Senior Security Engineer (Remote)
Los Angeles
Super.com
Through rich rewards and everyday savings, Super helps you access more of what you want at better prices, escape overspending, and level up life.We started Super.com to help maximize lives–both the lives of our customers and the lives of our employees– so that everyone can experience all that life has to offer. For our employees, our promise is that Super.com is more than just a job; it’s an opportunity to unlock one’s potential, where learning is celebrated and impact is realized.
We are more than a fast-paced, high-growth tech company; we care about our people and take career progression seriously. This is your career and our aim is to supercharge it through the people, the work, and the programs that fuel who we are.
About This Role
We are looking for a Senior Security Engineer to take significant ownership and provide experienced insight into our security program at Super.com. In this role you will be accountable for helping to define and achieve our security objectives, take ownership over existing security processes, and individually implement new solutions to difficult security challenges. You’ll operate with significant autonomy to identify opportunities, drive DevSecOps initiatives, and implement solutions that leverage technology and automation to scale.
About You
We’re looking for a highly-motivated self starter who shares our excitement for growth and impact. The ideal candidate will be comfortable operating with autonomy and demonstrating strong initiative to drive security outcomes. In addition, you are a strong communicator (both technical and non-technical), interested in continuous learning, and interested in the startup environment with an emphasis on delivering business value. You’ve got the technical depth to independently execute on the roadmap you’ll create, the time management and communication skills to work with technical and non-technical stakeholders, and high standards when it comes to accuracy and thoroughness. Finally, you are highly collaborative, data-driven, scrappy, and want to empower our organization to manage security risks in a way that empowers our teams to deliver secure solutions on time.
Key Challenges
- “Be an Owner” of security engineering across the company and ensure we identify and mitigate risks early in the development lifecycle.
- Leverage your experience while providing strategic insights to company security roadmap planning
- Drive DevSecOps and other security initiatives from ideation through design, implementation (including coding), deployment, operation, and evangelization.
- Act as a trusted point of contact for security questions and issues, particularly as a point of escalation during security-related incidents.
- Provide security insights to cross-team technical meetings and discussions, identifying opportunities to improve security processes and engineering productivity
- Interact with external parties on Super.com’s behalf during vendor selection/negotiation, external audits, contract work such as pen-tests, and bug bounty program communications
- Champion Super.com’s values, helping the company view core values from a security perspective
About You
- 5+ years experience in a full-time security role with a broad range of responsibilities
- 1+ year experience working as a software developer, or a relevant education background such as Computer Science indicating experience and comfort with software engineering
- Able to write python scripts
- Experience working with product management, engineers, IT, and non-technical business staff
- Experience framing security problems in business language and building support for security initiatives
- Has implemented shift-left security tools and methods such as SAST, DAST, SCA, Container Security, and DevSecOps initiatives with a focus on CI pipeline integration
- Has proactively achieved on a broad range of security initiatives, spanning infrastructure security, application security, and implementing business controls/policies in the context of modern web applications
- Experienced working with AWS, Terraform, Kubernetes, Linux, and generally popular security tools
Bonus Points!
- Familiar with Datadog / Prometheus and best practices around infrastructure and application monitoring
- Past involvement in compliance processes such as SOC2, PCI, SOX, ISO/IEC 27000 series
- Experience at similar stage startups / scaleups
- Experienced owning vendor relationships for security tooling, working with auditors, and interacting with external pen-testers and bug bounty hunters
- Experience with the fintech industry
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Accommodations are available on request for candidates taking part in all aspects of the selection process. If needed, please notify our Talent Acquisition Partner.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Automation AWS Compliance Computer Science DAST DevSecOps FinTech Kubernetes Linux Monitoring Prometheus Python SAST SOC 2 SOX Terraform
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs