Вакансии в ИБ | infosec
@infosec_work
Staff Security Engineer.
Location: #San_Francisco (Remote).
Salary: $200,000 to $220,000.
Employer: Pomelo Care.
Responsibilities:
• Lead and execute critical cybersecurity initiatives, spanning areas like IAM/RBAC, Application Security, Cloud Security, Endpoint Security, CI/CD and supply chain security, SAST/DAST tooling, penetration testing, bug bounty management, Incident Response, DFIR and SaaS security;
• Develop and implement security solutions and frameworks that proactively mitigate risks and address evolving threats;
• Collaborate cross-functionally with engineering, product, compliance and executive teams to drive adoption of security best practices;
• Own and continuously improve secure software development lifecycle (SDLC) processes and tools;
• Serve as a subject matter expert and mentor, guiding and educating teams on cybersecurity principles, secure coding and threat modeling;
• Participate directly in incident response activities, investigations and post-incident analysis;
• Demonstrate humility, entrepreneurial spirit, strong communication skills and comfort contributing to a dynamic, cross-functional environment.
Requirements:
• 10+ years of hands-on experience in cybersecurity with a robust software engineering foundation;
• Direct hands-on expertise in at least 2-3 key security areas (IAM, Application Security, Cloud Security, CI/CD security, Incident Response, etc.);
• Curiosity and openness to learn new cybersecurity domains that may not be familiar;
• Direct experience working in some parts of the full technology stack including Google Cloud Platform (GCP), Kotlin, React/Next.js, Swift, Expo, XCode, Android Studio, yarn, npm, Code Build, among others;
• Previous cybersecurity experience within healthcare environments and startups, demonstrating familiarity with regulatory frameworks (e.g., HIPAA) and supporting security certifications such as SOC 2 Type 2 and HITRUST;
• Strong technical background including full stack software development, system architecture and security fundamentals such as PKI, SAML, JWT, HMAC as well as MITRE ATT&CK and D3FEND frameworks and OWASP top ten mitigations;
• Proven ability to thrive in agile environments, adapting quickly and wearing multiple hats to help scale security programs;
• Strong problem-solving skills, excellent communication abilities, and a collaborative mindset;
• Relevant industry certifications (e.g., CISSP, CISM, CCSP) are highly desirable. OSCP is a big plus;
• Exceptional communication skills and the ability to convey complex security concepts to non-technical stakeholders.
Apply.
#Удаленка #ИБ
Location: #San_Francisco (Remote).
Salary: $200,000 to $220,000.
Employer: Pomelo Care.
Responsibilities:
• Lead and execute critical cybersecurity initiatives, spanning areas like IAM/RBAC, Application Security, Cloud Security, Endpoint Security, CI/CD and supply chain security, SAST/DAST tooling, penetration testing, bug bounty management, Incident Response, DFIR and SaaS security;
• Develop and implement security solutions and frameworks that proactively mitigate risks and address evolving threats;
• Collaborate cross-functionally with engineering, product, compliance and executive teams to drive adoption of security best practices;
• Own and continuously improve secure software development lifecycle (SDLC) processes and tools;
• Serve as a subject matter expert and mentor, guiding and educating teams on cybersecurity principles, secure coding and threat modeling;
• Participate directly in incident response activities, investigations and post-incident analysis;
• Demonstrate humility, entrepreneurial spirit, strong communication skills and comfort contributing to a dynamic, cross-functional environment.
Requirements:
• 10+ years of hands-on experience in cybersecurity with a robust software engineering foundation;
• Direct hands-on expertise in at least 2-3 key security areas (IAM, Application Security, Cloud Security, CI/CD security, Incident Response, etc.);
• Curiosity and openness to learn new cybersecurity domains that may not be familiar;
• Direct experience working in some parts of the full technology stack including Google Cloud Platform (GCP), Kotlin, React/Next.js, Swift, Expo, XCode, Android Studio, yarn, npm, Code Build, among others;
• Previous cybersecurity experience within healthcare environments and startups, demonstrating familiarity with regulatory frameworks (e.g., HIPAA) and supporting security certifications such as SOC 2 Type 2 and HITRUST;
• Strong technical background including full stack software development, system architecture and security fundamentals such as PKI, SAML, JWT, HMAC as well as MITRE ATT&CK and D3FEND frameworks and OWASP top ten mitigations;
• Proven ability to thrive in agile environments, adapting quickly and wearing multiple hats to help scale security programs;
• Strong problem-solving skills, excellent communication abilities, and a collaborative mindset;
• Relevant industry certifications (e.g., CISSP, CISM, CCSP) are highly desirable. OSCP is a big plus;
• Exceptional communication skills and the ability to convey complex security concepts to non-technical stakeholders.
Apply.
#Удаленка #ИБ
? 3
19 2.6K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram