, Rapid7 Nexpose vulnerability reports, investigate and respond to security incidents
- Manage Third Party Assurance, complete security questionnaires
- Perform detailed information security assessments on Plastiq’s information systems to ensure compliance with various regulations and security standards
- Identify gaps in existing security defenses and recommend, build and implement solutions to address these gaps
- Contribute to security compliance frameworks and support audit activities for PCI, SOC1 & SOC2, ISO27001, etc.
- Research/evaluate emerging cyber security threats and ways to manage them
- Conduct monthly Phishing user awareness campaigns and user education on cyber security including new hire security orientation
- Analyze and create reports based on information gathered from security technology and report to ISO on a daily basis
Your Minimum Required Experience
- 5+ years of security engineering experience, with an understanding of security technologies including Anti-Malware, Web Security, SIEM, IPS/IDS, Firewalls, Threat Intelligence, etc.
- Knowledge of Payment Card Industry (PCI), NIST standards, Sans Top 20, ISO 27000 series, investigating and documenting incidents, and compliance
- CEH, GIAC certifications, CISSP or CISM. Specific vendor security certification can be considered.
- Experience conducting security control assessments or audits. Participating in Internal and External audits.
- Good knowledge of Qualys, AWS Security Hub, Nexpose
- Solid experience with macOS, Windows 10, Jamf, Intune, OKTA, Jira, Slack, Bash and Python
- Proven ability to maintain security documentation and manuals
- Success at delivering clear and concise verbal or written communication that facilitates a mutual understanding in both parties
- Ability and eagerness to learn new technologies and cross train with other Security/IT staff
Plastiq’s Tech Stack
- Plastiq operates a CI/CD model and releases code to production frequently. We are building cloud-native micro-services with a component-based frontend written in React.js, and a Node.js backend, which sits in front of our Payments Processing Platform built in Java.
- For our testing platforms we use Jest for API & unit backend tests, cypress.io for frontend testing, and Gitlab for our continuous integration and delivery.
- Plastiq is powered by data. Our data pipeline continuously streams data to Snowflake via AWS Kinesis so our Data Engineering and Analytics team can produce machine-learning models that help drive our business.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics APIs Audits AWS Bash CEH CI/CD CISM CISSP Cloud Compliance EDR FinTech Firewalls GIAC IDS IPS ISO 27000 ISO 27001 Java Jira MacOS Malware NIST Node.js Privacy Python Qualys SANS Security assessment SIEM SOC 1 SOC 2 Splunk Threat intelligence Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs