Security Engineer
United States (Remote);
Signifyd leads the world in bringing the insights, innovation and compassion required to foster fearless commerce in a time of increasing digital threats. Working with some of the industry’s most recognizable retailers and brands, we are focused on using technology to enhance customer lifetime value and protect enterprises from fraud so they can focus on growing their business.
We process billions in ecommerce transactions annually through our Commerce Network of thousands of merchants selling in more than 100 countries. We focus every day on harnessing machine learning and artificial intelligence in more powerful ways to maximize our customers’ revenue and their security. None of that happens without the right people.
Our team’s strength is in its diversity and its acceptance of new ideas and new ways to look at old challenges. We are dedicated disruptors designing a new world of commerce at scale. We know humans are not one-dimensional and we celebrate the uniqueness each individual brings to the problems we solve and the culture we create.
About this role:
Signifyd is on a mission to defend e-commerce from fraudsters. Our Commerce Protection Platform collects transactions and behavioral data from thousands of merchants in over 100 countries, giving us a high-definition picture of global commerce. Our adaptive machine learning back-end sifts this vast dataset to automate order review and eliminate the worry of fraud for merchants, letting them trust more and grow fearlessly. Our customers' success depends on the Signifyd platform to be always-on, always-fast and always-secure.
We are looking for a Security Engineer to join our global team focused on mitigating threats to our platform and business. You will operate at the front line of risk by identifying vulnerabilities and threats, and partnering with Signifyers across the organization to implement defenses and bake security into our products and processes. This job is an early hire on our Infosec team. As such you will have tremendous influence to shape our security architecture and vision, and you will be directly involved in building our security stack and ISMS operations. You won't find silo working at Signifyd, just lots of smart peeps and a singular focus on improving the status quo.
This role will be focused on solving security challenges through software engineering. You will work side by side with other software developers to bolt robust security controls into our SDLC. You will assess the security of our cloud infrastructure and develop targeted improvements to our infrastructure-as-code patterns. You will own the triage, investigation and resolution of security incidents, enhance our security event detection code, and build chat-ops runbook automation. You will model threats to our services, proactively hunt for threats, and work to eliminate blind spots.
This position is fully remote, based anywhere in the US, and you will be working with a primarily remote team, using a robust set of online collaboration tools. Occasional participation in company on-site events may be required, but these are tentative depending on pandemic restrictions, and all travel and expenses are paid.
About you:
Equal parts security practitioner and code jockey, you are passionate about improving security by writing code and automating away the repetition. You love to dive into complex problems and can develop tactical solutions to guide people, processes and systems to successful outcomes. You can balance classic security-versus-usability tradeoffs (or can avoid them altogether) and have a mature conception of risk. You are conscientious in what you build, write and communicate, and strive to improve the status quo. You thrive when collaborating with others and are eager to extend a helping hand. You keep a watchful eye on the security savannah and can spot threats on the horizon.
Desired Skills:
- You are proficient in at least one programming language and have written software to solve problems in one or more security domains
- You can administer cloud systems from AWS, Azure or another major cloud provider, ideally using an infrastructure-as-code technology
- You have deployed, managed or secured microservice technology stacks running on Kubernetes
- You have experience with DevOps and Agile software development practices
- You have worked with a CI/CD system and understand its relation to change management controls
- You have first-hand knowledge of common software flaws, especially in web applications, and have experience mitigating or working around them
- You have audited complex systems or conducted threat modeling
- You have handled security incidents in a live business environment
- You know your way around a CLI and *nix or BSD systems are second nature to you
Don’t meet all of the above? Let us know in your cover letter. Passion and drive matters to us!
#LI-Remote
Tags: Agile Artificial Intelligence Automation AWS Azure BSD CI/CD Cloud DevOps E-commerce Ecommerce ISMS Kubernetes Machine Learning SDLC Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs