DurhamRecruiter Since 2001
the smart solution for Durham jobs

Information Security Engineer

Company: Spreedly Inc
Location: Durham
Posted on: February 23, 2021

Job Description:

Spreedly is a rapidly growing, growth private-equity funded digital payments company with headquarters located in downtown Durham, North Carolina. We've developed a high volume, global solution to support our vision that the world is better with a diversified, inclusive, payment ecosystem.-- Our employees help build a culture that values independence, transparency, and collaboration in a digital-first communication environment. We hope you do your best work at Spreedly and find a mature workplace striving to support the ebb and flow of work-life harmony. It's not enough to say"Spreedly takes Information Security Seriously" - a robust Information Security posture is at the fundamental core of what makes Spreedly successful. It's what enables customers to trust us to securely vault 100+ million credit cards and process billions in annual payments annually. Because Information Security is already woven into the fabric of Spreedly operations, much of the day-to-day information security tasks are federated out to those teams for whom security is already embedded into their core offering(think: security groups with Infrastructure, data loss protections with IT, secure software development practices with application engineering). This allows the(smaller) information security team to assume more focused information security responsibilities. To wit, Spreedly is looking for an accomplished information security engineer. For a small company, information security's influence is far reaching and your capabilities match up to these tasks: Vulnerability Management - Setup and administration of internal vulnerability scanning as part of a vulnerability management program. Management of monthly PCI external vulnerability scans through remediation. Security Testing - Coordination of semiannual information security testing with an external vendor; perform internal ad-hoc penetration testing when requested; setup and manage a(likely open source) phishing campaign; participate in table top exercises; eventually develop and execute red-team assessments. Education & Awareness - Facilitate interactive OWASP security training for application developers, create and deliver general purpose security education and awareness materials periodically. Secure Software Development - Perform code reviews of particularly sensitive application components(i.e.: cryptography, credential management, etc..); address and remediate"dependabot" and other SAST-based potential security defects.-- Governance & Oversight - Participate in periodic reviews of security operation duties that are federated out to other groups within Spreedly; participate in the information security council(part of a security governance program). Interfacing with Auditors(PCI, SOC-2, etc..). Incident Response / Threat Intelligence - Continue to hone rulesets and dive deep into the data to provide insights into our adversaries and suggest plans to address a threat before it occurs. Participate in information security incidents.(Spreedly already leverages a managed security provider to deliver 24x7 SOC coverage). Pragmatic Security Advice - Provide consultation and lend expertise in a wide range of topics including strong defense-in-depth models, automating security within the CI/CD pipeline, cloud security best practices, IT risk assessments, customer security questions, etc.. We may hire the right candidate into a Senior Information Security Engineer role, depending on candidate experience & strengths. Yes, we acknowledge that the above list is a tall ask. If you've fancied yourself a generalist security engineer who can"do a little bit of everything", you are most heartedly encouraged to apply. We think the right candidate will have most of the following:

  • Experience with cloud security(AWS preferred)
  • Understanding of security capabilities within a PCI-compliant SaaS organization(i.e.: WAF, Encryption, Identity and Access Management, etc..)--
  • Proficiency in a linux environment and the common security toolsets(nmap, wireshark, burp proxy, kali, etc..)
  • Ability to clearly articulate OWASP Top-10 vulnerabilities and their common mitigations
  • Experience with SIEM and data logging toolsets(Splunk, Datadog, Sumo Logic)
  • A desire to mentor other engineers and foster a collaborative environment to improve our security posture
  • A willingness to be a generalist and dig into new things you've never done before.
  • Excellent written communications, and a track record of documenting your work.
  • A pragmatic, take-action approach but you're open to failing fast and pivoting.
  • An ability to sort out immediate priorities from the ever shifting needs of a rapidly growing organization. What we offer:
    • Outstanding medical and dental benefits(we pay 100% of monthly premiums for employees + families)
    • Life and long-term disability insurance
    • Medical and dependent care FSA
    • Optional vision insurance
    • Open PTO policy
    • 12 weeks paid Family Leave
    • Matching 401k plan (5% up to $5,000 yearly)
    • Monthly digital lifestyle stipend ($150)
    • Professional development opportunities including $3,000 annual stipend and access to LinkedIn Learning When travel and in-office work commences
      • Remote friendly work environment. Even our local employees are remote 3 days per week!
      • Tues./Thurs. are in-office days for local employees - the rest of the week employees are free to work wherever they choose
      • Paid lunches on in-office days for local employees
      • Quarterly visits to HQ for remote employees Spreedly is an equal opportunity employer. We are committed to fostering, cultivating and preserving a culture of diversity, equity and inclusion. We actively work to drive out even unintentional discrimination in our hiring processes via practices like blindly graded work samples, structured interviews, and diversity awareness training. Due to the sensitive nature of what Spreedly does- handling payment data- candidates must complete a successful background check. If you have concerns along those lines, please discuss with us sooner rather than later- we do not want you to waste time in the hiring process and get disqualified at the end if we can help it. Some of our positions are open to remote applicants. If this is the case it will be sited in the job posting just below the position name. Unless otherwise stated, remote positions are open to candidates in the contiguous US only. We are not set up to support remote employees from CA, NY, WA or outside the contiguous US. All applicants must have a US work visa. We appreciate your interest in our company. Because of the high volume of resume flow, we will only respond to those candidates that we think will be a potential fit.

Keywords: Spreedly Inc, Durham , Information Security Engineer, Engineering , Durham, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Engineering Jobs

Network Security Engineer (Firewall Admin)
Description: RESPONSIBILITIES:Kforce has a client in Durham, NC that is looking for a Network Security Engineer Firewall Admin . Summary: You will work with a squad of security professionals who provide 24x7x365 (more...)
Company: Kforce Technology
Location: Durham
Posted on: 02/28/2021

12T Technical Engineer
Description: Technical Engineers pen the plans that lead construction crews to success. As a Technical Engineer in the Army National Guard, you will develop the skills necessary to help build, plan, and repair airstrips, (more...)
Company: Army National Guard
Location: Durham
Posted on: 02/28/2021

Sr. UI- Angular Engineer
Description: Our client is looking for a fulltime/permanent Sr. UI/Angular Engineer. Client can not sponsor at this time.Must have 7 years of development experience. 100 REMOTE is an option for candidates not willing (more...)
Company: DISYS - Digital Intelligence Systems, LLC
Location: Raleigh
Posted on: 02/28/2021

Desk side support Engineer
Description: HiGreetings From TCS,--Hope you are doing great IIf you're interested contact me with below informationRole: Desk side support EngineerLocation: Billerica, MA and Durham, NCDuration: Full TimeJob description:-- (more...)
Company: Tata Consultancy Services
Location: Durham
Posted on: 02/28/2021

Manufactoring Engineer
Description: If you are a passionate, dependable, and technically minded Manufacturing Engineer, I have an exciting opportunity for you Experience
Company: The Richmond Group
Location: Raleigh
Posted on: 02/28/2021

Tire Technician - Truck Care
Description: Job DescriptionReq ID: 215489 Address: 1850 North Mecklenburg Ave South Hill, VA, 23970 Welcome to Love's Where People are the Heart of Our Operation Tire Technician - Maintenance Earn 20 per road call (more...)
Company: loves travel stops e country store
Location: South Hill
Posted on: 02/28/2021

Jr. Test Automation DevOps Engineer
Description: Credit Suisse is a leading global wealth manager with strong investment banking capabilities. Headquartered in Zurich, Switzerland, we have a global reach with operations in about 50 countries and employ (more...)
Company: Credit Suisse
Location: Raleigh
Posted on: 02/28/2021

Service Technician - CDL Required ($2,000 Sign on Bonus)
Description: When you work for AmeriGas, you become a part of something BIG Founded in 1959, AmeriGas is the nation''s premiere propane company, serving over 2 million residential, commercial, industrial and motor (more...)
Company: AmeriGas Propane, Inc.
Location: South Hill
Posted on: 02/28/2021

Remote Full Stack RoR Engineer - RoR, React, TypeScript
Description: We are an extremely fast-growing Computer Software Online Leadership Development with an in-depth knowledge of our industry segment, a broad set of design, development, integration and marketing skills, (more...)
Company: Optello
Location: Raleigh
Posted on: 02/28/2021

Full Stack Engineer
Description: NOT OPEN TO C2C/CORP TO CORP br Location- REMOTE-NC/NH/MA/TXDuration- long termVideo hire br The Skills You Bring---10 years of experience in Java application development using Spring---Proficient (more...)
Company: Compunnel Staffing
Location: Durham
Posted on: 02/28/2021

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Durham RSS job feeds