Information Security Engineer (Remote)
Washington, District of Columbia, United States - Remote
Applications have closed
FormAssembly Inc.
FormAssembly is seeking an experienced Information Technology Security Engineer with exceptional technical skills to join our Security and Compliance department. As a Security Engineer, your role will be to work with other business units to ensure the highest level of security and compliance obligations are met.
We seek a motivated self-starter and team player to lead several aspects of security and compliance at FormAssembly. Responsibilities include ensuring FormAssembly meets the highest security standards, administering security audits, making infrastructure improvements, and helping achieve/maintain security standards such as PCI DSS Level 1, ISO-27001, HIPAA, GDPR, FedRAMP and others.
About Us:
FormAssembly is a 100% remote, fast-growing SaaS company with teammates all over the world that come together every day to help customers streamline data collection processes. We’re chasing major growth goals year after year, and we’re looking for talented, driven individuals to join our dynamic team.
FormAssembly works with 5,000+ leading companies worldwide to help them collect data quickly and securely, including Amazon, PayPal, Dell, Harvard, and more. We have been recognized in the 2020 Inc. 5000 list of fastest growing private companies for four years in a row, and we are a G2 Crowd Winter 2021 Leader. As we grow rapidly and adapt our product to better serve our impressive roster of customers, we’re also dedicated to fostering community and building relationships with our coworkers.
For a glimpse at what it’s like to work at a SaaS company with 35% year over year growth and teammates from all over the world who live out our core values of transparency, accountability, curiosity, ambition, composure, and kindness, learn about our awesome team and how and why we work remotely.
If you share our core values and want to work together to build something great for our customers, we’d be thrilled to have you apply for this position. FormAssembly is an equal opportunity employer. If you belong to an under-represented group in tech, you’ll find a welcoming culture that thrives on diversity.
This is a full-time position, open to all locations (working remotely from home).
In this position you will:
- Maintain the security program such as appropriate risk governance, security procedures, security event management, incident response, and audit and compliance functions.
- Validate security configuration and standards for systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
- Performs vulnerability assessments to assess the effectiveness of existing controls and recommend remedial action.
- Produce reports concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Lead the company’s security awareness training program and phishing simulations.
- Continually monitor, test and harden our infrastructure security in AWS.
- Lead compliance efforts consisting of HIPAA, ISO-27001, PCI, NIST and maintain those appropriate certifications.
- Review and improve internal security best practices and training.
- Oversee and maintain DLP, FIM, IDS, WAF’s, anti-virus, SIEM etc.
- Assist in filling out security questionnaires for our customers.
- Audit and review controls within Google Workspace and Okta.
Requirements
- Must have AWS or cloud experience.
- Minimum 3-4 years of experience as a security engineer.
- Experience with PCI, HIPAA, ISO-27001 and others.
- Linux and macOS experience.
- Must have Google Workspace experience
- Relevant security industry certification (CISSP, CISA, GIAC)
- Have current (non-expired) US work authorization or citizenship
Benefits
FormAssembly offers several benefits that help to facilitate a healthy team, personal growth, and a work-life balance, all of which contribute to creating a more engaged and passionate workforce.
- Health benefits (health, dental, vision) for team members based in the United States
- 401(k) with 4% company match for team members based in the United States
- Open/Unlimited time off policy and 9 company holidays
- Flexible work schedule
- Paid parental leave
- Charitable contribution match
- Budget for professional development
- Company provided laptop (Macbook)
You'll be joining a talented and fun team, working together to build something great!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS CISA CISSP Cloud Compliance FedRAMP GDPR GIAC Governance HIPAA IDS Incident response Linux MacOS Network security NIST Okta PCI DSS SaaS SIEM Vulnerabilities
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Gear Health care Parental leave Startup environment Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs