πŸ“ˆ Open Startup
RSS
API
Post a Job

get a remote job
you can do anywhere

280 Remote Infosec Engineer Jobs at companies like Scratch Financial, Contrast Security and Elastic last posted 5 days ago

280 Remote Infosec Engineer Jobs at companies like Scratch Financial, Contrast Security and Elastic last posted 5 days ago

Get a  email of all new remote Infosec + Engineer jobs

Subscribe
×

  Jobs

  People

πŸ‘‰ Hiring for a remote Infosec + Engineer position?

Post a Job - $299
on the πŸ† #1 remote jobs board

This week


Scratch Financial

Cyber Security Engineer


Scratch Financial


infosec

engineer

infosec

engineer

5d

Apply


Stats (beta): πŸ‘ 730 views,✍️ 65 applied (9%)
{linebreak}What we're building{linebreak}{linebreak}Scratchpay provides pet parents with simple friendly payment plans. We help pet parents to provide the care their pets need, easing the financial barrier. We are growing fast in the veterinary space and Veterinarian, Pet owners and pets across the US and Canada love us! Come help us help more pets!{linebreak}{linebreak}{linebreak}About the position{linebreak}{linebreak}This position is about building the Scratchpay's ecosystem and securing it. It is about providing pet parents and clinics with the payment solution they need and working really hard in the background to protect their data, without them even worrying about it. It's about giving the business what it needs to grow safely, smoothly, and with as little surprises as possible when it comes to data and operational cyber security. {linebreak}{linebreak}It's also about working with the engineering and operational teams to research, design, implement, deploy and maintain the best tools and practices there are to achieve our goal and mission and train all teams to make the best of it.{linebreak}{linebreak}This is about pushing the edge of what has been done in Finance and Lending to build a scalable platform that can serve all-the-pets. However many (but the more the merrier). This is about working with a brilliant team that's been growing from 0 to 1 in 3 years and that is helping pets in all states in the US and Canada.{linebreak}{linebreak}This job is for you if you recognize yourself in this:{linebreak}{linebreak}{linebreak}* I am a good mind{linebreak}{linebreak}* I can think for myself{linebreak}{linebreak}* I am critical of myself and others{linebreak}{linebreak}* I am always respectful{linebreak}{linebreak}* I ask questions when needed{linebreak}{linebreak}* I can understand the boundaries but have a lot of fun within them{linebreak}{linebreak}* I take my work seriously and never let down people{linebreak}{linebreak}* I work hard because I want to do the best that I can right now{linebreak}{linebreak}* I always observe and reflect on how to do better tomorrow{linebreak}{linebreak}* I like animals{linebreak}{linebreak}* I want everyone to be and feel safe{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About you{linebreak}{linebreak}Ideal Location: Europe (Portugal / Mid/Eastern Europe){linebreak}{linebreak}Ideal Experience: 3-5+ years{linebreak}{linebreak}Ideal Background: Security consultant or working in Cyber Security at a Security Start-up, Financial start-up or data provider company{linebreak}{linebreak}{linebreak}Requirements{linebreak}{linebreak}{linebreak}* Bachelor’s degree in IT security or similar competency, with CISSP, CISA, CIS strongly preferred{linebreak}{linebreak}* Experience in the IT Field with at least 3 years emphasis on security{linebreak}{linebreak}* Experience planning, researching, and developing security policies, standards, and procedures{linebreak}{linebreak}* Experience developing and managing Business Continuity, Disaster Recovery, and Incident Response Plans and associated training programs{linebreak}{linebreak}* Experience with Next Gen security design and management{linebreak}{linebreak}* Solid network knowledge focusing on security{linebreak}{linebreak}* IDS monitoring and management including building necessary reports and alerts{linebreak}{linebreak}* Proficient in auditing and testing security{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}You will:{linebreak}{linebreak}{linebreak}* Implement advanced network threat protection tools{linebreak}{linebreak}* Manage IDS/IPS, SIEM, and EPP{linebreak}{linebreak}* Assist with Security Information and Event Management implementation{linebreak}{linebreak}* Assist with all security issues{linebreak}{linebreak}* Assist with web security gateway/internet proxy implementation and tuning{linebreak}{linebreak}* Research security issues, 0-day attacks and vulnerabilities and define remediation plans through risk ranking and scoring{linebreak}{linebreak}* Analyze threat intelligence, and serve as a SME for enterprise security operations{linebreak}{linebreak}* Monitor all security logs and events{linebreak}{linebreak}* Generate daily, weekly and quarterly reports that will be presented to manager{linebreak}{linebreak}* Create, implement and work in collaboration with the teams (DevOps, SysOps, Engineering, Operations) new initiative using security best practices{linebreak}{linebreak}* Perform internal pen-test and phishing attacks and trainings, coordinate quarterly independent pentesting{linebreak}{linebreak}* Mitigate security lapses found by external security company during vulnerability assessments and pen-tests and train users on security aspects in regard to any necessary IT security topic.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}How to know if you are a good fit?{linebreak}{linebreak}Ideal Competencies{linebreak}{linebreak}Legend:{linebreak}{linebreak}{linebreak}* + = desirable{linebreak}{linebreak}* ++ = strongly desirable{linebreak}{linebreak}* ! = required{linebreak}{linebreak}* !! = strongly required{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Competencies{linebreak}{linebreak}{linebreak}* Operational Strength{linebreak}{linebreak}{linebreak}{linebreak}* Accuracy (!!){linebreak}{linebreak}* Devotion to quality (!!){linebreak}{linebreak}* Planning (++){linebreak}{linebreak}* Presenting (+){linebreak}{linebreak}{linebreak}{linebreak}* Interpersonal Strength{linebreak}{linebreak}{linebreak}{linebreak}* Adaptability (!){linebreak}{linebreak}* Cooperation (!!){linebreak}{linebreak}* Creating Support (+){linebreak}{linebreak}* Listening Skills (!){linebreak}{linebreak}* Providing Feedback (!){linebreak}{linebreak}* Social Skills (+){linebreak}{linebreak}{linebreak}{linebreak}* Personal Strength{linebreak}{linebreak}{linebreak}{linebreak}* Assertiveness (++){linebreak}{linebreak}* Drive (++){linebreak}{linebreak}* Flexibility (!!){linebreak}{linebreak}* Initiative (!){linebreak}{linebreak}* Integrity (!!){linebreak}{linebreak}* Personal Development (!){linebreak}{linebreak}* Willingness to change (!){linebreak}{linebreak}{linebreak}{linebreak}* Conceptual Strength{linebreak}{linebreak}{linebreak}{linebreak}* Analysing and forming opinions (!!){linebreak}{linebreak}* Helicopter View (+){linebreak}{linebreak}* Innovating (++){linebreak}{linebreak}* Situational Awareness (!){linebreak}{linebreak}* Strategic Insight (!!){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}In other words, you will have to:{linebreak}{linebreak}{linebreak}* Have empathy;{linebreak}{linebreak}* Understand the position of others is critical. It is necessary to navigate through communication, mitigation and the culture{linebreak}{linebreak}* Be independent;{linebreak}{linebreak}* Yet know when to raise a point or ask for a clarification or escalate a potential issue{linebreak}{linebreak}* Communicate;{linebreak}{linebreak}* Speak your mind and expect others to. Engage in respectful and mindful conflict. Quality > quantity;{linebreak}{linebreak}* Know your stuff and know what you don't know;{linebreak}{linebreak}* Understand that no one is perfect but everyone can learn if they chose so. Be humble enough to know your weaknesses. Be open minded and hard working enough to be able to fix them;{linebreak}{linebreak}* Take constructive critics;{linebreak}{linebreak}* Ask yourself "how to know if I'm wrong?". You may not, but not challenging your thinking is unhealthy. We challenge each other a lot @Scratchpay;{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Our culture{linebreak}{linebreak}We care about the human aspect of work and we expect others to. Excellence is also an important keyword @ Scratchpay. While everyone makes mistakes, we learn from them. We are conscious about efficiency and effectiveness in the positive way. We don't do things that bring low-to-no value short or long term. We also do hard things that bring a lot of value. Quality, attention to detail and respect are some of the traits you must have and expect others to have.{linebreak}{linebreak}The good{linebreak}{linebreak}{linebreak}* We are a team of dedicated, hard working, friendly individuals{linebreak}{linebreak}* We move fast, sometimes break things with measure, we give a second chance{linebreak}{linebreak}* We give constructive feedback, we challenge each other{linebreak}{linebreak}* We are open-minded and we care for each other{linebreak}{linebreak}* Everyone is striving towards excellence. Mediocrity isn't our cup of tea. But we always work hard to help those that are willing to get there!{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}The bad{linebreak}{linebreak}{linebreak}* Everything goes fast and the ultimate goal is to move the business fast. There can be disconnects in the communication at times. We all need to navigate through this and push whenever it is critical to do so.{linebreak}{linebreak}* We are open-minded but things need to be moving forward.{linebreak}{linebreak}* We say what we have to. So expect to hear some unpleasant - but true - things sometimes. Don't hesitate to argue back - with respect - if you disagree.{linebreak}{linebreak}* Like any startup, It can be a mess some days. You also will likely have to do things that aren't in your scope sometimes. Part of the fun, right? ;){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}The most important is: We are always looking at improving. All the time, step by step. If you feel mediocre and don't see a path to improvement or can't listen to others' voice to, please do not apply.

See more jobs at Scratch Financial

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Full Stack Engineer


Contrast Security


full stack

engineer

infosec

full stack

engineer

infosec

6d

Apply


Stats (beta): πŸ‘ 959 views,✍️ 89 applied (9%)
{linebreak}Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyber attacks. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate analysis and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has intelligent agents that work actively inside applications to prevent data breaches, defeat hackers and secure the entire enterprise from development, to operations, to production.{linebreak}About the Position{linebreak}Contrast is looking for a full stack enthusiast proficient in front-end technologies such as ReactJS and AngularJS and server-side API development written in Java/Spring interested in pursuing a life changing experience in the field of application security and continuous delivery. We are an exciting, young team that is growing leaps and bounds each month.{linebreak}{linebreak}This team is tasked with the unique opportunity to advance our runtime and pre-compile code analysis capabilities. This includes providing enhanced techniques to improve the accuracy, findings and reporting of code analysis. It will also include driving and leading the next generation of product and offerings to make the Contrast platform the choice for code analysis tools among developers and security professionals.{linebreak}{linebreak}Ideal candidates have a background building highly scalable and responsive Single Page Applications (SPAs) using ReactJS, CSS/Bootstrap, visualization libraries such as D3, HighCharts or AMCharts, as well as other SVG based visualization plugins. We write a lot of GraphQL to interact with our REST layer to improve performance and data interaction.{linebreak}{linebreak}Our engineering team has a strong spirit of entrepreneurship. Every member of the team has joined us over our 5 year history because he/she wants to be part of a high-performing team and go through the startup experience. We look for candidates that share similar goals and beliefs about the work and the team they want to be a part of.{linebreak}{linebreak}{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}* Build and maintain highly scalable server-side UI processes for the purpose of data collection, manipulation, data pruning, trending and analytics{linebreak}{linebreak}* Build web-based interfaces and applications and contribute to our platforms, style guide, APIs and libraries.{linebreak}{linebreak}* Design and development of a rich user interface for mission critical high-availability analytics application using front end technologies like TypeScript, Javascript, ES6, HTML, CSS, SASS, and D3.{linebreak}{linebreak}* Experience with at least one of the following frameworks: AngularJS, Backbone.js, ReactJS, Ember.js{linebreak}{linebreak}* Execute performance analysis and optimization of page render, data transfers and page load optimizations.{linebreak}{linebreak}* Participate in constant collaboration with teammates in the form of pair programming, group code reviews and pull requests prior to commit.{linebreak}{linebreak}* Work with design and product teams to build amazing, jaw-dropping features.{linebreak}{linebreak}* Give back to the Open Source Community whenever humanly possibly.{linebreak}{linebreak}* Work hand-in-hand with our Product Managers, UX/Designers and Customers on each feature and improvement.{linebreak}{linebreak}* Deploys: our engineers deploy multiple times a day to our AWS infrastructure.{linebreak}{linebreak}* On-call rotation: every member of the team, including the VP of Engineering participates in the on-call rotation.{linebreak}{linebreak}* Technical support: Our engineers don't just release code in the wild. When our customer have issues, we have to jump in and give them help.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About You{linebreak}{linebreak}{linebreak}* You can join us in our amazing office in the Fells Point neighborhood of Baltimore.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You have experience working in Java/Spring or Python/Flask to design and implement robust and scalable APIs.{linebreak}{linebreak}* Stellar visual skills and attention to detail.{linebreak}{linebreak}* You have extensive HTML5, CSS3 (Less), and JavaScript Framework (ReactJS) experience.{linebreak}{linebreak}* Experience with TypeScript and GraphQL.{linebreak}{linebreak}* Have an eye for quality and have an interest in using tools/frameworks like Enzyme, Prettier, ReactTestRenderer, Jest, JUnit, StoryBook, etc...{linebreak}{linebreak}* AWS Services: S3, EC2, CloudFront, Lambda.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* Your code is clean, your designs are elegant and you are constantly refactoring.{linebreak}{linebreak}* Multiple years experience working in Enterprise or Commercial Software development.{linebreak}{linebreak}* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What We Offer{linebreak}{linebreak}{linebreak}* Competitive compensation package (salary + equity){linebreak}{linebreak}* A fun and dynamic environment where you work with other like minded people on products which make a real difference to the security of our customers{linebreak}{linebreak}* In-office lunches{linebreak}{linebreak}* Medical, dental and vision benefits{linebreak}{linebreak}* Flexible paid time off{linebreak}{linebreak}* 401K{linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

This month


Contrast Security

Senior .NET Software Engineer


Contrast Security


dev

senior

engineer

infosec

dev

senior

engineer

infosec

13d

Apply


Stats (beta): πŸ‘ 1,641 views,✍️ 118 applied (7%)
{linebreak}About the Opportunity{linebreak}{linebreak}At Contrast, our goal is the make the Internet safer day by day. We are always interested in meeting talented and creative technologists who share this goal. We’ve built some amazing technology thus far and are shaking up the way the world looks at application security. We know that our products can get better with new voices and ideas.{linebreak}{linebreak}Contrast is looking for a talented .NET application developer to join our team, engineering a world-class instrumentation agent for analyzing the security of Microsoft web applications. An ideal candidate is proficient in ASP.NET, C#, and C++. Ideally, we would love for you to have an interest or experience in Azure, as well as experience or curiosity with .NET Core.{linebreak}{linebreak}{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}* Build many variations of simple to complex web applications using ASP.NET and .NET Core for our instrumentation agent to analyze to detect security vulnerabilities at run-time.{linebreak}{linebreak}* Contribute to the development of our instrumentation agent written in C# and C++.{linebreak}{linebreak}* Support traditional ASP.NET apps and more modern .NET Core apps on Windows/Linux.{linebreak}{linebreak}* Perform forensic investigations when the agent negatively impacts the performance of functionality of instrumented web applications.{linebreak}{linebreak}* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.{linebreak}{linebreak}* Be a team player. You love to work with others to find the right solutions.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About You{linebreak}{linebreak}{linebreak}* You love to code.{linebreak}{linebreak}* You have experience working on a remote team and don't mind the occasional trip to Baltimore, MD to meet up with teammates a few times a year.{linebreak}{linebreak}* Experience with at least one ASP.NET Framework (WebForms, MVC, WCF, Web API) and .NET Core web applications.{linebreak}{linebreak}* Experience with C# and C++.{linebreak}{linebreak}* Comfortable working in both a Windows and Linux operating systems.{linebreak}{linebreak}* Comfortable working with Azure DevOps for continuous integration.{linebreak}{linebreak}* Strong understanding of Microsoft IIS for configuration and deployment purposes.{linebreak}{linebreak}* Knowledge of the .NET development ecosystem.  Experience with popular .NET libraries such as Entity Framework, Dapper and Unity.{linebreak}{linebreak}* Experience deploying web applications to Azure services such as Azure VMs, Azure Web Apps, Service Fabric, SQL Server and Azure Networking Services.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What We Offer{linebreak}{linebreak}{linebreak}* Competitive compensation{linebreak}{linebreak}* Medical, dental, and vision benefits{linebreak}{linebreak}* Flexible paid time off{linebreak}{linebreak}* Daily in-office lunches{linebreak}{linebreak}* 401K{linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

Last 30 days


Auth0

Product Security Engineer


Auth0


infosec

product manager

engineer

exec

infosec

product manager

engineer

exec

1mo

Apply


Stats (beta): πŸ‘ 2,966 views,✍️ 52 applied (2%)
Auth0, a global leader in Identity-as-a-Service (IDaaS), provides thousands of enterprise customers with a Universal Identity Platform for their web, mobile, IoT, and internal applications. Its extensible platform seamlessly authenticates and secures more than 2.5B logins per month, making it loved by developers and trusted by global enterprises. Auth0 has raised more than $110 million to date and continues its global growth at a rapid pace. We are consistently recognized as a great place to work based our outstanding leadership and dedication to company culture, and are looking for the best people to join our incredible team spread across more than 35 countries!{linebreak}{linebreak}Auth0 is a security company and Auth0's Security organization is in the privileged position of supporting a security-first culture for a company that wants to make the Internet safer. The Product Security team mission is to ensure that Auth0 products are as secure as our customers trust them to be. We partner closely with our Engineering and Product teams to embed security into every stage of the product life cycle.{linebreak}{linebreak}We are looking for a Product Security Engineer with a passion for both building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}In this role you will:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Provide security guidance to Engineering and Product teams{linebreak}{linebreak}* Build threat models and conduct risk assessments for new features and services{linebreak}{linebreak}* Perform design and code reviews (lots of them!){linebreak}{linebreak}* Identify, triage, resolve, and manage security vulnerabilities identified in Auth0 products{linebreak}{linebreak}* Build libraries and tools to make software built at Auth0 secure by default{linebreak}{linebreak}* Make security an integral part of our CI/CD pipeline{linebreak}{linebreak}* Perform internal penetration tests and participate in red team exercises{linebreak}{linebreak}* Champion security at Auth0{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Our ideal candidate will have:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Strong understanding of Web application security, including hands-on exploitation skills{linebreak}{linebreak}* Familiarity with secure development practices and security testing techniques (SAST, DAST, fuzzing, etc.){linebreak}{linebreak}* Ability to explain complex security issues and their impact to diverse audiences{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Also nice if you have:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Experience running a bug bounty program{linebreak}{linebreak}* Experience with JavaScript (Node.js) development{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at Auth0

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Software Engineer


Contrast Security


dev

engineer

infosec

digital nomad

dev

engineer

infosec

digital nomad

1mo

Apply


Stats (beta): πŸ‘ 350 views,✍️ 19 applied (5%)
{linebreak}Our team is expanding as our company continues to grow from a small start-up to an evolving 4+ year company. We have an opportunity to bring on software engineers who are comfortable working with multiple languages on our full stack application (Java/Spring and Angular/React) and our AWS cloud-based services mainly written in Python and NodeJS Lambda services. We are in search of engineers who are interested in working across many languages.{linebreak}{linebreak}Our engineering team has a strong spirit of entrepreneurship. Every member of the team has joined us over our short  history because he/she wants to be part of a high-performing team and go through the startup experience. We look for candidates that share similar goals and beliefs about the work and the team they want to be a part of. We've put together some notes here which will tell you and show you a little bit about our experience. {linebreak}{linebreak}We are a growing group of engineers, designers and product specialists. Anyone who applies to work on our team is specifically looking for an opportunity to be able to:{linebreak}{linebreak}{linebreak}* Work hand-in-hand with our Product Managers, UX/Designers and Customers on each feature and improvement.{linebreak}{linebreak}* Own the technical design, implementation and quality engineering of our full stack application and Lambda services.{linebreak}{linebreak}* Participate in constant collaboration with teammates in the form of pair programming, group code reviews and pull requests prior to commit.{linebreak}{linebreak}* Deploys: our engineers deploy multiple times a day to our AWS infrastructure.{linebreak}{linebreak}* On-call rotation: every member of the team, including the VP of Engineering participates in the on-call rotation.{linebreak}{linebreak}* Technical support: Our engineers don't just release code in the wild. When our customer have issues, we have to jump in and give them help.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Skills & Requirements{linebreak}{linebreak}{linebreak}* You are a Java expert with a strong understanding of Spring, MySQL, Linux and Apache ActiveMQ.{linebreak}{linebreak}* Experience or interest working with TypeScript and GraphQL.{linebreak}{linebreak}* Have an eye for quality and have an interest in using common open source tools/frameworks.{linebreak}{linebreak}* You approach problems from a product perspective, thinking through how the user will interact with what you're building.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally. {linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Cofense

ROR Software Engineer IV  


Cofense


cyber security

ror

aws

docker

cyber security

ror

aws

docker

2mo

Apply


Stats (beta): πŸ‘ 331 views,✍️ 37 applied (11%)
***This is a full time position working directly for Cofense***{linebreak}{linebreak}Reporting to the Manager of Software Engineering, the Software Engineer IV is responsible for supporting the implementation and maintenance of our products, working as part of a cross-functional team to build new features while maintaining the overall quality of our applications.{linebreak}{linebreak}At Cofense, we're searching for amazing engineers to join our team. Our company provides end-to-end cyber-defense solutions that help protect organizations and their employees from the vast and growing threat posed by phishing-related attacks. We're expanding rapidly and looking for talented engineers, like you, that care about building great products that solve big problems.{linebreak}{linebreak} In this role, you will work as part of a cross-functional team to build new features while maintaining the overall quality of our applications. Working in an agile team environment, you will apply your knowledge and experience to establish standards, ensure code quality, and mentor others. Our approach to software delivery is ambitious, and asks for regular and active participation in defining the "what" and the "how".{linebreak}{linebreak} As a senior engineer, we'd like to see the following traits from you: technical capability, leadership, and community. For more insight into our thoughts on this topic, please see The Conjoined Triangles of Senior-Level Development [http://frontside.io/blog/2016/07/07/the-conjoined-triangles-of-senior-level-development.html].{linebreak}{linebreak}# Responsibilities{linebreak} * A continuous review of overall test quality, test coverage, and exception reports.{linebreak}* Implement new features that emphasize clarity, robustness, and maintainability.{linebreak}* Mentor others through pairing, code reviews, and regular knowledge sharing.{linebreak}* Establish coding standards, driving best patterns and practices.{linebreak}* Assist with planning efforts assessing technical feasibility of new product features.{linebreak}* An effective communicator, you will work collaboratively and constructively with others in the team and broader organization.{linebreak}* Work with the Principal Engineer to support proper architectural oversight of the product.{linebreak}* Rotating on-call duties with other team members.{linebreak}* Other duties as assigned. {linebreak} {linebreak}{linebreak}The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.{linebreak}{linebreak} {linebreak}{linebreak}# Requirements{linebreak}Knowledge, Skills and Abilities Required:{linebreak}{linebreak}* Deep knowledge of Ruby and Ruby on Rails.{linebreak}* A test-centric approach to development, in order to build and deploy with confidence.{linebreak}* Comfortable at the command line, and with advanced git features.{linebreak}* Longstanding familiarity with the Ruby and Rails communities -- you stay on top of current news and changes to the language and framework landscape.{linebreak}* Good understanding of application security and common vulnerabilities as expressed by the OWASP Top 10.{linebreak} {linebreak}{linebreak}Education and/or Additional Experience:{linebreak}{linebreak}* Production experience in another language beyond Ruby and JavaScript, perhaps Elixir or Go{linebreak}* At least 2+ years of recent production experience developing and deploying large-scale Rails applications.{linebreak}* Experience in front-end development with JavaScript, HTML, and CSS.{linebreak}* Experience with relational databases and SQL outside of ORMs like ActiveRecord.{linebreak}* At least 8+ years of professional experience in software engineering preferred.{linebreak}* Have participated in an organization using an Agile-based approach to software delivery{linebreak}* Experience in a multi-team organization and can articulate the strategies, tools, and methods in support of an SOA approach to software .{linebreak}* Bachelor’s degree preferred{linebreak}* Have taken part in building a software appliance or on-premise solution.

See more jobs at Cofense

# How do you apply? Please apply to this job by clicking the link below:
Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Cloud Infrastructure Engineer


Contrast Security


cloud

engineer

infosec

cloud

engineer

infosec

2mo

Apply


Stats (beta): πŸ‘ 450 views,✍️ 42 applied (9%)
{linebreak}As a member of the Contrast Security engineering team, you will be responsible for deploying and scaling one of the fastest growing application security products being built today.  You will be focused on high uptime targets while new software is being delivered daily.  We automate everything possible, gather data to make informed decisions, and work hard to make the internet a safer place.   {linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Develop and deliver AWS infrastructure to colleagues and customers{linebreak}{linebreak}* Continually improve existing infrastructure and AWS services{linebreak}{linebreak}* Promote all things DevOps and Infrastructure as Code{linebreak}{linebreak}* Perform automated and ad-hoc analysis on usage patterns, data growth, and application change to prevent performance bottlenecks{linebreak}{linebreak}* Design, build, and configure environments and services in AWS{linebreak}{linebreak}* Improve operational efficiency through automation, visibility, and transparency of performance and reliability metrics.  {linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Tools You Will Use{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Ansible{linebreak}{linebreak}* CloudFormation{linebreak}{linebreak}* SumoLogic{linebreak}{linebreak}* Docker{linebreak}{linebreak}* New Relic{linebreak}{linebreak}* Python (or similar scripting language){linebreak}{linebreak}* AWS, Atlassian (Jira, Bitbucket, Confluence){linebreak}{linebreak}* Jenkins and other CI Tools{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Qualifications{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Bachelor’s Degree or equivalent{linebreak}{linebreak}* 3+ years of professional experience{linebreak}{linebreak}* Experience working with performance testing and monitoring tools{linebreak}{linebreak}* Previous use of Ansible, CloudFormation, AWS (VPC, EC2, Route53, S3, CloudWatch){linebreak}{linebreak}* Background with deploying and troubleshooting web applications and services{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Bonus Points If You Have or Want to Work On{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* TerraFrom{linebreak}{linebreak}* Distributed Queues{linebreak}{linebreak}* Service Discovery{linebreak}{linebreak}* Caching Design{linebreak}{linebreak}* Spring and Hibernate experience{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What We Offer{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Competitive compensation{linebreak}{linebreak}* Medical, dental and vision benefits{linebreak}{linebreak}* Flexible paid time off{linebreak}{linebreak}* Daily in-office lunches{linebreak}{linebreak}* 401K{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

