Sure is hiring a
Staff Security Engineer, Remote - Worldwide

Summary

The job is for a Security Engineer at Sure, a digital insurance platform company. The role involves designing, maintaining, and evolving the security program to protect the company from threats. The ideal candidate has 8+ years of InfoSec experience in a financial or technology startup with specific skills.

Requirements

• 8+ years of InfoSec role in a financial or technology startup
• Experience securing and utilizing cloud infrastructure (AWS, GCP, Azure)
• Experience hardening and monitoring a Kubernetes cluster
• Strong knowledge of web application design, development and testing techniques
• Proficiency in scripting languages, such as Python or Bash
• Self-directed and self-motivated individuals comfortable working with diverse teams
• Experience hardening MacOS and Linux Systems, with strong technical understanding of operating system internals

Responsibilities

• Collaborate with stakeholders across teams, implement and enforce appropriate policies and procedures
• Maintain our security monitoring solutions and make changes when needed to improve visibility or relevancy of alerting
• Work with engineers to provide subject matter expertise and contribute to all aspects of architecture, authentication, system security and software design
• Administer security-related infrastructure and applications, such as intrusion detection/prevention systems, EDR, firewalls and vulnerability scanners
• Automate security processes and infrastructure when possible
• Continuously review the design and efficiency of application security controls and develop a program of continuous security improvement relating to SDLC
• Partner with developers to develop and implement application security standards, patterns and guidelines that support ongoing deliveries
• Conduct research on emerging products, services, and standards in support of security enhancement and development efforts
• Help plan and execute a security roadmap

Preferred Qualifications

• Experience with PCI/SOC2/HIPPA audits is a plus
• Experience implementing security and control frameworks
• 2+ years responding to security incidents

Benefits

• Unlimited PTO
• Mental Health Breaks - company provided meditation app and a weekly wellness hour
• WFH stipend to help you work your best while being remote
• Countless Medical, Dental and Vision plans … we are an insurtech company after all!
• Equity and 401K
• Generous parental leave