Security Engineer (Americas, Remote)

About FreshBooks

It turns out… unicorns are real! FreshBooks reached unicorn status after raising our valuation to more than $1 billion, and we couldn’t be more thrilled. But why are we so excited? Because every success at FreshBooks allows us to build better, stronger accounting software and products, worthy of the trust of small business owners everywhere. We’ve expanded beyond our Canadian roots, and now have offices across six countries and counting. Regardless of where we are in the world, we share a common goal: to delight, inspire, and support Business Owners as their businesses grow.

The Opportunity 

FreshBooks Security Team is looking for a Security Engineer to help secure our product, platform, and business by implementing technical controls and processes.You will ensure that our cloud infrastructure not only meets the security and compliance requirements of our customers, but sets the example on how security and usability can both be achieved. As a Security Engineer at FreshBooks, you are passionate about vulnerability management and threat detection, and will work cross functionally to keep FreshBooks secure.

 What you’ll do as a Security Engineer at FreshBooks

• Establish and operationalize a vulnerability management program, including the creation and implementation of secure configuration standards for digital technology across FreshBooks as well as the timely identification and remediation of vulnerabilities.
• Develop, implement and manage an Identity and Access management (IAM) strategy for cloud and SaaS assets.
• Maintain the Web Application Firewall in accordance with industry best practice and business requirements.
• Collaborate with the IT department to manage email security, anti-virus, and VPN technologies.
• Define and monitor logging and alerting requirements for security monitoring and threat detection.
• Act as a first line of defense for security related issues. Triage and investigate security alerts. Participate in security incident response activities.
• Perform threat modeling for any new or existing applications and services
• Design, architect, and implement defensive security controls across services

 What you’ll bring to the role

• 3+ years of experience in security engineering or operations
• DevSecOps background with a strong understanding of cloud security practices and microservice architectures. Familiarity with GCP, AWS and their associated security toolsets. 
• Experience with IAM frameworks such as SAML, OpenID, OAuth, etc.
• Hands-on experience in Vulnerability Management, including program implementation, scanning, prioritization and remediation activities. 
• Hands on experience using security assessment tools such as Burp Suite, Nessus, nmap, or Wireshark
• Understanding of networking technologies (firewalls, DNS, ACLs, device hardening etc)
• Experience in security incident response as a member of the SIRT or Incident Commander
• Good knowledge of security frameworks and standards, including PCI-DSS 
• Team player with strong collaboration and communication skills

Bonus skills or experience you might bring

• Experience building and deploying automation to simplify security and IT practices
• Familiarity with automation tools such as Terraform and Jenkins
• Security certifications from GCP and/or AWS, GIAC, GDAT, CISSP, CEH, CISM etc
• Passion and experience in protecting SaaS products
• Bachelor’s Degree in computer science, engineering or other STEM field

Why Join Us

We're a motivated bunch, with our eyes laser-focused on shipping extraordinary experiences to businesses. You will be surrounded by hardworking team members who share a common vision for what an amazing software company could be, and have the opportunity to help build an elite one from different regions across the globe.