This year


Marqeta

Sr. Infrastructure Security Engineer - Oakland or  


Marqeta


infosec

java

javascript

python

infosec

java

javascript

python

2mo

Apply


Stats (beta): πŸ‘ 478 views,✍️ 64 applied (13%)
Are you looking to join an innovative organization powering payments for the next generation of fintech and commerce innovators? Marqeta has built the world’s first open API issuer processor platform from scratch, powering prepaid, debit, and credit cards for the most recognizable names in financial technology, alternative lending, on-demand services and e-commerce. Marqeta has become the leader in payment innovation. Our company is comprised of a team of industry experts, a dynamic approach to working on challenging problems, and an open environment and culture that is focused on ideas and innovation.{linebreak}{linebreak}Not only do we have an inspiring and innovative culture, but only Marqeta can offer you a chance to help redefine the payments industry. As a testament to the company we've collectively built, our world-class team voted Marqeta one of the Bay Area’s Best Places to Work.{linebreak}{linebreak}Marqeta is proud of its Oakland roots and strives to build a team as diverse as the cities in which we operate. Underrepresented populations are encouraged to apply.Β {linebreak}{linebreak}We are not expecting any single candidate to have an expertise under all areas of our requirements section. Please apply if you meet some but not all of the requirements.{linebreak}{linebreak}**Position Summary**{linebreak}{linebreak}Marqeta is growing a fresh new Infrastructure Security Team with the goal of significantly improving industry standards in Secure Platform and Service Delivery in the Payments space.{linebreak}{linebreak}As a member of Marqeta’s Infrastructure Security Team, you’re responsible for design, development and implementation of our core platform and network security controls. Your work protects our most critical environments, as well as meets or exceeds the various regulatory compliance standards required in the Payments Industry. This role interfaces directly with Marqeta’s Platform Engineering, SRE, and Network Engineering teams, and is vital to Marqeta’s Application Security Program.{linebreak}{linebreak}The ideal candidate for this role has a strong desire to lead the organization in well considered Security Engineering methodologies, is seasoned in either AWS or GCP cloud-based services, has a strong passion for DevOps/SecDevOps/DevSecOps driven patterns, and an excellent ability to communicate across roles, teams and disciplines.{linebreak}{linebreak}# Responsibilities{linebreak} **Primary Responsibilities**{linebreak}* Build Self Service Tools for Infrastructure, Platform, and SRE Engineers{linebreak}* Maintain Security Controls in Platform and Infrastructure Services{linebreak}* Implement and Support End-to-End Transport Security and Proxy Layer Services{linebreak}* Lead Infrastructure and Platform Design Reviews{linebreak}* Implement and Maintain Security Patterns in Pre-Release and Post-Release Deployment{linebreak}* Triage, Respond to and Investigate Security Incidents affecting Platform and Infra Services{linebreak}* Implement and Maintain Platform and Infrastructure Threat Monitoring and Detection Tools{linebreak}* Manage and Deploy Services for Security Team{linebreak}* Mentor Marqeta App Sec, Infra, Platform and SRE Engineers{linebreak}* Support Quarterly PCI Efforts {linebreak}{linebreak}# Requirements{linebreak}**Requirements**{linebreak}* 3-5 yrs Demonstrable and Practical Experience in Systems and Infrastructure Engineering or Comparable Experience in a DevOps Role{linebreak}* You pride yourself in a holistic approach to your work{linebreak}* You have a sincere passion for Security Engineering as a discipline{linebreak}* You’re an excellent communicator{linebreak}* You employ strong collaboration patterns and enjoy creating positive team dynamics{linebreak}* You know how to own and support positive outcomes{linebreak}* You remain constructive under pressure, with a flexible working style{linebreak}* You have solid experience and consistency with remote work and engaging distributed teams{linebreak}* Demonstrated experience in some combination of the following disciplines: incident response, detection tooling, vulnerability management, security operations, cloud security, infrastructure security, network security, security tools development{linebreak}* Experience selecting and implementing tools for SIEM, IDS and vulnerability scanning{linebreak}* Experience with automating new and existing processes and tools{linebreak}* Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools{linebreak}{linebreak}**Technical Skills**{linebreak}* Functional Development Experience and Proficiency in Python, Go or Ruby{linebreak}* Functional Experience with Ansible, Terraform and Packer{linebreak}* Experience with AWS Architecture and Service Deployment{linebreak}* Experience with Container Technology (Docker, ECS, Kubernetes/K8s){linebreak}* Familiarity with Java and JVM based Application Stacks (e.g. Tomcat){linebreak}* Strong Knowledge of TLS-based Service Architectures{linebreak}* Strong Experience with Linux Platforms (CentOS/Ubuntu/Debian/etc){linebreak}* Experience with Secure Deployment Specification{linebreak}* Experience with Production Build Pipelines and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI){linebreak}* Strong Interest in Automation Practices{linebreak}Β {linebreak}{linebreak}**Bonus Qualifications**{linebreak}* Experience in Payments or Financial Services{linebreak}* Experience with Remote Work{linebreak}{linebreak}**Perks**{linebreak}{linebreak}* Be a member of an exceptional team - we’re growing and your career and opportunities with us will, too!{linebreak}* Rich suite of benefit plans - Employee premiums paid 100%{linebreak}* Generous Paid Time Off plan{linebreak}* Market-leading fully paid Parental Leave{linebreak}* Retirement savings - 401k plan with a Company match{linebreak}* Meaningful Equity{linebreak}* Bi-annual Hack Weeks to support and reward innovation{linebreak}* Beautiful downtown Oakland office in a great location, with stunning views of Lake Merritt{linebreak}* Conveniently located close to public transportation{linebreak}* Open, transparent culture that includes weekly All Hands meetings, Lunch-and-Learns, all-company offsite, etc.{linebreak}* Commuter and Parking monthly subsidy{linebreak}* Access to corporate gym membership rates and other discounts and employee perks!{linebreak}* Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays, and more!{linebreak}Β 

See more jobs at Marqeta

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Marqeta

Application Security Engineer - Oakland or


Marqeta


infosec

java

javascript

ruby

infosec

java

javascript

ruby

2mo

Apply


Stats (beta): πŸ‘ 521 views,✍️ 43 applied (8%)
Are you looking to join an innovative organization powering payments for the next generation of fintech and commerce innovators? Marqeta has built the world’s first open API issuer processor platform from scratch, powering prepaid, debit, and credit cards for the most recognizable names in financial technology, alternative lending, on-demand services and e-commerce. Marqeta has become the leader in payment innovation. Our company is comprised of a team of industry experts, a dynamic approach to working on challenging problems, and an open environment and culture that is focused on ideas and innovation.{linebreak}{linebreak}Not only do we have an inspiring and innovative culture, but only Marqeta can offer you a chance to help redefine the payments industry. As a testament to the company we've collectively built, our world-class team voted Marqeta one of the Bay Area’s Best Places to Work.{linebreak}{linebreak}Marqeta is proud of its Oakland roots and strives to build a team as diverse as the cities in which we operate. Underrepresented populations are encouraged to apply.Β {linebreak}{linebreak}We are not expecting any single candidate to have an expertise under all areas of our requirements section. Please apply if you meet some but not all of the requirements.{linebreak}{linebreak}**Position Summary**{linebreak}{linebreak}Marqeta is growing a fresh Application Security Team with the goal of significantly improving industry standards in Secure Application Development in the Payments space.{linebreak}{linebreak}As a member of the Application Security Engineer (ASE) Team, you serve as a key contributor to Marqeta’s open payments platform. This role supports the safety and security of our customer’s payments, ensuring the growth of an innovative platform that provides direct access to a strong suite of Payment Card Issuer/Processor APIs. Our long term goal is the development of a strong Product Security Program that protects the global development and deployment of payment and virtual cards as well as mobile authorization.{linebreak}{linebreak}Our ASEs define Security Engineering standards and practices around Secure Code, Continuous Delivery/Integration, Pre and Post Release S-SDLC, Verification/Validation models, Penetration Testing and innovative Security tooling designed around self-service and rich integration models.{linebreak}{linebreak}You'll work closely with Marqeta’s Frontend and Backend Engineers, you'll contribute to critical design input for API development and service architectures, and you’ll assist the company in developing strong engineering practices in support of Product Security. Our goal is to both enhance the workflow of our engineers with security-centric tool sets and implement innovative methods of testing code in the pre-release phase.{linebreak}{linebreak}The ideal candidate has a strong core skill set in two or more of the following areas - Automation, QE Testing, Security Engineering, REST API Design, and/or Strong Knowledge in Modern App Frameworks (esp ReactJS, Rails, or Tomcat). You’re knowledgeable and conversant in common vulnerabilities affecting modern web applications, familiar with modern cloud and datacenter based infrastructure, are looking to grow strong application security experience, and you intend to be an excellent communicator and collaborator. Our ASEs are particularly concerned with scaleable tooling strategies and strong process and practice management, which includes constant refinement in how we engage with our cross-functional team of engineers.Β {linebreak}{linebreak}# Responsibilities{linebreak} **Primary Responsibilities**Β {linebreak}* Build Self Service Tools for QE, Frontend and Backend Engineers{linebreak}* Assist with Definition, Implementation, and Maintenance of S-SDLC{linebreak}* Lead Application Security Assessments and Design Reviews{linebreak}* Execute Critical Validation/Verification Functions in Pre- and Post-Release{linebreak}* Implement SAST, DAST and Coherent Dependency Vuln Management into the Build Pipeline{linebreak}* Execute Greybox and Whitebox Application Security Assessments{linebreak}* Execute and Support HTTP/S Service-Layer Pen-Testing{linebreak}* Develop Security Training and Guidelines for Engineers{linebreak}* Build and Enhance S/W Testing Strategies with Specialized End-to-End Clients, RSpec, Puppeteer and Selenium-Based Test Cases{linebreak}* Lead Software Vulnerability Management and Risk Mitigation Practices{linebreak}* Offer Guidance and Leadership in PCI Compliance{linebreak} {linebreak}{linebreak}# Requirements{linebreak}**Requirements**{linebreak}* Demonstrable and Practical Experience in an Development or Security Engineering Role{linebreak}* You have a passion for Security and Engineering as a discipline{linebreak}* You’re an excellent communicator{linebreak}* You employ strong collaboration patterns and enjoy creating positive team dynamics{linebreak}* You know how to own and support positive outcomes{linebreak}* You remain constructive under pressure, with a flexible working style{linebreak}{linebreak}**Technical Skills**{linebreak}* Functional Development Experience in Python, Go, JS, Ruby, or Java{linebreak}* Functional Experience with Testing Frameworks and Modern Testing Paradigms (BDD, TDD, and similar){linebreak}* Strong Knowledge of OWASP and Common Software Vulnerabilities{linebreak}* Solid Understanding of Secure Coding/Development Practices{linebreak}* Experience with Production Build Pipeline and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI){linebreak}* Demonstrable Experience with Python, Ruby, JS and/or Go Tool Development{linebreak}* Strong Interest in Automation Practices{linebreak}* Familiarity and Interest in Cloud Services and SAAS Platforms Β (AWS, GCP){linebreak}{linebreak}**Communication Skills**{linebreak}* Ability to Communicate Technical Details and Concepts Clearly{linebreak}* Strong Capacity to Speak and Act with Candor and Empathy{linebreak}{linebreak}**Nice to Have**{linebreak}* Familiarity with Java and JVM based Application Stacks (e.g. Tomcat){linebreak}* Solid Knowledge of OAuth and SAML{linebreak}* Strong Knowledge of HTTP/S Service Architectures{linebreak}* Strong Knowledge of Transport Security, specifically TLS and CAsΒ {linebreak}{linebreak}**Perks**{linebreak}{linebreak}* Be a member of an exceptional team - we’re growing and your career and opportunities with us will, too!{linebreak}* Rich suite of benefit plans - Employee premiums paid 100%{linebreak}* Generous Paid Time Off plan{linebreak}* Market-leading fully paid Parental Leave{linebreak}* Retirement savings - 401k plan with a Company match{linebreak}* Meaningful Equity{linebreak}* Bi-annual Hack Weeks to support and reward innovation{linebreak}* Beautiful downtown Oakland office in a great location, with stunning views of Lake Merritt{linebreak}* Conveniently located close to public transportation{linebreak}* Open, transparent culture that includes weekly All Hands meetings, Lunch-and-Learns, all-company offsite, etc.{linebreak}* Commuter and Parking monthly subsidy{linebreak}* Access to corporate gym membership rates and other discounts and employee perks!{linebreak}* Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays, and more!

See more jobs at Marqeta

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Marqeta

Sr. Application Security Engineer - Oakland or


Marqeta


python

go

javascript

ruby

python

go

javascript

ruby

3mo

Apply


Stats (beta): πŸ‘ 421 views,✍️ 32 applied (8%)
Are you looking to join an innovative organization powering payments for the next generation of fintech and commerce innovators? Marqeta has built the world’s first open API issuer processor platform from scratch, powering prepaid, debit, and credit cards for the most recognizable names in financial technology, alternative lending, on-demand services and e-commerce. Marqeta has become the leader in payment innovation. Our company is comprised of a team of industry experts, a dynamic approach to working on challenging problems, and an open environment and culture that is focused on ideas and innovation.{linebreak}{linebreak}Not only do we have an inspiring and innovative culture, but only Marqeta can offer you a chance to help redefine the payments industry. As a testament to the company we've collectively built, our world-class team voted Marqeta one of the Bay Area’s Best Places to Work.{linebreak}{linebreak}Marqeta is proud of its Oakland roots and strives to build a team as diverse as the cities in which we operate. Underrepresented populations are encouraged to apply.Β {linebreak}{linebreak}We are not expecting any single candidate to have an expertise under all areas of our requirements section. Please apply if you meet some but not all of the requirements.{linebreak}{linebreak}**Position Summary**{linebreak}{linebreak}Marqeta is growing a fresh Application Security Team with the goal of significantly improving industry standards in Secure Application Development in the Payments space. We are based in Oakland, California but are open to remote engineers for this role!{linebreak}{linebreak}As a member of the Application Security Engineer (ASE) Team, you serve as a key contributor to Marqeta’s open payments platform. This role supports the safety and security of our customer’s payments, ensuring the growth of an innovative platform that provides direct access to a strong suite of Payment Card Issuer/Processor APIs. Our long term goal is the development of a strong Product Security Program that protects the global development and deployment of payment and virtual cards as well as mobile authorization.{linebreak}{linebreak}Our ASEs define Security Engineering standards and practices around Secure Code, Continuous Delivery/Integration, Pre and Post Release S-SDLC, Verification/Validation models, Penetration Testing and innovative Security tooling designed around self-service and rich integration models.{linebreak}{linebreak}You'll work closely with Marqeta’s Frontend and Backend Engineers, you'll contribute to critical design input for API development and service architectures, and you’ll assist the company in developing strong engineering practices in support of Product Security. Our goal is to both enhance the workflow of our engineers with security-centric tool sets and implement innovative methods of testing code in the pre-release phase.{linebreak}{linebreak}The ideal candidate has a strong core skill set in two or more of the following areas - Automation, QE Testing, Security Engineering, REST API Design, and/or Strong Knowledge in Modern App Frameworks (esp ReactJS, Rails, or Tomcat). You’re knowledgeable and conversant in common vulnerabilities affecting modern web applications, familiar with modern cloud and datacenter based infrastructure, are looking to grow strong application security experience, and you intend to be an excellent communicator and collaborator. Our ASEs are particularly concerned with scaleable tooling strategies and strong process and practice management, which includes constant refinement in how we engage with our cross-functional team of engineers.{linebreak}{linebreak}{linebreak}# Responsibilities{linebreak} **Primary Responsibilities**{linebreak}* Build Self Service Tools for QE, Frontend and Backend Engineers{linebreak}* Assist with Definition, Implementation, and Maintenance of S-SDLC{linebreak}* Lead Application Security Assessments and Design Reviews{linebreak}* Execute Critical Validation/Verification Functions in Pre- and Post-Release{linebreak}* Implement SAST, DAST and Coherent Dependency Vuln Management into the Build Pipeline{linebreak}* Execute Greybox and Whitebox Application Security Assessments{linebreak}* Execute and Support HTTP/S Service-Layer Pen-Testing{linebreak}* Develop Security Training and Guidelines for Engineers{linebreak}* Build and Enhance S/W Testing Strategies with Specialized End-to-End Clients, RSpec, Puppeteer and Selenium-Based Test Cases{linebreak}* Lead Software Vulnerability Management and Risk Mitigation Practices{linebreak}* Offer Guidance and Leadership in PCI Complianc {linebreak}{linebreak}# Requirements{linebreak}**Requirements**{linebreak}* 3-5 yrs Demonstrable and Practical Experience in Application Security Engineering or Comparable Experience in a Security Engineering Role{linebreak}* You have a passion for Security Engineering as a discipline{linebreak}* You’re an excellent communicator{linebreak}* You employ strong collaboration patterns and enjoy creating positive team dynamics{linebreak}* You know how to own and support positive outcomes{linebreak}* You remain constructive under pressure, with a flexible working style{linebreak}* Functional Development Experience and Proficiency in Python, Go, JS, Ruby, or Java{linebreak}* Familiarity with Java and JVM based Application Stacks (e.g. Tomcat){linebreak}* Functional Experience with Testing Frameworks and Modern Testing Paradigms (BDD, TDD, and similar){linebreak}* Solid Knowledge of OAuth and SAML{linebreak}* Strong Knowledge of HTTP/S Service Architectures{linebreak}* Strong Knowledge of Transport Security, specifically TLS and CAs{linebreak}* Strong Knowledge of OWASP and Common Software Vulnerabilities{linebreak}* Solid Understanding of Secure Coding/Development Practices{linebreak}* Experience with Production Build Pipeline and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI){linebreak}* Familiarity with Container Technology (Ex. Docker, RKT){linebreak}* Demonstrable Experience with Python, Ruby, JS and/or Go Tool Development{linebreak}* Strong Interest in Automation Practices{linebreak}* Familiarity and Interest in Cloud Services and SAAS Platforms Β (AWS, GCP){linebreak}* Familiarity with Terraform and Ansible Automation Stac{linebreak}{linebreak}**Perks**{linebreak}* Be a member of an exceptional team - we’re growing and your career and opportunities with us will, too!{linebreak}* Rich suite of benefit plans - Employee premiums paid 100%{linebreak}* Generous Paid Time Off plan{linebreak}* Market-leading fully paid Parental Leave{linebreak}* Retirement savings - 401k plan with a Company match{linebreak}* Meaningful Equity{linebreak}* Bi-annual Hack Weeks to support and reward innovation{linebreak}* Beautiful downtown Oakland office in a great location, with stunning views of Lake Merritt{linebreak}* Conveniently located close to public transportation{linebreak}* Open, transparent culture that includes weekly All Hands meetings, Lunch-and-Learns, all-company offsite, etc.{linebreak}* Commuter and Parking monthly subsidy{linebreak}* Access to corporate gym membership rates and other discounts and employee perks!{linebreak}* Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays, and more!

See more jobs at Marqeta

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Redox

Security Engineer  


Redox


infosec

engineer

infosec

engineer

3mo

Apply


Stats (beta): πŸ‘ 404 views,✍️ 44 applied (11%)
{linebreak}Redox is a 4 year old, fast-growing startup on a mission to change healthcare.{linebreak}{linebreak}Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology. At Redox, security comes first as patients depend on our systems to be secure, available and reliable. The security team partners with every team in our business to make that happen.{linebreak}{linebreak}We’re looking for a person who will take on securing our cloud (AWS) based production environment. The scope of this program includes our cloud systems, production network (VPCs), base platform images (Ubuntu & Docker) as well as our orchestration, and deployment pipeline (Kubernetes, etc.).{linebreak}{linebreak}Security Engineer (Cloud and Infrastructure) is a critical role at Redox. To be successful in this role you will need to have a vision for what this program should look like and design capabilities which scale as the team and company grow.{linebreak}{linebreak}You can be based anywhere in the US. (See “Work Anywhere” below){linebreak}{linebreak}{linebreak}Day to Day Requirements:{linebreak}{linebreak}{linebreak}* Be an active voice in our small, focused security team as the primary engineer responsible for Cloud & Infrastructure Security.{linebreak}{linebreak}* Define the secure baseline and secure configuration required for production systems at Redox.{linebreak}{linebreak}* Approach securing our company pragmatically, empathizing with engineers and developers to understand their needs.{linebreak}{linebreak}* Communicate issues and progress on complex problems in terms easily understood by stakeholders.{linebreak}{linebreak}* Build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems.{linebreak}{linebreak}* Support and build valuable training activities which uplift employee awareness and responses to security threats.{linebreak}{linebreak}* Monitor, report and seek to address security vulnerabilities in production.{linebreak}{linebreak}* Maximize security impact and reduce risk while minimizing the negative impact on our businesses velocity.{linebreak}{linebreak}* Mentor and guide engineering teams on best practices for keeping our production systems secure.{linebreak}{linebreak}* Own a platform to distill production security information (Events, Logs etc) into an actionable alerting platform.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Required Skills and Experience:{linebreak}{linebreak}{linebreak}* Knowledge of current threats and risks, how to detect them, how to build controls to stop them and how to create awareness of them. Such as cloud account takeovers, credential leakage, improper cloud configuration etc{linebreak}{linebreak}* Proficiency in cloud technologies and hands-on securing of AWS environments including detailed experience with AWS Organizations, VPC, Security Groups, CloudTrail, IAM etc){linebreak}{linebreak}* Ability to distil complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.{linebreak}{linebreak}* Experience securing Linux/Ubuntu, Docker, Kubernetes.{linebreak}{linebreak}* Knowledge of the OSI Security model and how it applies when securing networks and hosts.{linebreak}{linebreak}* Development experience sufficient to automate repetitive tasks and scale your impact.{linebreak}{linebreak}* Experience securing networks and infrastructure through firewall design, network segmentation and access (VPNs etc{linebreak}{linebreak}* High levels of Redoxiness{linebreak}{linebreak}{linebreak}{linebreak}Benefits{linebreak}{linebreak}We provide benefits that allow you to live life by your own design. Redox employees enjoy unmatched autonomy in their work and the support to live a balanced life. We trust you know what you need to be happy, at work and at home.{linebreak}{linebreak}{linebreak}{linebreak}* Tackle Challenging Problems Everyday. There is no roadmap for what we are building, so you’ll have the backing and support of talented engineers and security practitioners to make sure you have what you need to be successful.{linebreak}{linebreak}* Work Anywhere. All Redox employees are encouraged to live and work wherever they're happiest. All you need is power, wifi, and a computer and you’re good to go. We also run a number of co-located working spaces across many US cities if you prefer an office environment.{linebreak}{linebreak}* Flexible Working. Our best work happens when we feel fresh and inspired. We leave it up to you to decide when you need to take breaks and encourage you to make time for adventure and discovery.{linebreak}{linebreak}* Health & Dental from Day 1. Your health and dental coverage starts when you do to make sure you're always covered. We provide health and dental insurance for employees, spouses, domestic partners, and dependents, as well as life and disability insurance.{linebreak}{linebreak}* Parental Leave. You can take 12 weeks of paid time off within the first year of your new addition arriving. We know that they need you and we have your back.{linebreak}{linebreak}* Productivity Fund. We want you to be able to set up a workspace that allows you to perform at your very best. All Redox employees receive an annual discretionary stipend so you can select what helps you be productive.{linebreak}{linebreak}* 401k. We offer an optional, customizable and flexible 401k plan for you to plan for your financial future on your terms.{linebreak}{linebreak}{linebreak}

See more jobs at Redox

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Platform.sh

Security Compliance Engineer  


Platform.sh


infosec

engineer

infosec

engineer

3mo

Apply


Stats (beta): πŸ‘ 390 views,✍️ 59 applied (15%)
{linebreak}Mission{linebreak}{linebreak}To reinforce our commitment to customers’ privacy and security, for its PaaS solution, Platform.sh is looking for a Security & Compliance Engineer with a taste for Python and Go, excellent Linux system understanding, outstanding written English skills, experience working on PCI and/or SOC compliance, and a real hunger for the challenges of building compliant distributed systems. If you’re looking for an exciting, high-growth opportunity with an award-winning, cutting-edge company, this could be the job for you.{linebreak}{linebreak}This position is well suited for engineers wanting to transition into a heavy security and compliance role. We are targeting developers/sys admins that like writing documentation and can function in a high performing, multithreaded environment.{linebreak}{linebreak}Security, privacy, and compliance controls are at the heart of what we do as our mission is to simplify the cloud. The job is to transform what is often regarded as red-tape and constraints to a well-oiled machine where everything is automated and where every constraint becomes a feature making the product better.{linebreak}{linebreak}Directly reporting to our Data Protection Officer (VP), and in close interaction with our Chief Product Officer, CTO, VP of Infrastructure, and our Engineering and Customer Support teams.{linebreak}{linebreak}In a given day you might be:{linebreak}{linebreak}{linebreak}* Acting as a technical liaison between the Security & Compliance department and our product, engineering, and operations staff.{linebreak}{linebreak}* Creating documentation and processes in English to help satisfy compliance requirements.{linebreak}{linebreak}* Evaluating, deploying, and creating, systems and tools that will enhance our support and operations efficiency.{linebreak}{linebreak}* Supporting our data protection officer and compliance team with information requests, pen testing, disaster recovery, and related activities.{linebreak}{linebreak}* Executing our security incident management process.{linebreak}{linebreak}* Working with appropriate teams to deploy and operate security tools and solutions.{linebreak}{linebreak}* Ensuring all systems, security applications, and services in environment are securely configured and managed through operating system appropriate security platforms and tools.{linebreak}{linebreak}* Ensuring optimal operation of all security solutions and tools.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Qualifications:{linebreak}{linebreak}Minimum Qualifications{linebreak}{linebreak}{linebreak}* Excellent written English skills (as in, you could have been a tech writer or commercial author in another life){linebreak}{linebreak}* Experience with Linux (preferably Debian-based){linebreak}{linebreak}* Familiar with markdown{linebreak}{linebreak}* Experience implementing PCI, SOC, or related{linebreak}{linebreak}* Operate largely independently (go take that hill) with management support{linebreak}{linebreak}* Juggle several requests at the same time{linebreak}{linebreak}* Proven successful experience in an operations role{linebreak}{linebreak}* Exposure to cloud services (AWS in particular){linebreak}{linebreak}* Understands how an OS works, knows networking, how git works, and the constraints of a distributed system{linebreak}{linebreak}* Proficient in Python{linebreak}{linebreak}* Has an understanding of{linebreak}{linebreak}{linebreak}{linebreak}* Patch and Vulnerability Management process{linebreak}{linebreak}* Principle of Least Privilege{linebreak}{linebreak}* Incident response{linebreak}{linebreak}* Identity and Access Management{linebreak}{linebreak}* IPTABLES{linebreak}{linebreak}* WAFs{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Preferred Qualifications{linebreak}{linebreak}{linebreak}* Experience with containerization technologies (LXC/LXD, Docker){linebreak}{linebreak}* Experience with vendor management{linebreak}{linebreak}* Experience with Puppet and Golang{linebreak}{linebreak}* Demonstrated the ability to successfully manage cloud-based infrastructure for a fast growing organization{linebreak}{linebreak}* Knowledge of Magento Ecommerce, Symfony, Drupal, eZ Platform, or Typo3{linebreak}{linebreak}* Relational database skills{linebreak}{linebreak}* Public speaking experience{linebreak}{linebreak}* Ability to speak French or German a plus{linebreak}{linebreak}* Ability to kick ass in Chess or beat Zork without using a map{linebreak}{linebreak}* CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, or CASP Certification or similar will get you moved to the top of the queue{linebreak}{linebreak}* CIPM/E, CIPP/E, CIPM/E certification or similar will get you moved to the top of the queue{linebreak}{linebreak}* Can bravely take on new challenges like a Gryffindor, analyzes problems like Ravenclaw, protects our infrastructure and client data like a Slytherin, and talks with clients like a Hufflepuff.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Sound Like a Good Fit? We’d love to talk to you!  {linebreak}{linebreak}* This is a remote job. 

See more jobs at Platform.sh

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Dealer Inspire

Lead Security Engineer


Dealer Inspire


infosec

exec

engineer

infosec

exec

engineer

3mo

Apply


Stats (beta): πŸ‘ 432 views,✍️ 37 applied (9%)
{linebreak}Company Overview{linebreak}{linebreak}Dealer Inspire is an automotive website platform provider located in Naperville, Illinois. We pride ourselves in having a fun, unconventional working environment and a great culture. While our team works extremely hard, we try to keep it a fun and creative work environment. At Dealer Inspire, we like to look at current problems and 'rethink' about solutions. We're flexible - we don't write requirements in stone, and things can change regularly. This means rethinking how the solutions work best. {linebreak}{linebreak}Want to learn more about who we are? Check us out here!{linebreak}{linebreak}Job Summary{linebreak}{linebreak}We are looking for a Lead Security Engineer to take the reins of our security programs. At Dealer Inspire, we believe that security is paramount to building trust with our customers. As the Lead Security Engineer you will have the opportunity to develop and improve security programs that enable stakeholders across Dealer Inspire to deliver secure software. {linebreak}{linebreak}What you will do:{linebreak}{linebreak}{linebreak}* Partner with development teams to ensure OWASP best practices are being followed. {linebreak}{linebreak}* Lead internal penetration tests across critical assets. {linebreak}{linebreak}* Develop internal data handling & storage procedures. {linebreak}{linebreak}* Partner with sales teams to ensure compliance with customer security requirements. {linebreak}{linebreak}* Develop roadmaps to receive ISO & SOC certifications. {linebreak}{linebreak}* Train internal teams on security policies and practices. {linebreak}{linebreak}* Work with executive team to develop long-term security goals. {linebreak}{linebreak}* Partner with IT teams to assess the risk of  threats and vulnerabilities to Dealer Inspire and the services Dealer Inspire provides to its clients.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Required Skills{linebreak}{linebreak}{linebreak}* Working knowledge of Unix/Linux shell, AWS, vulnerability scanners, Mac OS X{linebreak}{linebreak}* Ability to perform tasks with limited supervision{linebreak}{linebreak}* Previous application security testing or Incident Response (IR) experience, including presenting and documenting vulnerabilities, findings or incidents.{linebreak}{linebreak}* Strong understanding of software security architecture and design and the ability to clearly articulate best practices for application security{linebreak}{linebreak}* Excellent interpersonal communication skills, breaking down vulnerabilities to both developers and leadership.{linebreak}{linebreak}* Comprehensive knowledge, experience, and understanding of testing for the OWASP Top 10{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Desired Skills{linebreak}{linebreak}{linebreak}* CISSP or CISA certification.{linebreak}{linebreak}* Experience programming in Ruby, PHP, or JavaScript.{linebreak}{linebreak}* Experience working directly with clients {linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Compensation{linebreak}{linebreak}$90,000+ per year based upon skill and previous experience. Motivated and talented individuals may advance quickly in our fast growing company.{linebreak}{linebreak}Perks:{linebreak}{linebreak}{linebreak}* Health Insurance with BCBS, Delta Dental (Orthodontics coverage available), Eye Med Vision{linebreak}{linebreak}* 401k plan with company match{linebreak}{linebreak}* Tuition Reimbursement{linebreak}{linebreak}* 13 days paid time off, parental leave, and selected paid holidays{linebreak}{linebreak}* Life and Disability Insurance{linebreak}{linebreak}* Subsidized gym membership{linebreak}{linebreak}* Subsidized internet access for your home{linebreak}{linebreak}* Peer to Peer Bonus program{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}*Not a complete, detailed list. Benefits have terms and requirements before employees are eligible.

