Lead Security Engineer

Posted on June 10, 2022

Location

Remote
9788

Position Details

Full-Time

Job Summary

Beacon Technologies is seeking a motivated, adaptable Lead Security Engineer who would like to utilize their skill set in a thriving agile-methodology environment. We’re in search of talented people who are inspired by big challenges, driven to learn and grow, and dedicated to making a meaningful difference. Be part of a team where you will lead operational and strategic activities in our client's dynamic IT environment. In addition, you will lead project planning, provide technical leadership and will work within your own area, as well as across functional teams. A key aspect of the role is to emulate real-world attacks, providing a critical component of our client's “Assume Breach” strategy and ensuring readiness against, ransomware determined adversaries and targeted attacks against our client’s digital-customer landscape. You will be responsible to create a threat model framework, maintain up-to-date Security Threat Profiles and assist in remediating gaps and address zero-day remediations. Your threat Intelligence exercises will provide a level of assurance that the system and environment are appropriately configured to resist attack and that the threat profiles are measuring dependent as well as specific systems. The Lead Software Security Engineer will be responsible for integrating and architecting Security tools and automation, creating a cohesive vision across the platform in our shift-left journey. In this role you will create a baseline profile of the target, with the mission to hijack Command and Control from the distributed system. You will routinely collaborate with Architects and contribute to the development of strategic planning for the department as well as communicate clear, concise strategic vision. When leading projects, you will be responsible for holding yourself and others accountable for detail-orientation and will be required to deliver well-tested, secure, interoperable technologies that support company vision and strategy.

About Our Client

Our client is a remote-first organization with remote and hybrid employees aligned to flexible teams from office locations in California, Missouri, Wisconsin and the United Kingdom. Residents of the following United States are invited to apply for remote work opportunities, as these are the locations our client has business licenses: AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, TN, TX, VA, WA and WI.

Responsibilities

  • Lead defining our threat landscape opportunities and threat vectors as it relates to ransomware, lateral movement and the recovery model
  • Work tightly with our BCP/DR Office to validate recovery methods, processes and procedures and their vulnerabilities
  • Lead out the Security Office strategy around BCP requirements based on threats and security intelligence
  • Lead out Forensic and Cyber Security investigation
  • Emphasis will be placed on strategic visioning such as overall design, introducing new technologies, improved metrics, and process improvements as well as tactical that includes developing and reviewing code
  • Lead designs of software components and features
  • Be part of the full application lifecycle (design, develop, test, deploy and maintain), innovating in each step
  • Developing the team using your experiences, at the same time developing yourself by learning from the team experiences
  • Analyze and improve efficiency, scalability and stability of applications while delivering impactful business value
  • Experience with various design and architectural patterns
  • Persuasive, collaborative business acumen with the ability to strategically drive business partners
  • Strong communication skills both written and verbal
  • Initiative, results-oriented drive and a solid work ethic requiring minimal direction
  • Effective analytical, problem-solving and decision-making skills
  • Share responsibility with your teammates for occasional after-hours on-call rotation for support of production level systems
  • Significant individual contributor performing application design and coding while considering all aspects of security
  • Work with OpsEng, Enablement and other Software Development Engineers to assist in providing the tools necessary to analyze and resolve any security related opportunities within a SaaS platform
  • Work across product roadmap initiatives to help product teams to understand how new features could impact our overall security posture
  • Work in active partnership with development teams during operational security reviews providing leadership and security design guidance
  • Analyzing threats and current security controls to identify gaps in current defensive posture.
  • Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats.
  • Ensure that operational, security incident trends and observations are considered with regard to the evolution of the Platform's information security services and capabilities.
  • Work with various design and architectural patterns to incorporate security best practices
  • Design, develop, execute, and maintain complex automated test code, scripts, data, and associated drivers per recognized SDLC methodology.
  • Share responsibility with your teammates for occasional after-hours on-call rotation for support of related security incidents
  • Equal Opportunity Employer/Disability/Veterans

Qualifications

Required:

  • Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
  • Must be at least 18 years of age
  • Minimum, high school diploma or GED
  • For flexible or full remote work from home positions, reliable high speed Internet connection and dedicated work space are required
  • Must be located in AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, TN, TX, VA, WA or WI
  • 10+ years of technology relevant work experience
  • 5+ years as a Security Engineer with at least 5 years of experience in each of the following:
    • Experience in performing Threat model exercises, reporting, threat graphs and zero-day remediations
    • Experience working with developers in remediating code defects
    • Experience in Threat profiling
    • Experience Threat modeling and ethical hacking against a large, distributed environment
    • Experience in responding to all levels of security incidents in a SOC environment
    • Experience in working with network security (penetration testing, VPN, BYOD, IoT, etc.)
    • Experience with multiple cloud providers and their native tools (IAM, security, vulnerability management, etc.)
  • 5+ years of professional experience in application design and development at an enterprise level
  • 5+ years’ experience in a Cloud paradigm, AWS, GCP, Azure
  • 4+ years of experience designing and developing in a microservices environment
  • 8+ years of experience in SQL or NoSQL DB structures, experience with DB migration scripts (SQL Server, MySQL, Mongo)
  • 6+ years of experience with various design and architectural patterns
  • 6+ years of experience architecting and developing large complex applications
  • Experience in an Agile (Scrum or KANBAN) working environment

Preferred:

  • Bachelor’s Degree in computer science, Computer Information Systems, Management Information Systems, or related field of study.
  • Experience utilizing third party identity providers for internal products (Auth0, Okta, JumpCloud, RSA)
  • Experience developing software in a SaaS environment using CI/CD and DevOps methodology
  • Current CISSP, CCSP, CCSK, SSAP, CISCS, or CRISC Certifications
  • Experience with SOC audits and remediations related to endpoint security and application security
  • Experience developing software in a SaaS environment using CI/CD and DevOps methodology
  • Automated test development and execution (for example, REST-assured, Selenium, etc.)
  • Experience working on applications that leverage Service Oriented Architecture (SOA)

Qualified candidates should also possess:

  • Demonstrated ability and examples of keeping current on technology trends
  • Excellent communication and collaboration skills
  • Experience leveraging your influence to drive results at a team and product level
  • Examples of promoting innovative changes at a team or department level
  • Experience leading initiatives or teams from a technical perspective
  • Experience mentoring less experienced engineers
  • Understanding of the shift-left architecture, design and sustainability design methodology

About Beacon Technologies

Are you looking to advance your career in information technology? Beacon Technologies offers career advancement opportunities, extensive training, and excellent benefits including paying for health and dental premiums for salaried employees. In addition to providing interesting opportunities, Beacon Technologies provides that old fashioned, personal touch, so you feel like a part of the Beacon team. Beacon Technologies, Inc is an equal employment opportunity employer with a functioning Affirmative Action Plan.