Senior Security Engineer

Summary

Join ActivTrak as a Senior Security Engineer and play a vital role in protecting our digital and physical assets. You will implement and maintain security measures, manage compliance programs (SOC2, GDPR, etc.), and provide technical security expertise for sales. Responsibilities include executing our security program, working with cross-functional teams, deploying security technologies, and supporting sales engineers. You will also conduct security assessments, investigate incidents, and collaborate with the product development team. This remote position requires 5+ years of information security experience and hands-on experience with security operations and compliance frameworks. ActivTrak is an equal opportunity employer committed to creating an inclusive environment.

Requirements

• 5+ years experience in information security, with hands-on experience in security operations and compliance frameworks such as SOC2
• Experience implementing and maintaining security tools and controls, including SDLC and GRC tools
• Ability to clearly articulate how our security program addresses customer security requirements
• Strong knowledge of security best practices and technologies, including access control, intrusion detection, and incident response
• Experience with cloud security, specifically in Google Cloud Platform (GCP)
• Ability to identify and implement practical, effective security solutions that balance risk with business objectives
• Strong communication skills with the ability to explain complex security concepts to various stakeholders
• Hands-on experience with security monitoring tools, vulnerability scanning, and security testing
• Understanding of common security frameworks and ability to map controls to compliance requirements
• Experience with automation and scripting for security operations

Responsibilities

• Execute our comprehensive security program, including implementing policies, procedures, and guidelines that align with industry standards and best practices
• Work with cross-functional teams to implement security measures that align with business objectives
• Deploy, maintain, and monitor security technologies, tools, and systems to enhance the organization's security posture
• Support the sales engineers by providing technical expertise on security requirements for potential and existing customers
• Assist in customer-facing sales calls to address specific technical security concerns
• Help develop security presentations and training materials to support internal and customer security objectives
• Conduct daily monitoring, triage, and escalation of security alerts from various security systems
• Validate and document submissions from our Responsible Disclosure program
• Maintain situational awareness of emerging vulnerabilities for our technology stack and escalate as needed
• Conduct scheduled and on-demand security assessments to identify and evaluate potential security risks and assist in developing mitigation plans
• Implement product security features and capabilities in collaboration with the product development team
• Perform scheduled and on-demand vulnerability scanning and penetration testing against networks and applications
• Investigate, triage, and respond to security incidents, ensuring proper documentation and escalation

Preferred Qualifications

Relevant security certifications such as Security+, CISSP, SSCP, GIAC/GSEC, or GCP platform-specific security certifications are preferred

Benefits

• Position is remote within US
• Minimal travel
• Limited physical demands