See more jobs at Dealer Inspire

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

.net Engineer


Contrast Security


engineer

infosec

engineer

infosec

3mo

Apply


Stats (beta): πŸ‘ 528 views,✍️ 13 applied (2%)
{linebreak}At Contrast, our goal is the make the Internet safer day by day. We are always interested in meeting talented and creative technologists who share this goal. We’ve built some amazing technology thus far and are shaking up the way the world looks at application security. We know that our products can get better with new voices and ideas. Contrast is looking for a talented .NET application developer to join our team, engineering a world-class instrumentation agent for analyzing the security of Microsoft web applications. An ideal candidate is proficient in ASP.NET, C#, and C++. Ideally, we would love for you to have an interest or experience in Azure, as well as experience or curiosity with .NET Core.{linebreak}{linebreak}Key Responsibilities{linebreak}{linebreak}{linebreak}* Build many variations of simple to complex web applications using ASP.NET and .NET Core for our instrumentation agent to analyze to detect security vulnerabilities at run-time.{linebreak}{linebreak}* Contribute to the development of our instrumentation agent written in C# and C++.{linebreak}{linebreak}* Support traditional ASP.NET apps and more modern .NET Core apps on Windows/Linux.{linebreak}{linebreak}* Perform forensic investigations when the agent negatively impacts the performance of functionality of instrumented web applications.{linebreak}{linebreak}* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.{linebreak}{linebreak}* Be a team player. You love to work with others to find the right solutions.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About You{linebreak}{linebreak}{linebreak}* You love to code.{linebreak}{linebreak}* Experience with at least one ASP.NET Framework (WebForms, MVC, WCF, Web API) or .NET Core web applications.{linebreak}{linebreak}* Experience with C# and C++.{linebreak}{linebreak}* Comfortable working with Visual Studio Team Services for continuous integration.{linebreak}{linebreak}* Strong understanding of Microsoft IIS for configuration and deployment purposes.{linebreak}{linebreak}* Knowledge of the .NET development ecosystem.  Experience with popular .NET libraries such as Entity Framework, Dapper and Unity.{linebreak}{linebreak}* Experience deploying web applications to Azure services such as Azure VMs, Azure Web Apps, Service Fabric, Azure Table Storage (NoSQL), SQL Server and Azure Networking Services.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally.{linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Numbrs Personal Finance AG

Security Engineer


Numbrs Personal Finance AG


securitiy

cryptography

go

python

securitiy

cryptography

go

python

3mo

Apply


Stats (beta): πŸ‘ 620 views,✍️ 14 applied (2%)
At Numbrs, our engineers don’t just develop things – we have an impact. We change the way how people are managing their finances by building the best products and services for our users. {linebreak}{linebreak}Numbrs engineers are innovators, problem-solvers, and hard-workers who are building solutions in big data, mobile technology and much more. We look for professional, highly skilled engineers who evolve, adapt to change and thrive in a fast-paced, value-driven environment.{linebreak}{linebreak}Join our dedicated technology team that builds massively scalable systems, designs low latency architecture solutions and leverages machine learning technology to turn financial data into action. Want to push the limit of personal finance management? Join Numbrs.{linebreak}{linebreak}**Job Description**{linebreak}You will be a part of a team that is responsible for developing, releasing, monitoring and troubleshooting large scale micro-service based distributed systems with high transaction volume. You enjoy learning new things and are passionate about developing custom security tools, reviewing designs, code, performing in-depth security assessments of mobile apps, distributed backend systems and internal IT infrastructure. You are a great teammate who thrives in a dynamic environment with rapidly changing priorities.{linebreak}{linebreak}# Responsibilities{linebreak} **All candidates will have**{linebreak}* a Bachelor's or higher degree in technical field of study{linebreak}* a minimum of 3 years security work experience{linebreak}* experience with performing application code reviews, design reviews and penetration testing{linebreak}* experience in penetration testing web-based apps, mobile apps and back-end infrastructure{linebreak}* experience implementing modern cryptosystems{linebreak}* excellent knowledge with at least one modern programming language, such as Go, Java, C++, Python and Scala{linebreak}* excellent troubleshooting and creative problem-solving abilities{linebreak}* excellent written and oral communication and interpersonal skills{linebreak}{linebreak}**Ideally, candidates will also have**{linebreak}* experience with systems for automating deployment, scaling, and management of containerised applications, such as Kubernetes or Mesos{linebreak}* experience working with large scale distributed systems

See more jobs at Numbrs Personal Finance AG

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Python Instrumentation Engineer


Contrast Security


python

engineer

infosec

python

engineer

infosec

3mo

Apply


Stats (beta): πŸ‘ 596 views,✍️ 15 applied (3%)
{linebreak}About the Position At Contrast, our goal is the make the Internet safer day by day. We are always interested in meeting talented and creative technologists who share this goal. We’ve built some amazing technology thus far and are shaking up the way the world looks at application security. We know that our products can get better with new voices and ideas. Contrast is looking for a talented Python and C application developer to join our team, engineering a world-class instrumentation agent for analyzing the security of Python web applications. An ideal candidate is proficient in Python and C. He or she likely has professional Python experience, including some experience contributing to open source frameworks and/or libraries, this could be a great opportunity for you to deepen your understanding of Python's unique characteristics. You like to reverse engineer code, making it better with each iteration. Writing instrumentation agents is a responsibility we take very seriously at Contrast. Our customers trust us enough to run our agents directly in their applications. We're looking for an engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence. Responsibilities{linebreak}{linebreak}{linebreak}* Contribute to the development of our instrumentation agent written in Python, C, Pybuf and Protobuf.{linebreak}{linebreak}* Author security rules in Python, C and RegEx to detect and defend common attack patterns and security anti-patterns in Python.{linebreak}{linebreak}* Learn and reverse engineer popular ORM frameworks native to the Python ecosystem for the purpose of analyzing approaches for SQL Injection.{linebreak}{linebreak}* Perform forensic investigations when the agent negatively impacts the performance of functionality of instrumented web applications.{linebreak}{linebreak}* Build many variations of simple to complex web applications in Python using Django, Flask, Pyramid, web2py and TurboGears for our instrumentation agent to analyze to detect security vulnerabilities at run-time.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About You{linebreak}{linebreak}{linebreak}* You must love to code and have a strong passion for making software more secure.{linebreak}{linebreak}* You’re a true scientist and think about algorithms and regular expressions while you sleep.{linebreak}{linebreak}* You’re a Python expert with a strong understanding of C, Linux (Ubuntu) and Apache.{linebreak}{linebreak}* Experience writing Python using Django, web2py, TurboGears, Flask and/or Pyramid.{linebreak}{linebreak}* Experience with popular Python ORM frameworks like SQLAlchemy, Django ORM, Storm and/or SQL Object.{linebreak}{linebreak}* Experience building Python packaging tools such as pip, easy_install and buildout.{linebreak}{linebreak}* You approach problems from a product perspective, thinking through how the user will interact with what you're building.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally. {linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What We Offer{linebreak}{linebreak}{linebreak}* Competitive compensation{linebreak}{linebreak}* Medical, dental, and vision benefits{linebreak}{linebreak}* Flexible paid time off{linebreak}{linebreak}* Daily in-office lunches{linebreak}{linebreak}* 401K{linebreak}{linebreak}* Professional Development Budget{linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Swimlane

Security Automation Professional Services Engineer


Swimlane


infosec

engineer

infosec

engineer

4mo

Apply


Stats (beta): πŸ‘ 343 views,✍️ 33 applied (10%)
{linebreak}Swimlane is looking for a Professional Services Engineer to deliver implementation and deployment services to Swimlane customers.{linebreak}{linebreak}The ideal candidate has a solid background in Security Operations Center (SOCs) and Incident Response (IR) processes and procedures, with a strong understanding of modern cyber security technologies and methodologies, including deploying and integrating such platforms, consulting on best-practices for SOC/IR functions, and developing and implementing automation and orchestration capabilities to streamline operations.  This role will require a willingness to travel to Kansas City an average of once a month and be onsite with the customer for a week each visit.{linebreak}{linebreak}Key Responsibilities:{linebreak}{linebreak}{linebreak}* Deploy and configure the Swimlane platform{linebreak}{linebreak}* Develop and implement new SOC/IR playbooks{linebreak}{linebreak}* Develop new integrations with 3rd party systems leveraging Python{linebreak}{linebreak}* Support customer success initiatives to drive renewals{linebreak}{linebreak}* Assist in Swimlane architecture design for non-standard deployments (ie, HA, DR, etc){linebreak}{linebreak}* Assist with and contribute to the Swimlane Community to answer customer/prospect questions, create relevant content, and facilitate broader adoption of security automation and orchestration.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Position Requirements:{linebreak}{linebreak}{linebreak}* 2 to 5 years of experience in Professional Services at a security vendor, SOC/IR experience, or a combination of the two{linebreak}{linebreak}* Working knowledge of Python{linebreak}{linebreak}* Working knowledge of RESTful APIs{linebreak}{linebreak}* Hands-on experience with the following types of technologies: SIEM, Next Gen Firewall, Threat Intelligence Platforms, Malware Sandboxing{linebreak}{linebreak}* Team player that works well in collaborative situations and start-up environments{linebreak}{linebreak}* University degree in Computer Science, Information technology, Engineering, equivalent work experience.{linebreak}{linebreak}* Ability to quickly grasp complex technical concepts and make them easily understandable verbally, in writing, and in network diagrams/illustrations.{linebreak}{linebreak}{linebreak}

See more jobs at Swimlane

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tigera

verified

Senior Software Engineer


Tigera

verified

kubernetes

golang

go

calico

kubernetes

golang

go

calico

5mo

Apply


Stats (beta): πŸ‘ 962 views,✍️ 20 applied (2%)
Tigera is looking for passionate and skilled Golang software engineers to join us in our mission to secure the next generation of cloud native applications. At the heart of our strategy is a set of open source networking and security projects (currently Calico, flannel, and Canal) that define the new gold standard for application connectivity within large scale cloud environments, such as Kubernetes, OpenShift, Docker, and related technologies. Building upon this open source foundation, we are working on complementary commercial offerings to help enterprises build and operate cloud native applications and infrastructures, securely and at scale.{linebreak}{linebreak}You will be joining a team that is highly engineering-focused with a culture that values diversity, collaboration, agility and innovation, keeping us one step ahead in the exciting and fast moving cloud-native technology space. {linebreak}{linebreak}# Requirements{linebreak}**Must-Haves**{linebreak}{linebreak}2+ years of experience with the Golang programming language.{linebreak}{linebreak}A drive to get things done in a highly collaborative, agile development environment.{linebreak}{linebreak}Experience with one or more of the following areas and technologies: Networking, Security, Kubernetes, Docker, related or similar.{linebreak}{linebreak}**Nice-to-Haves**{linebreak}{linebreak}Experience developing, securing or operating cloud scale applications or infrastructure.{linebreak}{linebreak}Experience or familiarity with any of these technologies: Istio, Envoy, CNI, OpenShift, Docker{linebreak}{linebreak}Experience in an open source based company, with a focus on cloud, networking and/or security.{linebreak}

See more jobs at Tigera

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Elastic

Senior JavaScript Security Engineer


Elastic


infosec

javascript

senior

engineer

infosec

javascript

senior

engineer

5mo

Apply


Stats (beta): πŸ‘ 843 views,✍️ 0 applied (0%)
{linebreak}About Elastic {linebreak}{linebreak}At Elastic, we have a simple goal: to pursue the world's data problems with products that delight and inspire. We help people around the world do extraordinary things with their data. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. Founded in 2012 by the people behind the Elasticsearch, Kibana, Logstash, and Beats open source projects, we believe that diversity drives our vibe. We unite employees across 30+ countries into one coherent team, while the broader community spans across over 100 countries.{linebreak}{linebreak}{linebreak}Engineering Philosophy{linebreak}{linebreak}We believe that engineering complex, pluggable software for the web that is built to last the test of time is both tricky and exciting. Doing so requires a team of diverse individuals, with sharp minds and the ability to empathize with our users, working together with mutual respect and a common mission.{linebreak}{linebreak}We care deeply about giving you full ownership of what you're working on. Our company fundamentally believes great minds achieve greatness when they are set free and are surrounded and challenged by their peers, which is clearly visible throughout our organization. At Elastic, hierarchy does not determine how decisions get made. We feel that anyone needs to be in the position to comment on absolutely anything, regardless of their role within the company.{linebreak}{linebreak}{linebreak}About The Role{linebreak}{linebreak}You will act as a hands-on developer of the Kibana Security team which is responsible for the authentication providers, access control systems, and security hardening in Kibana. Additionally, the security team works with others to instill secure coding principles and best practices. You will work on many key projects and initiatives partnering closely across all Elastic teams. You will be responsible for delivering the roadmap of the Security team, reinforcing the quality of work, managing the technical debt, updating the project status, and providing support for the other parts of the Kibana team.{linebreak}{linebreak}{linebreak}Some of the things you'll work on{linebreak}{linebreak}{linebreak}* Design and implement internal security mechanisms to secure individual Kibana servers{linebreak}{linebreak}* Implement access control for APIs, saved objects, and UI functionality{linebreak}{linebreak}* Create multi-layer solutions for safely executing server-side plugin code with node.js sandboxing and seccomp{linebreak}{linebreak}* Advocate for secure coding principles and best practices{linebreak}{linebreak}* Develop different single sign-on integrations{linebreak}{linebreak}* Perform vulnerability scans and coordinate remediation{linebreak}{linebreak}* Support our support engineers with harder security problems{linebreak}{linebreak}* Own compliance/standards agenda for Kibana( FIPS, PCI DSS, HIPAA, ISO, etc.){linebreak}{linebreak}* Help define how developers build Kibana now and into the future{linebreak}{linebreak}* Work with the tech lead to architect a large JavaScript project designed to be actively developed for decades while embracing continuously-evolving modern web technologies{linebreak}{linebreak}* Write comprehensive tests, including unit tests, service-level, HTTP-level, UI component, and browser-level integration tests that provide confidence in the stability and function of Kibana{linebreak}{linebreak}* Collaborate with other experienced developers both in Elastic and our open source community, including code and technical design reviews{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements{linebreak}{linebreak}{linebreak}* 7+ years of experience building secure and scalable applications with JavaScript{linebreak}{linebreak}* Experience supporting and analyzing security incidents in production web services and applications{linebreak}{linebreak}* Experience writing and a deep appreciation for automated testing{linebreak}{linebreak}* Excellent verbal and written communication skills{linebreak}{linebreak}* A great teammate with strong analytical, problem solving, debugging and troubleshooting skills{linebreak}{linebreak}* Knowledge of common security related protocols (SSL, TLS, IPSec, etc.){linebreak}{linebreak}* Experience of cryptographic encryption algorithms, key exchange algorithms, hashing algorithms, PKI, etc.{linebreak}{linebreak}* Strong JavaScript programming skills{linebreak}{linebreak}* Deep knowledge of Node.js{linebreak}{linebreak}* Understanding of many legacy JS frameworks and at least one modern JS framework such as Angular.js and React.js{linebreak}{linebreak}* Experience with the release process: Source code control, package installers, build scripts, Jenkins, etc.{linebreak}{linebreak}* Experience working with continuous Integration platforms. Jenkins experience is a plus.{linebreak}{linebreak}* Deep under{linebreak}{linebreak}{linebreak}

