Security Engineer

September 5

Apply Now

Receive Emails with Similar Jobs

Company Factory

WebsiteLinkedInAll Job Openings

At Company Factory, we create fun Social Media, Social Networking and iphone applications/websites$1. .$1

Social Games • Social Media Stats • Endorsement system

2 - 10

Description

• Design, implement, and manage security measures for the protection of our cloud infrastructure, applications, and data, focusing on both preventative controls and rapid response capabilities. • Collaborate closely with our engineering teams to integrate security practices into the software development lifecycle, including secure coding standards, automated security testing, and secure architecture design. • Stay up-to-date on the latest security threats, vulnerabilities, and mitigation strategies. • Conduct security code reviews to identify and remediate security vulnerabilities. • Develop and implement automated security testing procedures to identify vulnerabilities and risks, recommending and implementing appropriate mitigation strategies. • Respond to security incidents and participate in incident response procedures. • Document security processes, procedures, and best practices. • Lead security awareness and training programs, empowering all team members to recognize and prevent potential security threats.

Requirements

• Minimum 5+ years of experience as a Security Engineer with a focus on product security, with a strong background in securing cloud-based environments (AWS, Azure, GCP) and understanding of Infrastructure as Code (IaC) security practices. • Strong coding skills with proficiency in TypeScript and Python. • Expertise in various security domains such as application security, network security, security operations, and incident response. • Experience with container security (Docker Security, Kubernetes Security). • Familiarity with a wide range of AWS services, including but not limited to VPC, EC2, Lambda, Amazon RDS, and S3. • In-depth knowledge of CI/CD pipeline tools and practices, ideally with experience in GitHub Actions or Jenkins. • Knowledgeable in security compliance frameworks and regulations (e.g., ISO 27001, SOC 2, GDPR) and experience with security assessments and third-party audits. • Proficiency with security tools and technologies, such as firewalls, IDS/IPS, vulnerability scanners, WAF, SIEM, and encryption solutions. • Demonstrated ability to influence security strategies and drive improvements within a team. • The team goes into the office 5 days a week in San Francisco (walking distance to Caltrain).