SentiLink is hiring a
Security Engineering Lead

Summary

Join our growing team as an experienced Security Engineering Lead to perform technical engineering work while leading the technical aspects of our information security program.

Requirements

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field. Advanced degree preferred
• Minimum of 10 years of experience in information security at a SaaS company, with a focus on InfoSec engineering, governance, and compliance
• Strong experience with FedRAMP compliance. SOC2 and PCI a plus
• Strong technical experience with AWS infrastructure. Kubernetes is a plus
• Proven experience leading and managing information security initiatives, including penetration testing, incident response testing, network firewall reviews, and risk assessments
• Proficient in many and expert in some cybersecurity technologies, IT concepts, strategies and methodologies, as well as security aspects of multiple platforms, operating systems, software, communications and network protocols
• Excellent communication skills, including the ability to convey complex security related concepts to technical and non-technical audiences alike
• Familiarity with current industry trends, threats, and security standards
• Strong problem-solving skills and the ability to work in a fast-paced environment
• Familiarity working in financial services is a big plus
• Candidates must be legally authorized to work in the United States and must live in the United States

Responsibilities

• Implement technical security controls within software systems and cloud environments
• Lead efforts to maintain and/or obtain SOC2, PCI and FedRAMP compliance, including preparing for and managing audits, gathering necessary evidence, and implementing required controls
• Plan, procure, schedule, and lead major security initiatives, including penetration testing, incident response testing, network firewall reviews, and risk assessments
• Review, approve, and update security policy documentation to reflect current practices and compliance requirements
• Evaluate and review technical security control evidence to confirm effectiveness and compliance
• Conduct regular risk assessments and implement strategies to mitigate identified risks
• As a subject matter expert, provide input and direction into the customer due diligence process
• Collaborate with IT and other departments to enhance enterprise security
• Provide training and guidance to staff on security best practices and compliance requirements
• Stay current with the latest industry trends, threats, and security standards

Benefits

• Employer paid group health insurance for you and your dependents
• 401(k) plan with employer match (or equivalent for non US-based roles)
• Flexible paid time off
• Regular company-wide in-person events
• Home office stipend, and more!