See more jobs at Elastic

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Zapier

Application Security Engineer


Zapier


infosec

engineer

infosec

engineer

6mo

Apply


Stats (beta): πŸ‘ 862 views,✍️ 0 applied (0%)
{linebreak}Hi there!{linebreak}{linebreak}We're looking for someone to join our Engineering team at Zapier as an Application Security Engineer Are you interested in helping build and secure a powerful automation tool? Then read on…{linebreak}{linebreak}We know applying for and taking on a new job at any company requires a leap of faith. We want you to feel comfortable and excited to apply at Zapier. To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier. We hope you'll take the leap of faith and apply.{linebreak}{linebreak}{linebreak}* Our Commitment to Applicants{linebreak}{linebreak}* Culture and Values at Zapier{linebreak}{linebreak}* Zapier Guide to Remote Work{linebreak}{linebreak}* Zapier Code of Conduct{linebreak}{linebreak}* Diversity and Inclusivity at Zapier{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.{linebreak}{linebreak}Even though our job description may seem like we're looking for a specific candidate, the role inevitably ends up tailored to the person who applies and joins. Regardless of how well you feel you fit our description, we encourage you to apply if you meet these criteria:{linebreak}{linebreak}You care deeply about building secure products in secure ways that simplify the lives of millions of people through automation.{linebreak}{linebreak}About You{linebreak}{linebreak}You have web application and infrastructure security experience. Keeping the core Zapier web application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and managing infrastructure under a similar model is a big plus.{linebreak}{linebreak}You know what makes browsers and sites secure.  The web browser is practically the operating system of the internet; these days nearly everything that happens online, happens in a browser.  You’ll help us continue to keep customer data safe by ensuring the “first mile” is trouble-free.{linebreak}{linebreak}You love writing software and building infrastructure. Most of what you’ll do each day is guiding, building and maintaining Zapier's infrastructure and product. You'll focus on high value, high risk portions of Zapier. You'll use code to automate and improve the more mundane parts of auditing and monitoring of internal processes, as well as in the product.{linebreak}{linebreak}You have worked with teams before on large Python, AWS, & Kubernetes projects. You’re also familiar with some common frameworks for languages like Django, Flask, or Rails as well as React/Backbone.js. You've also worked extensively in cloud providers like AWS, GCE, or Azure{linebreak}{linebreak}You love doing things efficiently. At Zapier, the work you do will have a disproportionate impact on the business. We believe in systems and processes that let us scale our impact to be larger than ourselves. You'll be in a unique position to find and eliminate "insecure and painful" experiences and replace them with "secure and joyful" experiences.{linebreak}{linebreak}You love learning. Engineering is an ever-evolving world. You enjoy playing with new tech and exploring areas that you might not have experience with yet.{linebreak}{linebreak}You love to set your own direction. At Zapier, we have one team meeting each week and one-on-one meetings every month. Between those we chat in Slack and then go make things happen.{linebreak}{linebreak}You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.{linebreak}{linebreak}Things You Might Do{linebreak}{linebreak}Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:{linebreak}{linebreak}{linebreak}* Write some Python!{linebreak}{linebreak}* Identify where we can add more layers of defense in depth and implement them.{linebreak}{linebreak}* Periodically embed with product teams with to help with security sensitive projects.{linebreak}{linebreak}* Build internal tooling to ensure safe data access patterns for Zapier employees.{linebreak}{linebreak}* Review code across Zapier's product and infrastructure.{linebreak}{linebreak}* Locating weak points across Zapier and strengthening them.{linebreak}{linebreak}* Ship code to millions of users every week.{linebreak}{linebreak}* Experiment: this is a startup so everything can change{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}As part of our All Hands Support initiative, help customers have the best experience with Zapier as possible.{linebreak}{linebreak}{linebreak}How To Apply{linebreak}{linebreak}We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate.{linebreak}{linebreak}After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.

See more jobs at Zapier

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


GeoComm

verified

Senior Software Engineer - Security Video Integration


GeoComm

verified

esri

gis

azure

agile

esri

gis

azure

agile

7mo

Apply


Stats (beta): πŸ‘ 1,404 views,✍️ 0 applied (0%)
We are looking for a motivated and experienced senior software engineer to help enhance our development effort using a cutting-edge tech stack. Successful candidates will demonstrate a passion for high quality software, have strong engineering principles and methodical problem-solving skills. This is a unique opportunity to build products that truly make a difference. This position is exempt and reports directly to the Joint Operations General Manager. {linebreak}Qualifications{linebreak}BS/MS in Computer Science or Software Engineering{linebreak}7+ years of experience developing software applications and web services{linebreak}Programming experience in Python, C# / .NET, JavaScript or TypeScript{linebreak}Working experience with video camera system SDKs and APIs{linebreak}Working experience with frameworks such as Angular{linebreak}Working experience with SQL databases{linebreak}Working knowledge of Git version control{linebreak}Hands on experience creating responsive web applications using modern frameworks{linebreak}Experience designing applications that operate on cloud environments such as AWS or Azure{linebreak}Ability to establish priorities and work independently on multiple tasks{linebreak}Knowledge of Agile software development methodologies and practices{linebreak}Preferred Experience{linebreak}Experience developing, maintaining, and innovating large scale, consumer facing applications{linebreak}Familiar with the development challenges inherent with highly scalable and available web applications{linebreak}Experience with open source technologies{linebreak}Experience with various modern web frameworks{linebreak}Experience developing GIS applications using Esri technology{linebreak}Experience with Docker{linebreak}Geo-Comm is an equal opportunity employer and does not discriminate in hiring or employment on the basis of race, color, religion, sex, national origin, age, disability, marital status, familial status, sexual orientation, veteran status or any other status protected by applicable law.{linebreak}Geo-Comm Corporation provides a drug-free working environment and is an Equal Opportunity Employer.

See more jobs at GeoComm

Visit GeoComm's website

# How do you apply? Go to www.geo-comm.com and go to the careers tab.
Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Redox

US-only

Security Systems Engineer


Redox

US-only

infosec

engineer

infosec

engineer

US-only7mo

Apply


Stats (beta): πŸ‘ 752 views,✍️ 0 applied (0%)
{linebreak}Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology. At Redox, security comes first as patients depend on our systems to be secure, available and reliable. The Security team partners with every team in our business to make that happen.{linebreak}{linebreak}As a cloud-centric, remote first company we’re looking for a person who will take on securing our highly distributed workforce and make it more secure than the traditional "corporate network." You will be responsible for technical leadership and the hands on building, operating and maintaining of Corporate Operations Security.{linebreak}{linebreak}The scope of this program includes securing the devices, networks and software we use everyday to build and operate Redox. You’ll also build monitoring and alerting systems for the Security team to identify and tackle threats and issues in real-time.{linebreak}{linebreak}Security Engineer (Corporate Operations) is a new, yet critical role at Redox. To be successful in this role you will need to have a vision for what this program should look like and design capabilities which scale as the team and company grows. You can be based anywhere in the US. (See “Work Anywhere” below){linebreak}{linebreak}{linebreak}* Be an active voice in our small, focused security team as the primary engineer responsible for Corporate Operations Security.{linebreak}{linebreak}* Define the secure baseline and secure configuration required for devices and networks at Redox.{linebreak}{linebreak}* Approach securing our company pragmatically, emphasizing with your end-users to understand their needs.{linebreak}{linebreak}* Be responsible for the security management program of all corporate devices. (Asset Management, MDM, Secure Configuration, Monitoring){linebreak}{linebreak}* Take the complex problems you’re working on each day and make them simple when explaining them to your stakeholders.{linebreak}{linebreak}* Build scalable systems which enforce and monitor device compliance with the secure baseline, rectify issues automatically and alert on problematic systems.{linebreak}{linebreak}* Support and build valuable training activities which uplift employee awareness and responses to security threats.{linebreak}{linebreak}* Monitor, report and seek to address security vulnerabilities in corporate devices or networks.{linebreak}{linebreak}* Maximize security impact and reduce risk while minimizing negative impact on our businesses velocity.{linebreak}{linebreak}* Build automated monitoring and alerting which identifies anomalous events.{linebreak}{linebreak}* Lead security incident response through engaging relevant engineers and management to provide support and guidance.{linebreak}{linebreak}* Mentor and guide engineering teams on best practices and preparation for potential compromises (logging etc){linebreak}{linebreak}* Build scalable alerting and monitoring systems using vendor solutions, open source and/or homegrown systems to detect breaches.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Required Skills{linebreak}{linebreak}{linebreak}* Knowledge of current threats and risks, how to detect them, build controls to stop them and training to create awareness of them.{linebreak}{linebreak}* Ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.{linebreak}{linebreak}* Familiarity with MacOS operating system internals, knowledge and ideas of how to manage and secure these devices at scale.{linebreak}{linebreak}* Development experience sufficient to automate repetitive tasks and scale your impact.{linebreak}{linebreak}* Experience with log aggregation and monitoring tooling.{linebreak}{linebreak}* [Bonus Points] Experience with Jamfsoft (Casper Suite){linebreak}{linebreak}* [Bonus Points] Experience with Vulnerability Management Tooling{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}We provide benefits that allow you to live life by your own design. Redox employees enjoy unmatched autonomy in their work and the support to live a balanced life. We trust you know what you need to be happy, at work and at home.{linebreak}{linebreak}{linebreak}* Tackle Challenging Problems Everyday. There is no roadmap for what we are building, so you’ll have the backing and support of talented engineers and security practitioners to make sure you have what you need to be successful.{linebreak}{linebreak}* Work Anywhere. (Within the US) We want to have the best people at Redox - no matter where you call home. All Redox employees are encouraged to live and work wherever they're happiest. All you need is power, wifi, and a computer and you’re good to go. We also run a number of co-located working spaces across many US cities if you prefer an office environment.{linebreak}{linebreak}* Flexible Time Off. Take a trip somewhere fun, stay home to recover from being sick, or have a staycation to unplug and recharge. Our best work happens when we feel fresh and inspired. We leave it up to you to decide when you need to take breaks and encourage you to make time for adventure and discovery.{linebreak}{linebreak}* Health & Dental from Day 1. Working in healthcare makes you understand all the challenges life can throw at you. Your health and dental coverage starts when you do to make sure you're always covered. We provide health and dental insurance for employees, spouses, domestic partners, and dependents, as well as life and disability insurance.{linebreak}{linebreak}* Parental Leave. As your family grows, it’s important that you’re there and have time to figure out what your family’s new norm is. You can take 12 weeks of paid time off within the first year of your new addition arriving. We know that they need you and we have your back.{linebreak}{linebreak}* Productivity Fund. We want you to be able to set up a workspace that allows you to perform at your very best. All Redox employees receive an annual discretionary stipend so you can select what helps you be productive.{linebreak}{linebreak}* 401k. We offer an optional, customizable and flexible 401k plan for you to plan for your financial future on your terms.{linebreak}{linebreak}{linebreak} {linebreak}{linebreak}#Location{linebreak}- US-only

See more jobs at Redox

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


GitHub

Security Operations Engineer


GitHub


infosec

ops

engineer

infosec

ops

engineer

7mo

Apply


Stats (beta): πŸ‘ 819 views,✍️ 0 applied (0%)
Full Time: Security Operations Engineer at GitHub in Remote-US

