Security Engineer
New York City
Applications have closed
Justworks, Inc.
Run your small business with Justworks’ simple PEO & payroll solutions. From HR software & compliance to company benefits, get expert support now!At Justworks, you’ll enjoy a welcoming and casual environment, great benefits, wellness program offerings, company retreats, and the ability to interact with and learn from leaders in the startup community. We work hard and care about our most prized asset - our people.
We’re helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues. We’re data-driven and never stop iterating. If you’d like to work in a supportive, entrepreneurial environment, are interested in building something meaningful and having fun while doing it, we’d love to hear from you.
We're united by shared goals and shared motivations at Justworks. These are best summed up in our company values, which are reflected in our product and in our team.
If this sounds like you, you’ll fit right in.
Who You AreJustworks is looking for a hands-on Security Engineer who can help drive and execute the company’s Security Architecture & Engineering function. As a successful candidate, you should have demonstrated experience in security engineering and secure coding practices ideally in a SaaS environment, hands-on technical expertise with modern cloud-based security architecture and engineering in an AWS environment, and experience supporting core security technology capabilities such as Static Code Analysis, Endpoint Detection and Response, Vulnerability Scanning, Security Incident and Event Management, NextGen Firewall, and Zero Trust implementation.
Your Success ProfileWhat You Will Work On
- Assist security architects and other engineers to conduct technical design reviews to evaluate existing security controls and identify opportunities to enhance the security posture of Justworks
- Work with security architects and engineers to bring appropriate security capabilities to Justworks across multiples domains such as: network and infrastructure, application security, identity and access management, data protection, and support Cyber Defense Operations and GRC (Governance, Risks and Compliance)
- Implement security capabilities in AWS and for corporate. Work with the team to execute and deliver the roadmap.
- Help security architects and engineers to develop security architecture, design, and coding standards across the Justworks applications and infrastructure to promote a standardized set of security requirements, aligning with internal policies and meeting external compliance requirements.
- Work collaboratively with the product engineers to implement enterprise security capabilities into solution architecture
- Drive process improvement and control implementation projects in coordination with the larger Digital Technology team at Justworks.
- Act as a cross-functional tools and services expert, working with engineering and risk teams to build security control requirements
- Perform other related duties as assigned
How You Will Do Your Work
As a Security Engineer, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:
- Good judgment - the exercise of critical thinking, analyzing and assessing problems and implications, identifying patterns, making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership of the outcome.
- Resourcefulness - taking a can-do approach, even in the face of obstacles and constraints by assessing what’s in front of you and effectively and efficiently optimizing what you have, whether it's working on something new or thinking about how to do something better.
- Teamwork and communication - putting our collective best together through documentation, collaboration, relationship-building, listening, empathy, recruiting, and evangelism.
- Influence and leadership - fostering a community of knowledge-sharing, collaboration, mentorship, and forward-thinking.
- Skills and knowledge - the capacity to actively learn and apply specific domain knowledge, know-how, and best practices to continually enhance and improve.
In addition, all Justworkers focus on aligning their behaviors to our core values known as COGIS. It stands for:
- Camaraderie - Day to day you can be seen working together toward a higher purpose. You like to have fun. You’re an active listener, treat people respectfully, and have a strong desire to know and help others.
- Openness - Your default is to be open. You're willing to share information, understand other perspectives, and consider new possibilities. You’re curious, ask open questions, and are receptive to thoughts and feedback from others.
- Grit - You demonstrate grit by having the courage to commit and persevere. You’re committed, earnest, and dive in to get the job done well with a positive attitude.
- Integrity - Simply put, do what you say and say what you'll do. You’re honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example.
- Simplicity - Be like Einstein: “Everything should be made as simple as possible, but no simpler.”
Qualifications
- Minimum of 1 year of experience in security engineering role and working knowledge of information security concepts, common technical security controls, and security design principles, ideally in a SaaS environment
- Experience in security system design, and engineering scalable security solutions in AWS environment
- Experience with at least two of the following: Static Code Analysis, Endpoint Detection and Response, Vulnerability Scanning, Security Incident and Event Management, NextGen Firewall, and Zero Trust implementation.
- Background as a software engineer, or security engineer with experience implementing DevSecOps
- Technical experience with DevOps, Jira, and other agile automation tools
- Strong communication, analytical, and organizational skills
- (Preferred) Security Certifications: CISSP, CISM, CRISC, GIAC, CCSP or CEH
#LI-KY1 #LI-Hybrid
The base wage range for this position based in our New York City Office is targeted at $105,000.00 to $140,000.00 per year.
Actual compensation is based on multiple factors that are unique to each candidate, including and not limited to skill set, level of relevant experience, and specific work location. Salary ranges for positions based in other locations may differ based on the cost of labor in that location.
For more information about Justworks’ Total Reward Philosophy, including all of the perks and benefits we are proud to offer our team members, please visit Total Rewards @ Justworks.
Please Note: We believe Justworks has a responsibility to support efforts to get as many people vaccinated as possible. We’re committed to safeguarding the well-being of our employees, their families and the broader community from the risks associated with COVID-19. Because this position requires onsite work, this position will require the successful candidate to show proof of vaccination against COVID-19. As an equal opportunity employer, Justworks will provide reasonable accommodation to those individuals who are unable to be vaccinated in accordance with its obligations pursuant to applicable federal, state, provincial, and local law.
Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and respected consistently. Diversity in our work, our people, and our product drives creativity and innovation, entrepreneurial leadership and integrity, competitiveness, and collaboration throughout our business and in the market. We depend on our differences to make our team stronger, our workplace more dynamic, and our product accessible to all of our customers.
We’re proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or familial status, disability, pregnancy, gender identity or expression, veteran status, genetic information, or any other legally protected status.
Tags: Agile Application security Automation AWS CCSP CEH CISM CISSP Cloud Code analysis Compliance CRISC Cyber defense DevOps DevSecOps Firewalls GIAC Governance IAM Jira SaaS
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs