Security Engineer

New York City

Justworks, Inc.

Run your small business with Justworks’ simple PEO & payroll solutions. From HR software & compliance to company benefits, get expert support now!

View company page

Who We Are

At Justworks, you’ll enjoy a welcoming and casual environment, great benefits, wellness program offerings, company retreats, and the ability to interact with and learn from leaders in the startup community. We work hard and care about our most prized asset - our people.

We’re helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues. We’re data-driven and never stop iterating. If you’d like to work in a supportive, entrepreneurial environment, are interested in building something meaningful and having fun while doing it, we’d love to hear from you.

We're united by shared goals and shared motivations at Justworks. These are best summed up in our company values, which are reflected in our product and in our team.

Our Values

If this sounds like you, you’ll fit right in.

Who You Are

Justworks is looking for a hands-on Security Engineer who can help drive and execute the company’s Security Architecture & Engineering function. As a successful candidate, you should have demonstrated experience in security engineering and secure coding practices ideally in a SaaS environment, hands-on technical expertise with modern cloud-based security architecture and engineering in an AWS environment, and experience supporting core security technology capabilities such as Static Code Analysis, Endpoint Detection and Response, Vulnerability Scanning, Security Incident and Event Management, NextGen Firewall, and Zero Trust implementation.

Your Success Profile

What You Will Work On

  • Assist security architects and other engineers to conduct technical design reviews to evaluate existing security controls and identify opportunities to enhance the security posture of Justworks
  • Work with security architects and engineers to bring appropriate security capabilities to Justworks across multiples domains such as: network and infrastructure, application security, identity and access management, data protection, and support Cyber Defense Operations and GRC (Governance, Risks and Compliance)
  • Implement security capabilities in AWS and for corporate. Work with the team to execute and deliver the roadmap. 
  • Help security architects and engineers to develop security architecture, design, and coding standards across the Justworks applications and infrastructure to promote a standardized set of security requirements, aligning with internal policies and meeting external compliance requirements.
  • Work collaboratively with the product engineers to implement enterprise security capabilities into solution architecture
  • Drive process improvement and control implementation projects in coordination with the larger Digital Technology team at Justworks.
  • Act as a cross-functional tools and services expert, working with engineering and risk teams to build security control requirements
  • Perform other related duties as assigned

How You Will Do Your Work

As a Security Engineer, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:

  • Good judgment - the exercise of critical thinking, analyzing and assessing problems and implications, identifying patterns, making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership of the outcome.
  • Resourcefulness - taking a can-do approach, even in the face of obstacles and constraints by assessing what’s in front of you and effectively and efficiently optimizing what you have, whether it's working on something new or thinking about how to do something better.
  • Teamwork and communication - putting our collective best together through documentation, collaboration, relationship-building, listening, empathy, recruiting, and evangelism.
  • Influence and leadership - fostering a community of knowledge-sharing, collaboration, mentorship, and forward-thinking.
  • Skills and knowledge - the capacity to actively learn and apply specific domain knowledge, know-how, and best practices to continually enhance and improve.

In addition, all Justworkers focus on aligning their behaviors to our core values known as COGIS. It stands for:

  • Camaraderie - Day to day you can be seen working together toward a higher purpose. You like to have fun. You’re an active listener, treat people respectfully, and have a strong desire to know and help others.
  • Openness - Your default is to be open. You're willing to share information, understand other perspectives, and consider new possibilities. You’re curious, ask open questions, and are receptive to thoughts and feedback from others.
  • Grit - You demonstrate grit by having the courage to commit and persevere. You’re committed, earnest, and dive in to get the job done well with a positive attitude.
  • Integrity - Simply put, do what you say and say what you'll do. You’re honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example. 
  • Simplicity - Be like Einstein: “Everything should be made as simple as possible, but no simpler.”

Qualifications

  • Minimum of 1 year of experience in security engineering role and working knowledge of information security concepts, common technical security controls, and security design principles, ideally in a SaaS environment
  • Experience in security system design, and engineering scalable security solutions in AWS environment
  • Experience with at least two of the following: Static Code Analysis, Endpoint Detection and Response, Vulnerability Scanning, Security Incident and Event Management, NextGen Firewall, and Zero Trust implementation.
  • Background as a software engineer, or security engineer with experience implementing DevSecOps
  • Technical experience with DevOps, Jira, and other agile automation tools
  • Strong communication, analytical, and organizational skills
  • (Preferred) Security Certifications: CISSP, CISM, CRISC, GIAC, CCSP or CEH

#LI-KY1 #LI-Hybrid

The base wage range for this position based in our New York City Office is targeted at $105,000.00 to $140,000.00 per year.

Actual compensation is based on multiple factors that are unique to each candidate, including and not limited to skill set, level of relevant experience, and specific work location.  Salary ranges for positions based in other locations may differ based on the cost of labor in that location. 

For more information about Justworks’ Total Reward Philosophy, including all of the perks and benefits we are proud to offer our team members, please visit Total Rewards @ Justworks


Please Note: We believe Justworks has a responsibility to support efforts to get as many people vaccinated as possible. We’re committed to safeguarding the well-being of our employees, their families and the broader community from the risks associated with COVID-19. Because this position requires onsite work, this position will require the successful candidate to show proof of vaccination against COVID-19.  As an equal opportunity employer, Justworks will provide reasonable accommodation to those individuals who are unable to be vaccinated in accordance with its obligations pursuant to applicable federal, state, provincial, and local law.

Diversity At Justworks

Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and respected consistently. Diversity in our work, our people, and our product drives creativity and innovation, entrepreneurial leadership and integrity, competitiveness, and collaboration throughout our business and in the market. We depend on our differences to make our team stronger, our workplace more dynamic, and our product accessible to all of our customers.

We’re proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or familial status, disability, pregnancy, gender identity or expression, veteran status, genetic information, or any other legally protected status.

Our DEI Commitment

Tags: Agile Application security Automation AWS CCSP CEH CISM CISSP Cloud Code analysis Compliance CRISC Cyber defense DevOps DevSecOps Firewalls GIAC Governance IAM Jira SaaS

Perks/benefits: Startup environment Team events

Region: North America
Country: United States
Job stats:  7  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.