See more jobs at GitHub

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Olo

Senior Security Engineer Blue Team


Olo


infosec

senior

engineer

infosec

senior

engineer

8mo

Apply


Stats (beta): πŸ‘ 1,149 views,✍️ 0 applied (0%)
{linebreak}At Olo we develop an online food ordering platform used by many of the country’s largest restaurant chains, reaching millions of consumers. Chances are if you’ve ordered directly from a restaurant brand’s app or website, we’ve made that happen. Mobile ordering and payments is an exciting and active industry full of interesting players and yet still a relatively untapped market ripe for disruption. We’re quite up-front about the technical challenges our business faces. Running a platform with multiple white-labeled front-ends, that maintains real-time connections into thousands of restaurants’ POS systems, and coordinates complex transactions between these and other third parties (such as payment gateways and gift card providers) is not for the faint of heart!{linebreak}{linebreak}We take great pride in the reliability, security, and performance of our systems and services. We are looking for a talented security engineer with experience in a Blue Team role to help us fortify our defenses and protect the systems that enable hungry people to order their food quickly and securely.{linebreak}{linebreak}In the role of Senior Security Engineer, you will design and implement the security defenses that enable our systems to keep running while protecting the data of our clients and their customers. Specific responsibilities include:{linebreak}{linebreak}{linebreak}* Monitoring and defending attacks using security technologies that include advanced anti-malware solutions, network forensics, and detection solutions{linebreak}{linebreak}* Participating in Security Incident response investigations{linebreak}{linebreak}* Supporting AV and Endpoint technology and supporting deployments{linebreak}{linebreak}* Responding to alerts, events, and incidents per our specified procedures and policies{linebreak}{linebreak}* Resolving or escalating events and incidents{linebreak}{linebreak}* Interacting with IT operational teams to advise on, coordinate, and track mitigation and remediation activities{linebreak}{linebreak}* Conducting Blue Team exercises and Computer Network Defense drills that enable us to evaluate and improve processes related to threat detection, incident response, patching, remediation, and user training{linebreak}{linebreak}* Maintaining centralized patch and vulnerability management solutions to ensure endpoints are compliant with security guidelines{linebreak}{linebreak}* Performing endpoint management to provide patching and task automation of servers and desktops to maintain a secure and compliant environment.{linebreak}{linebreak}* Performing daily operational work that includes security monitoring, addressing security tickets, security data/logs, and Forensic analysis, host configuration audits, firewall rule reviews, and other security tasks.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}This is a full-time position reporting into our Operations Team. Any engineer may work at Olo’s headquarters in New York City’s Financial District or remotely from anywhere in the U.S. In fact, more than half of our engineering team is remote!{linebreak}{linebreak}Desired Experience{linebreak}{linebreak}{linebreak}* Previous Blue Team experience{linebreak}{linebreak}* Proven experience developing and leading remediation/ mitigation activities, and providing status updates and reports.  Emphasis on remediation plans and strategies.{linebreak}{linebreak}* Experience with Windows Desktop, Windows Server and Linux operating systems and system administration – specifically with regard to patching and compliance{linebreak}{linebreak}* Experience with networking hardware (routers, switches, firewalls) and configuration – specifically with regard to patching and compliance{linebreak}{linebreak}* Understanding of networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT{linebreak}{linebreak}* Technical knowledge of information technology and cyber security standards and issues{linebreak}{linebreak}* Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.){linebreak}{linebreak}* Past experience deploying and maintaining security technologies such as Symantec DLP, Palo Alto, Check Point, Carbon Black, CrowdStrike, Alert Logic, Sophos{linebreak}{linebreak}* Security experience in an AWS operational environment{linebreak}{linebreak}* CISSP certification{linebreak}{linebreak}* Strong English writing and verbal communication skills{linebreak}{linebreak}* Legal right to work in the U.S.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About Olo{linebreak}{linebreak}Olo is the on-demand interface for the restaurant industry, powering digital ordering and delivery for over 200 restaurant brands. Olo’s enterprise-grade software powers every stage of the digital restaurant transaction, from fully-branded user interfaces to the back-of-house order management features that keep the kitchen running smoothly. Orders from Olo are injected seamlessly into existing restaurant systems to help brands capture demand from on-demand channels such as branded website and apps, third-party marketplaces, social media channels, and personal assistant devices like the Amazon Echo. Olo is a pioneer in the industry, beginning with text message ordering on mobile feature phones in 2005. Today, millions of consumers use Olo to order ahead (SKIP THE LINE®) or get meals delivered from the restaurants they love. Customers include Applebee’s, Chili’s, Chipotle, Denny’s, Five Guys Burgers & Fries, Jamba Juice, Noodles & Company, Red Robin, Shake Shack, sweetgreen, Wingstop, and more.{linebreak}{linebreak}Olo is located at 26 Broadway in the historic Standard Oil Building, the former home of John D. Rockefeller.  We offer great benefits, such as 20 days of Paid Time Off, fully paid health, dental and vision care premiums, stock options, a generous parental leave plan, and perks like FitBits, rotating craft beers on tap in our kitchen, and food events featuring our clients' menu items (now you know why we give out FitBits!). Check out our culture map: https://www.olo.com/images/culture.jpg.{linebreak}{linebreak}We encourage you to apply!{linebreak}{linebreak}At Olo, we know a diverse and inclusive team not only makes our products better, but our workplace better. Many groups are consistently underrepresented across the tech sector and we are fully committed in doing our part to move the needle.{linebreak}{linebreak}Olo is an equal opportunity employer and diversity is highly valued at our company. All applicants receive consideration for employment. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, pregnancy, age, marital status, veteran status, or disability status.{linebreak}{linebreak}If you like what you read, hear, and/or know about Olo, and want to be a part of our team, please do not hesitate to apply! We are excited to hear from you!

See more jobs at Olo

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stats (beta): πŸ‘ 1,018 views,✍️ 0 applied (0%)
Doximity is transforming the healthcare industry. Our mission is to help doctors save time so they can provide better care for patients.{linebreak}{linebreak}We value diversity β€” in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds to help build the future of healthcare.{linebreak}{linebreak}This position is for an experienced DevOps engineer to own Security efforts for our entire application stack and join our 8 person DevOps team. We’re looking for someone with a strong track record in building infrastructure, maintaining high level of uptime and optimal security. You will be supporting and building products alongside our 50+ person engineering team used by hundreds of thousands of people.{linebreak}{linebreak}**How you’ll make an impact:**{linebreak}{linebreak}* Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.{linebreak}* Write penetration tests for applications and services.{linebreak}* Periodically audit and rotate access credentials.{linebreak}* Document current and future security procedures and policies in the wiki.{linebreak}* Lead security/policy related audits such as SOC2 Type II (annual renewal).{linebreak}* Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.{linebreak}* Remediate and write post-mortem reports on security-related issues.{linebreak}* Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.{linebreak}* Work on automating tasks using Jenkins.{linebreak}* Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.{linebreak}* Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.{linebreak}* Write Chef cookbooks (using "Berkshelf Way") to automate configuration management.{linebreak}* Participate in a 1-week on 7-week off, 24/7 on-call rotation.{linebreak}* Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.{linebreak}* Troubleshoot issues across the whole stack: hardware, software, and network.{linebreak}{linebreak}**What we’re looking for:**{linebreak}{linebreak}* Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.{linebreak}* Minimum of 5 years of relevant web application security experience{linebreak}* Extensive AWS experience{linebreak}* Experience writing application security penetration tests with an open source framework.{linebreak}* Automation experience with configuration management tools such as Chef, Ansible, or Puppet.{linebreak}* Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus){linebreak}* Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.{linebreak}* Experience automating application deployments with Capistrano or Jenkins.{linebreak}* Ability to work in a proactive manner and manage your own queue.{linebreak}* Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.{linebreak}{linebreak}**About Doximity**{linebreak}{linebreak}We’re thrilled to be named the Fastest Growing Company in the Bay Area, and one of Fast Company’s Most Innovative Companies. Joining Doximity means being part of an incredibly talented and humble team. We work on amazing products that over 70% of US doctors (and over one million healthcare professionals) use to make their busy lives a little easier. We’re driven by the goal of improving inefficiencies in our $2.5 trillion U.S. healthcare system and love creating technology that has a real, meaningful impact on people’s lives. To learn more about our team, culture, and users, check out our careers page, company blog, and engineering blog. We’re growing fast, and there’s plenty of opportunity for you to make an impactβ€”join us!{linebreak}{linebreak}*Doximity is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.* {linebreak}{linebreak}# Requirements{linebreak}Use apply button

See more jobs at Doximity

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Retail Zipline

Security Engineer For Rails Enterprise Saas


Retail Zipline


infosec

saas

ruby

engineer

infosec

saas

ruby

engineer

9mo

Apply


Stats (beta): πŸ‘ 1,308 views,✍️ 0 applied (0%)
{linebreak}Retailers use archaic, old systems that don't work (think fax machines and voicemails). We're replacing the core operational processes with a modern platform that our customers love. Help us transform a $4.4 trillion industry and improve the way millions of people work. Major retailers like Gap, Nike, LEGO, and Old Navy are already using Zipline every day, but there is so much more to do!{linebreak}{linebreak}We are looking for our first dedicated Cloud Security Engineer to join our team as the surface area of our product and infrastructure continue to scale and keep up with rapid customer growth.{linebreak}{linebreak}“I think I just shed a tear. This is great!” – One of our Fortune 100 customers{linebreak}{linebreak}Here are some projects we're excited for you to work on: {linebreak}- Security strategies such as static analysis, alerting, logging, and monitoring {linebreak}- Interface with the rest of engineering and product teams by building common libraries and processes for all of engineering to leverage {linebreak}- Scoping and managing third party assessment and compliance vendors {linebreak}- Security-oriented feature development {linebreak}- Collaboration with infrastructure team on security-oriented infrastructure topics {linebreak}- Evangelize security best practices for product and engineering teams{linebreak}{linebreak}What we look for: {linebreak}- You have significant relevant production experience with large scale web applications {linebreak}- You have great written and verbal communication skills. {linebreak}- You prefer taking projects from inception to completion, and are outcome oriented. {linebreak}- You have 3+ years experience in web application security {linebreak}- You have a strong understanding of security architecture, risk analysis, network security, identity management, and security monitoring. {linebreak}- You proactive with communication and have no problem managing your time as a remote employee. {linebreak}- You are proud of your craft, and enjoy and value clean code that scales to keep large teams productive.{linebreak}{linebreak}Bonus points: {linebreak}- CISSP certified {linebreak}- Scaled security for another cloud startup {linebreak}- Experience with retailers

See more jobs at Retail Zipline

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Center for Internet Security

Software Engineer


Center for Internet Security


dev

engineer

infosec

digital nomad

dev

engineer

infosec

digital nomad

10mo

Apply


Stats (beta): πŸ‘ 890 views,✍️ 0 applied (0%)
{linebreak}About the Job{linebreak}{linebreak}The Software Engineer is assigned to the Security Best Practices Division at the Center for Internet Security. Reporting to the Development Team Leader – CIS-CAT, the Software Engineer will partner with other cybersecurity team members to promote the CIS mission and help support our growth. The primary purpose of this position is development, maintenance, and coordination of the ongoing release (monthly, and as-needed) of our security configuration assessment software offerings (CIS-CAT Pro).{linebreak}{linebreak}Here’s a Snapshot of your Tasks and Responsibilities{linebreak}{linebreak}{linebreak}* Contribute to the development of new software applications and to the maintenance of existing applications.{linebreak}{linebreak}* Create and maintain documentation of application features, user guide updates and source code.{linebreak}{linebreak}* Ensure software quality assurance throughout the software development lifecycle, through the use of unit testing and integration testing.{linebreak}{linebreak}* Application support activities, such as working with operations staff on member support requests and new member orientation presentations.{linebreak}{linebreak}* Collaborate with other SCA team members as needed.{linebreak}{linebreak}* Other tasks and responsibilities as assigned.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What are we looking for in you?{linebreak}{linebreak}Required Qualifications:{linebreak}{linebreak}{linebreak}* Bachelor’s degree in Computer Science or Information Technology at an accredited college or equivalent work experience.{linebreak}{linebreak}* 3+ years’ experience developing data-driven Java (or other JVM language) applications, including web-based and standalone desktop/command-line applications.{linebreak}{linebreak}* Proficiency in Java and Groovy, or JVM-based programming languages.{linebreak}Experience parsing and processing large XML data sets.{linebreak}{linebreak}* Must be authorized to work in the United States.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.{linebreak}{linebreak}Preferred Qualifications:{linebreak}{linebreak}{linebreak}* 5+ years’ experience developing data-driven Java (or other JVM language) applications, including web-based and standalone desktop/command-line applications.{linebreak}{linebreak}* Demonstrated experience using multiple programming languages is preferable; languages such as Groovy, C#, and Python, PowerShell, Windows API’s, Linux commands and shell scripting, XSLT, JSON, and database management systems.{linebreak}{linebreak}* Front-end development experience using Bootstrap, JavaScript, and/or JQuery.{linebreak}{linebreak}* Experience with Security Automation standards, such as the Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Platform Enumerations (CPE), Common Vulnerabilities and Exposures (CVE), or the Common Vulnerability Scoring System (CVSS) are strongly encouraged.{linebreak}{linebreak}* Operational experience in an Agile/Scrum development team.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Core Competencies:{linebreak}{linebreak}{linebreak}* Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach.{linebreak}{linebreak}* Accountable for successful completion of multiple, individual projects simultaneously.{linebreak}{linebreak}* Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.{linebreak}{linebreak}* Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.{linebreak}{linebreak}* Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}The CIS Offer{linebreak}{linebreak}{linebreak}* A culture that is engaging, fun and energetic{linebreak}{linebreak}* An organization that supports Work/Life balance{linebreak}{linebreak}* Competitive compensation{linebreak}{linebreak}* Comprehensive benefits package including medical, dental, vision and life insurance{linebreak}{linebreak}* 401K plan with company match{linebreak}{linebreak}* Bonding and military leave{linebreak}{linebreak}* Paid time off upon date of hire{linebreak}{linebreak}* Tuition and certification reimbursement{linebreak}{linebreak}* Relocation assistance{linebreak}{linebreak}* On-site wellness programs{linebreak}{linebreak}* Community involvement opportunities{linebreak}{linebreak}* An environment that promotes growth and professional development including our award-winning training opportunities{linebreak}{linebreak}{linebreak}

See more jobs at Center for Internet Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


SUSE

Senior Security Engineer


SUSE


infosec

senior

engineer

infosec

senior

engineer

10mo

Apply


Stats (beta): πŸ‘ 1,743 views,✍️ 0 applied (0%)
Full Time: Senior Security Engineer at SUSE in Nuremberg, Germany or remote office

See more jobs at SUSE

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Federated Wireless

Cloud Security Engineer


Federated Wireless


infosec

cloud

engineer

infosec

cloud

engineer

10mo

Apply


Stats (beta): πŸ‘ 961 views,✍️ 0 applied (0%)
{linebreak}Federated Wireless is a dynamic, fast-paced, cutting-edge software company that is leading the wireless industry through the shared spectrum revolution.{linebreak}{linebreak}Federated Wireless is disaggregating the wireless networks to allow for new disruptive models for fast, low-cost cloud enabled wireless connectivity solutions. We are taking advantage of the latest cloud services and implementing advanced algorithms to fully automate service creative and delivery. We are looking for leaders who want to revolutionize the way wireless networks are built.{linebreak}{linebreak}Federated Wireless is led by CEO Iyad Tarazi and a team of industry veterans who continue to build on this heritage, pioneering new territory in the commercialization of shared spectrum.{linebreak}{linebreak}The Role:{linebreak}{linebreak}Federated Wireless is seeking a Cloud Security Engineer to monitor and proactively manage the security of Federated Wireless’ network and application services. The engineer is expected to be able to independently design, develop, deploy and maintain security management technologies in all phases of an agile service development and deployment life cycle. She or he will be required to design components or sub-components, and then follow through with the integration, and testing of all components. Self-motivation, teamwork and experience working in a fast paced agile environment are highly desired.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}{linebreak}* Designs, integrates, and tests a suite of tools for security management of multi-tenant private and public cloud application services.{linebreak}{linebreak}* Recommends configuration changes to improve the performance, usability, and value of cyber analysis tools.{linebreak}{linebreak}* Assists with product studies, performs requirements analysis, and develops software architectures to meet requirements{linebreak}{linebreak}* Creates technical proposals and white papers, writes functional and design specifications{linebreak}{linebreak}* Measure compliance against standards{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Experience in the following areas is required:{linebreak}{linebreak}{linebreak}* 3-5 years experience (preferred) with security management of cloud based services (SaaS) in a fast-paced Agile environment.{linebreak}{linebreak}* Experience architecting, deploying and managing a suite of security management tools, including tools for: WAF, SIEM, log management, DDOS protection, Pen-testing, vulnerability management, automated code analysis, and anti-malware.{linebreak}{linebreak}* Hands-on experience with security management of virtual machines, containers, and applications.{linebreak}{linebreak}* Experience with Git source code control{linebreak}{linebreak}* Excellent oral and written communication skills{linebreak}{linebreak}* Strong knowledge of public key cryptography, web services SSO strategies, CVSS scoring{linebreak}{linebreak}{linebreak}{linebreak}{linebreak} Experience in the following area is desired:{linebreak}{linebreak}{linebreak}* Experience with Agile development and participating in CI/CD pipelines{linebreak}{linebreak}* Experience with automation and dev-ops technologies (such as puppet, chef, ansible, etc){linebreak}{linebreak}* Strong knowledge of open-source libraries/packages{linebreak}{linebreak}{linebreak}{linebreak}{linebreak} Location:{linebreak}{linebreak}{linebreak}* Open to any of Federated Wireless' office locations in Arlington, VA; Boston, MA; or San Jose, California{linebreak}{linebreak}* Travel will be required in this position, domestically or internationally as deemed necessary to the growth and expansion of the Company.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak} Federated Wireless is committed to providing equal opportunity for all employees and applicants without regard to race, color, religion, sex, sexual preference/orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, veteran status, or any other protected classification under applicable law.

