Principal Security Engineer
Remote/United States
Formstack
Capture data, generate documents, and collect digital signatures with easy-to-use workflow automation software. Learn how Formstack can help you now.Who You AreYou have high attention to detail and are motivated to learn how to improve our security posture by breaking large projects into manageable chunks to make them easier to work on and consume. You can identify roadblocks, maybe not always fix them, but you can call them out so the team can put their heads together to find a proper solution. You know how to find small wins in large projects that can take considerable time to accomplish by setting measurable goals and prioritizing work(also, shifting priorities when needed).
What You Will Do
- Architects and designs security controls
- Implements, maintains, and operates security controls as part of a team
- Work with the DevOps team to share responsibility for implementing security-related changes
- DevOps provides the tools to perform this work and can assist with it
- Analyzes trends, news, and changes in threat and compliance environment with respect to organizational risk
- Advises organization management and develops and executes plans for compliance and risk mitigation
- Assist with compliance and compliance audits
How You Will Succeed
- You will direct and help drive the strategic technical security roadmap and have a strong vision for where the organization can improve in the future
- Work closely with DevOps and the Information Security team to prioritize and share workload between the three teams where appropriate
- Find and document potential security risks, including priority, risk, and mitigation
- Use software and automated tools to identify security vulnerabilities
- Mentor other team members
- Enjoys actively searching for problems and discussing their findings with other team members
- Travel (<10%) for team meetups, conferences, etc.
- On-call but only for rare security occurrences
- We will protect your time as we provide the flexibility you need to succeed
What We Are Looking For
- Excellent communication skills
- Ability to prioritize tasks
- Not afraid to ask questions and set priorities for yourself
- A team player who excels in highly collaborative environments
- Must be fluent in written and spoken English
- 10+ years of experience in identifying security issues and risks, developing mitigation plans
Bonus Points
- Security Qualifications
- Experience with Terraform
- Experience with configuration management such as Ansible, Chef, Puppet, etc.
- Familiarity with SQL, PHP, Node.js, Java
- Salary Range: $150,000 - $200,000 USD/year
- Plus a potential annual bonus of up to 10% of the salary.
- This is a target starting cash range for a candidate who meets the minimum qualifications for this role. The final cash pay for this role will depend on a variety of factors, including a specific candidate’s experience, qualifications, skills, and projected impact.
- ***This is a remote position***
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every qualification. Formstack is dedicated to building a diverse, inclusive, and authentic workplace. if you’re excited about this role, but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Formstack is an equal-opportunity employer. We are passionately committed to equitable hiring and boldly dedicated to diversity in our work and staff. We do not discriminate in employment opportunities or practices based on actual or perceived race, color, religion, national origin, sex (including pregnancy, childbirth, or related conditions), age, marital status, sexual orientation, gender identity or expression, veteran status, uniform service member status, disability or any other characteristic protected by law. Women, people of color, bilingual and bicultural individuals, LGBTQ+ persons, and people with disabilities are encouraged to apply.
All data collected in our application process, from resume collection to application questions, is used for recruitment purposes only. We will store it in our applicant tracking system, Lever, and will not share this data with anyone else. We will keep your data until the role is filled and only continue to store it if we feel you may fit future roles.
Tags: Ansible Audits Compliance DevOps Java Node.js PHP Puppet SQL Terraform Vulnerabilities
Perks/benefits: 401(k) matching Career development Competitive pay Conferences Flex vacation Health care Insurance Salary bonus Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs