Head of Security

Summary

Join Raya, a technology company focused on building a utility-driven social app, as a Security Engineer. You will be responsible for protecting our organization's information systems and networks. This role requires a deep understanding of security principles and practices, including backend security, third-party package management, vendor security assessments, and threat analysis. We offer a comprehensive benefits package including medical and dental coverage, a food delivery budget, equity-based employment, unlimited vacation, paid parental leave, and a unique travel stipend.

Requirements

• 10+ YOE minimum
• Ample experience doing the below at different companies
• Coding / Software-Engineer with a keen interest in security
• Network Security
• Penetration Testing
• Knowledge of bash scripting, Linux, and operating systems
• Up-to-date knowledge of security trends and exploits in the industry
• Self-starter and effective communicator

Responsibilities

• Ensure the security of our signup and SMS flows
• Implement and review rate limiting for optimal security
• Conduct code audits to identify and rectify potential security vulnerabilities
• Monitor security vulnerabilities in our packages and implement fixes
• Evaluate and maintain the security of our own packages and repositories
• Assess and ensure the security of our setup with vendors like Datadog and Mixpanel
• Implement and maintain security measures for our VPN and managed devices
• Oversee the secure issuance of credentials for applications and operators
• Ensure the proper documentation and security of the credential management process
• Restrict and manage employee email access to prevent phishing attacks
• Stay informed about new attacks and threat models related to our code and infrastructure
• Advocate for appropriate measures to address potential exploits in a prioritized manner
• Designing and developing monitoring and response systems, implementing dependency checks, and working on security scanning tools in the CI/CD pipeline

Preferred Qualifications

• Familiarity with DevOps and cloud technologies (AWS, Kubernetes, Docker)
• Experience with CI/CD like jenkins and github actions
• Experience with security tools like Burb Suite, Kali Linux, Metasploit, Nmap
• Experience with SemGrep, Nuclei, Trufflehog, and Checkov

Benefits

• Comprehensive medical and dental coverage
• $50 a day food delivery budget
• Equity based employment
• A great culture
• Learning opportunities
• Unlimited vacation
• 12 weeks paid parental leave
• $1,000 a year to go somewhere in the world that they’ve never been