Super.com is hiring a
Senior Security Engineer

Summary

The job is for a Senior Security Engineer at Super.com, a fast-paced tech company that values its employees and career progression. The role involves ownership and strategic insight into the company's security program, driving DevSecOps initiatives, and acting as a point of contact for security questions and issues.

Requirements

• 5+ years experience in a full-time security role with a broad range of responsibilities
• 1+ year experience working as a software developer, or a relevant education background such as Computer Science indicating experience and comfort with software engineering
• Able to write python scripts
• Experience working with product management, engineers, IT, and non-technical business staff
• Experience framing security problems in business language and building support for security initiatives
• Has implemented shift-left security tools and methods such as SAST, DAST, SCA, Container Security, and DevSecOps initiatives with a focus on CI pipeline integration
• Has proactively achieved on a broad range of security initiatives, spanning infrastructure security, application security, and implementing business controls/policies in the context of modern web applications
• Experienced working with AWS, Terraform, Kubernetes, Linux, and generally popular security tools

Responsibilities

• Be an Owner of security engineering across the company and ensure we identify and mitigate risks early in the development lifecycle
• Leverage experience while providing strategic insights to company security roadmap planning
• Drive DevSecOps and other security initiatives from ideation through design, implementation, deployment, operation, and evangelization
• Act as a trusted point of contact for security questions and issues, particularly as a point of escalation during security-related incidents
• Provide security insights to cross-team technical meetings and discussions, identifying opportunities to improve security processes and engineering productivity
• Interact with external parties on Super.com ’s behalf during vendor selection/negotiation, external audits, contract work such as pen-tests, and bug bounty program communications
• Champion Super.com ’s values, helping the company view core values from a security perspective

Preferred Qualifications

• Familiar with Datadog / Prometheus and best practices around infrastructure and application monitoring
• Past involvement in compliance processes such as SOC2, PCI, SOX, ISO/IEC 27000 series
• Experience at similar stage startups / scaleups
• Experienced owning vendor relationships for security tooling, working with auditors, and interacting with external pen-testers and bug bounty hunters
• Experience with the fintech industry

Benefits

• $75,000 - $155,000 a year
• As part of our compensation philosophy at Super.com we benchmark roles based on geographic location
• We Believe in Equal Opportunity
• Accommodations are available on request for candidates taking part in all aspects of the selection process. If needed, please notify our Talent Acquisition Partner