Senior Security Software Engineer

Summary

Join Hyperproof as a Senior Security Software Engineer and play a key role in ensuring the security, reliability, and scalability of our cloud platform. Lead the security management and optimization of our cloud-based infrastructure, developing and executing a comprehensive security strategy. Your responsibilities include designing and implementing automated vulnerability scanning, protecting running services, leading threat modeling reviews, and collaborating with cross-functional teams. Maintain security awareness training, participate in risk management, and assist with third-party vendor assessments. This role requires extensive experience in security-focused engineering roles, a strong understanding of security principles, and proficiency in cloud security services and tools. A Bachelor's degree in a related field and a relevant security certification are required. US citizenship is also required.

Requirements

• Extensive experience in security-focused engineering roles, with a focus on managing cloud-based infrastructure in Azure, GCP, or AWS
• Strong understanding of security principles, secure coding practices, vulnerability management, and threat modeling
• Proficiency in cloud security services and tools, such as Azure Security Center, AWS Security Hub, or Google Cloud Security Command Center
• Experience with security automation tools and technologies, including scripting languages like Python, NodeJS, and Bash
• Knowledge of security compliance standards and regulations, including FedRAMP, CMMC, NIST, CIS, GDPR, and other data protection requirements
• Experience with Okta, Auth0, SAML, and other federated identity systems
• Experience working with auditors and penetration testers
• Proven track record of driving innovation, optimizing security performance, and maintaining high-security standards in a production environment
• Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment
• A positive attitude and a willingness to learn, adapt, and grow in a dynamic environment
• Bachelor's degree in Computer Science, Engineering, or a related field (or equivalent experience)
• CISSP/CISM, CCSP, or related security certification
• US citizenship required

Responsibilities

• Develop and execute a comprehensive security strategy
• Design and implement automated vulnerability scanning and static analysis for source code
• Protect running services with multi-level threat detection services
• Lead and review threat models for the Hyperproof application
• Review engineering designs, source code, and system configuration changes to ensure adherence to standards such as SOC 2, FedRAMP, GDPR, NIST, and CIS
• Work closely with IT and the Director of Compliance to uphold the highest security standards across the company
• Collaborate with customer support, sales, and implementation teams to address customer security questionnaires and inquiries
• Maintain security awareness training for the engineering team
• Participate in company-wide risk management
• Assist with third-party vendor assessments
• Represent the engineering team on the cross-company Infosec response team

Benefits

• Annual compensation reviews + equity
• Unlimited PTO: strongly encouraged to unplug and recharge
• Health: coverage for medical, dental, and vision - employee and dependents
• 401K, which vests immediately, complete with a 4% company match
• 12 weeks of Parental leave and 1 year free diapers and wipes with Honest
• Annual company in-person events and quarterly in-person connects
• $500 home office stipend - at the time of hire. Any additional home office needs are requested as needed
• $100 quarterly paid wellness stipend
• Pet insurance discount
• Slack channel notifications turn off after 5 pm based on your time zone
• Two Hypercharge weeks of rest where we close company-wide (July & Dec)