Senior Security Engineer
Weave - Headquarter
Weave supports small business owners by providing an all-in-one platform to help them communicate with, and grow their customer base. With Weave’s complete business toolbox, small businesses can streamline their communication, payments and marketing - all from one place - and continually provide a phenomenal customer experience.
At the core of Weave’s growth are our people. We are passionate about providing an amazing workplace for talented people who demonstrate our core values: Hungry, Creative, and Caring. In 2019, Weave received several significant awards, including the Fortune 100 Best Companies, Forbes Cloud 100, and Inc. 5000 fastest-growing companies.
Don’t believe us? Check out why our employees, their families, and our 20,000+ customers love Weave - Our Story or head to our Instagram page @workatweave to see what our employees are up to.
Weave’s security program is built to earn and maintain the trust of Weave’s customers, detect (and gracefully respond to) security incidents, and protect Weave against attacks. Weave is seeking to hire an experienced Senior Security Engineer to lead Weave’s security engineering and security operations programs, reporting directly to Weave’s Chief Information Security Officer.
Weave’s Senior Security Engineer will--in partnership with all of Weave’s technology and engineering teams throughout the company--develop, execute, and operate a scalable and effective security engineering and operations program. In this role, the Senior Security Engineer will evaluate, deploy, and operate security technology to identify incidents, instances of non-compliance with good security practices for cloud providers, workstation configurations, server configurations, and container use.
The right candidate will have experience building relationships of trust with technical team members, experience deploying, tuning, and reviewing output produced by security tools. They must understand their role in identifying risks, mitigating risks, and protecting the customer experience against threats that might compromise the integrity, availability, and confidentiality of customer data. They must possess a healthy level of urgency towards and passion for employing good security practices at Weave.
- Collaborating closely with technology and engineering team members to identify security risks.
- Acutely identifying vulnerabilities introduced intentionally or unintentionally as part of operating our SaaS and other environments.
- Deploying, tuning, triaging, and reviewing output produced by security tools including, but not limited to, vulnerability scanners, cloud compliance and event monitoring tools, intrusion detection systems, container security monitoring, server and endpoint security configuration and monitoring tools.
- Shepherding the inclusion and operation of such tools in Weave’s technology operations.
- Holding team members accountable to timelines for mitigating identified security risks at all layers of the technology stack.
- Engaging with third party penetration testing organizations to facilitate effective security tests against Weave and its products.
- “Spidering” the organization--turning over rocks to identify untreated security risks.
- Providing training to team members to build confidence in securely operating our technology.
- Enhancing the awareness in good security practices throughout the organization.
- Acting as the resident security subject matter expert for all team members to engage for advice and guidance.
- Working closely with technology operations team members to deliver secure experiences to our customers.
- Defining measurable outcomes and maintaining focus on those outcomes throughout the execution of the security roadmap.
What we are looking for:
- A deep understanding of cloud, container, system, workstation, and network security practices.
- The demonstrative capability to do the responsibilities described above.
- A strong desire to work at Weave because you are interested in our products, what we are working on, and who you will be working with.
- A track record of achievements in your past roles and companies.
- Demonstrated history of securing SaaS products.
- Ability to remove ambiguity and distill what matters and what doesn’t.
- A sense of humor and ability to have fun while working hard!
- Have 8+ years experience as a full-time security engineer.
- Possess willingness to go “Mr. Robot” on all Weave systems, processes, and organizations to help identify meaningful and exploitable risks.
- Demonstrate strong integrity so as to not compromise the trust of Weave customers.
- Ability to operate security tools to identify, assess, prioritize, remediate, and monitor the security of Weave systems.
- Experience working with security operations analysts to help more effectively identify nefarious activity performed by hackers.
- Have experience building, deploying, operating, monitoring, triaging results from, and tuning the following security technologies:
- vulnerability scanners,
- intrusion detection systems,
- configuration management monitoring tools,
- AWS’ GuardDuty service,
- AWS’ Trusted Advisor service,
- GCP Security Center,
- security advisories produced by reputable organizations, and
- logging platforms hosting network, server, database, web application, and AWS logs.
- Have experience creating meaningful log-based security alerts.
- Have utilized various industry-recognized technology hardening standards to securely configure operating systems, databases, network devices, and other technology components.
- Possess strong understanding of AWS and GCP and core services provided by AWS and GCP.
- Have a strong working knowledge of Linux, Windows, and other common compute technologies.
- Possess understanding of good security practices.
- Demonstrate strong, effective communication skills--both written and verbal.
- Medical, Dental, and Vision
- Financial Planners
- Flexible PTO
- Family Friendly (Family activities)
- New office with amenities
- Free Haircuts (Onsite Salon)
- Generous maternity/paternity policy
- Commuter benefits (UTA Pass)
- Flexible schedules (currently working from home due to Covid-19)
- Weave’s in-house coaching initiative: Help clarify goals, gain self-awareness, commit to action steps, etc.
- Career growth opportunities in hyper-growth company
More Information Security position highlights
- Explore open Information Security Architect Jobs
- Explore open SOC Analyst Jobs
- Explore open Threat Intelligence Response Analyst Jobs
- Explore open Senior Penetration Tester Jobs
- Explore open Staff Security Engineer Jobs
- Explore open Information Security Officer Jobs
- Explore open Vulnerability Analyst Jobs
- Explore open Software Security Engineer Jobs
- Explore open Threat Intelligence Analyst Jobs
- Explore open Infrastructure Security Engineer Jobs
- Explore open Computer Network Defense & Incident Response Analyst - Mid to Senior Level Jobs
- Explore open DevOps Security Engineer Jobs
- Explore open Senior Information Security Engineer Jobs
- Explore open Chief Information Security Officer Jobs
- Explore open IAM Engineer Jobs
- Explore open Computer Forensic Software Engineer Jobs
- Explore open Staff Engineer, Cloud Security Jobs
- Explore open Manager, Cybersecurity and Trust Jobs
- Explore open Sr. Software Engineer - Detection Engineering Jobs
- Explore open Cybersecurity Analyst Jobs
- Explore open Cybersecurity Engineer Jobs
- Explore open Personnel Security Officer Jobs
- Explore open Engineering Manager - Information Security, Bangalore Jobs
- Explore open Senior Information Security Analyst Jobs
- Explore open Cyber Threat Analyst Jobs
- Explore open CEH-related jobs
- Explore open Clearance-related jobs
- Explore open Audits-related jobs
- Explore open Open Source-related jobs
- Explore open Forensics-related jobs
- Explore open PCI-related jobs
- Explore open IDS-related jobs
- Explore open Risk management-related jobs
- Explore open NIST-related jobs
- Explore open Ruby-related jobs
- Explore open OSCP-related jobs
- Explore open Machine Learning-related jobs
- Explore open Splunk-related jobs
- Explore open AI-related jobs
- Explore open Google-related jobs
- Explore open IPS-related jobs
- Explore open Security assessments-related jobs
- Explore open Threat detection-related jobs
- Explore open Unix-related jobs
- Explore open Encryption-related jobs
- Explore open Docker-related jobs
- Explore open DNS-related jobs
- Explore open PowerShell-related jobs
- Explore open TCP/IP-related jobs