See more jobs at Federated Wireless

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Numbrs Personal Finance AG

Security Engineer


Numbrs Personal Finance AG


golang

infosec

engineer

golang

infosec

engineer

10mo

Stats (beta): πŸ‘ 944 views,✍️ 0 applied (0%)
ZΓΌrich, Switzerland - Responsibilities include but are not limited to reviewing designs, code, performing in-depth security assessments of mobile apps, distributed backend systems and internal IT infrastructure; developing custom security tools; documenting the infrastructure, poli...

See more jobs at Numbrs Personal Finance AG

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


InVisionApp

Senior Security DevOps Engineer


InVisionApp


infosec

devops

senior

engineer

infosec

devops

senior

engineer

11mo

Apply


Stats (beta): πŸ‘ 1,562 views,✍️ 0 applied (0%)
As a Security SRE, you will play a critical role in effectively maintaining and improving the security of our organization’s systems, platform and infrastructure. You will be responsible for monitoring and managing the security in our cutting edge containerized environments using Docker, Kubernetes and CoreOS. You will also work with the security team to manage traditional system and network security tools such as web application firewalls, DDoS service, IPS and more designed to protect our customers and business against malicious external attacks. You will have the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure, all in a container centric environment!{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Work across engineering teams to establish and enforce secure practices and procedures in the building of environments and deployment of code{linebreak}{linebreak}* Implementation, configuration and management of cutting edge container security tooling of hosts and nodes{linebreak}{linebreak}* Perform vulnerability identification and remediation including patch management for systems and networks{linebreak}{linebreak}* Management of AWS Security including best practices, security groups, user access{linebreak}{linebreak}* Management and configuration of security tooling including web application firewall, DDoS service, IPS, IDS, FIM, AV and more{linebreak}{linebreak}* Remediation of reported infrastructure or platform vulnerabilities, exploits and threats{linebreak}{linebreak}* Management of user access, roles and permissions to critical services{linebreak}{linebreak}* System hardening according to industry best practices{linebreak}{linebreak}* Cross-team work with infrastructure and platform teams{linebreak}{linebreak}{linebreak}{linebreak}Preferred skills/tools:{linebreak}{linebreak}{linebreak}* Containerization / Kubernetes{linebreak}{linebreak}* CoreOS / Alpine / Ubuntu{linebreak}{linebreak}* Patch Management{linebreak}{linebreak}* AWS environment builds / security groups{linebreak}{linebreak}* Github{linebreak}{linebreak}* WAF, IDS, IPS, FIM, AV, VPN{linebreak}{linebreak}{linebreak}{linebreak}Preferred Certifications:{linebreak}{linebreak}{linebreak}* CISSP{linebreak}{linebreak}* SSCP{linebreak}{linebreak}* CCSP{linebreak}{linebreak}* SANS Certs{linebreak}{linebreak}{linebreak}

See more jobs at InVisionApp

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Security Engineering Manager


Auth0


infosec

exec

engineer

infosec

exec

engineer

11mo

Apply


Stats (beta): πŸ‘ 1,112 views,✍️ 0 applied (0%)
{linebreak}Auth0 gives companies simple, powerful and developer friendly building blocks so they can free up resources to focus on innovation. We strive to be the identity platform of choice of developers and Enterprises. We take our culture very seriously and are looking for people who are drawn to both our mission and our culture.{linebreak}{linebreak}We are a security company and Auth0's Security Team is in the privilege position of supporting a security first culture for a company that wants to make the internet safer.{linebreak}{linebreak}The Cloud Security team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a security engineer with a passion for solving security problems and building tools to drive automation. This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Cloud Security team.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Provide team leadership and own the delivery of security engineering projects{linebreak}{linebreak}* Design, build and maintain the systems that help keep Auth0 secure{linebreak}{linebreak}* Demonstrate the effectiveness and coverage of these systems{linebreak}{linebreak}* Develop tools to test, monitor and enforce security policy{linebreak}{linebreak}* Automate security process to reduce as much manual process as possible{linebreak}{linebreak}* Own and improve our security monitoring pipeline{linebreak}{linebreak}* Participate in the on-call rotation to support the infrastructure and respond to security events{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Experience working as a Security Engineer and delivering engineering projects{linebreak}{linebreak}* Experience administering and securing AWS{linebreak}{linebreak}* Strong Linux experience{linebreak}{linebreak}* Proficiency in at least one programming language (e.g. Python, Node, Go etc.){linebreak}{linebreak}* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc){linebreak}{linebreak}* Strong written and verbal communication skills{linebreak}{linebreak}* Comfort working in a globally distributed environment with a remote workforce{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Extra Points:{linebreak}{linebreak}{linebreak}* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation{linebreak}{linebreak}* Experience running a vulnerability management programme{linebreak}{linebreak}* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc){linebreak}{linebreak}* You write readable, maintainable code and have experience managing source code with git{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Examples of our Engineering Culture:{linebreak}{linebreak}{linebreak}* https://auth0.engineering/{linebreak}{linebreak}* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d{linebreak}{linebreak}* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


InVisionApp

Senior Security Engineer Risk Compliance


InVisionApp


infosec

senior

engineer

infosec

senior

engineer

11mo

Apply


Stats (beta): πŸ‘ 1,638 views,✍️ 0 applied (0%)
InVision is the world's leading product design platform, powering the future of digital product design through our deep understanding of the dynamics of collaboration. We provide two million people with the power to prototype, review, refine, manage and user test web and mobile products. InVision drives the product design process at leading Fortune 100 companies, including at Disney, IBM, Walmart, Apple, Verizon and General Motors. Backed by Accel, ICONIQ Capital, FirstMark Capital, Tiger Global and others. InVision is a distributed team with over 200 employees around the world.{linebreak}{linebreak}As a Security Specialist focused on risk and compliance, this position will provide the individual an opportunity to help shape the direction of our company’s security program by providing thought leadership, professional support and valued contributions to a range of activities.  We are looking for an experienced security professional with a strong background in audit and compliance management.  This role will work with third parties, customers and auditors to manage compliance efforts as well as performing internal audits across various departments to ensure security and customer requirements are met.  You will have the opportunity to expand beyond audit and compliance efforts as well by providing operational support for our security defenses, including the technologies deployed for protecting company and customer information assets and infrastructure.  This position plays a critical role in identifying, protecting, detecting and responding to potential security vulnerabilities, while also providing consultative support for security-related projects.  The right person will bring passion that promotes understanding and continuous education.{linebreak}{linebreak}This role will report to the Manager of Information Security.{linebreak}{linebreak}{linebreak}Key Responsibilities Include:{linebreak}{linebreak}{linebreak}* Work with internal and external entities to ensure the security of our customers{linebreak}{linebreak}* Manage third party and customer audits{linebreak}{linebreak}* Third party risk assessments{linebreak}{linebreak}* Internal risk assessments{linebreak}{linebreak}* Internal compliance audits (user access reviews, firewall reviews){linebreak}{linebreak}* Employee / endpoint compliance efforts{linebreak}{linebreak}* Risk assessments and risk remediation efforts{linebreak}{linebreak}* Security audits of people, systems and processes{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Preferred skills/tools:{linebreak}{linebreak}{linebreak}* GRC Tools{linebreak}{linebreak}* PCI / SOC 2 knowledge{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Preferred Certifications:{linebreak}{linebreak}{linebreak}* CISSP{linebreak}{linebreak}* CISM{linebreak}{linebreak}* CISA{linebreak}{linebreak}* CGEIT{linebreak}{linebreak}* CRISC{linebreak}{linebreak}{linebreak}

See more jobs at InVisionApp

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


VividCortex

US-only

Application Security Engineer


VividCortex

US-only

infosec

engineer

infosec

engineer

US-only11mo

Apply


Stats (beta): πŸ‘ 1,004 views,✍️ 0 applied (0%)
{linebreak}The Application Security Engineer champions security within VividCortex’ product development teams through the design and integration of security controls, and educating our teams through training and security programs. Our security team is a key part of our growth strategy! Diversity is important to us, and we welcome and encourage applicants from all walks of life and all backgrounds. Remote work within the US with regular travel to our Charlottesville, VA headquarters, is available for this position.{linebreak}{linebreak}What you’ll get to do here:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Provide security expertise on our systems, network, encryption, and authentication.{linebreak}{linebreak}* Understand our AWS architecture, full engineering stack, services, and data flow and own their security controls.{linebreak}{linebreak}* Implement and maintain technologies for security, such as vulnerability testing, logging, monitoring and incident response.{linebreak}{linebreak}* Help define our secure development standards and ensure they are met.{linebreak}{linebreak}* Consult with engineering on planned and current platform and code changes to ensure security is given due consideration during architectural planning and implementation.{linebreak}{linebreak}* Perform code reviews, penetration testing, and security functional testing.{linebreak}{linebreak}* Own security awareness training for engineering, and create engaging security programs (bug bounty, white hat testing, and more).{linebreak}{linebreak}* Document and develop security engineering processes and procedures in support of compliance processes.{linebreak}{linebreak}* Identify and assist in the development of  security features within our products.{linebreak}{linebreak}* Represent Security as a resource for a great engineering culture.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}You’re great at:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Sharing your passion for security with the team and advocating for customer needs.{linebreak}{linebreak}* Being the engineering team member that others depend on for guidance on security issues.{linebreak}{linebreak}* Staying on top of security trends and emerging threats in a rapidly changing industry.{linebreak}{linebreak}* Creating engaging programs for training and security awareness.{linebreak}{linebreak}* Choosing and using vulnerability testing tools for penetration tests and compliance audits.{linebreak}{linebreak}* Understanding complex applications, infrastructure and business processes.{linebreak}{linebreak}* Identifying security risks in the product and SDLC and finding pragmatic ways to mitigate them.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}You'll benefit from experience in:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* High-growth technology environments.{linebreak}{linebreak}* Software as a Service products.{linebreak}{linebreak}* Frameworks and standards such as ISO, CSA, HIPAA, PCI, GLBA, etc.{linebreak}{linebreak}* System administration, particularly AWS.{linebreak}{linebreak}* General development, deployment, and operation of modern API-powered web applications using continuous delivery and Git in a Unix/Linux environment.{linebreak}{linebreak}* Coding, particularly with Go and scripting languages such as Bash.{linebreak}{linebreak}* Coding platforms include, PHP, Golang, C+, C++, Perl, Python, and Javascript.{linebreak}{linebreak}* Database platforms include, MySQL, PostgreSQL, MongoDB, Redis, Cassandra.{linebreak}{linebreak}* OS platforms include Linux, Free BSD and Windows.{linebreak}{linebreak}* Cloud SaaS Services, AWS{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}At VividCortex, we want to build a diverse team because it's the right thing to do, and because we believe diversity is strength. We encourage applicants from all walks of life and all backgrounds. Note to Agencies and Recruiters: VividCortex has a strict company policy against engaging with unsolicited contact from agencies or recruiters.  Unsolicited resumes and leads are property of VividCortex and VividCortex explicitly denies that any information sent to VividCortex can be construe {linebreak}{linebreak}#Location{linebreak}- US-only

See more jobs at VividCortex

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


InVisionApp

Engineering Manager Security


InVisionApp


infosec

exec

engineer

infosec

exec

engineer

11mo

Apply


Stats (beta): πŸ‘ 930 views,✍️ 0 applied (0%)
{linebreak}InVision is the Digital Product Design platform used to make the world’s best customer experiences. We provide design tools and educational resources for teams to navigate every stage of the product design process, from ideation to development.{linebreak}{linebreak}{linebreak}Today, more than 3.5 million people use InVision to create a repeatable and streamlined design workflow; rapidly design and prototype products before writing code, and collaborate across their entire organization. That includes more than 80 percent of the Fortune 100, and organizations like Airbnb, Amazon, HBO, Netflix, Slack, Starbucks, and Uber, who are now able to design better products, faster.{linebreak}{linebreak}{linebreak}InVision is a fully distributed company with employees in 25 countries around the world. The company has raised more than $235 million in funding from leading investors including Accel, ICONIQ, FirstMark, Tiger Global, Battery Ventures, and Spark Capital. Visit us at InVisionApp.com and InVisionApp.com/blog.{linebreak}{linebreak}{linebreak}You are someone who loves building high performing teams. You believe that the foundations of a really good team are a clear vision, engaged and talented engineers, just enough process, fast and effective decision-making, and excellent communication.  You’re never satisfied and are always looking for ways to make things better and to deliver faster with higher reliability. You care deeply about the work that you do and the people who are doing it. You practice the leader-leader model. Ok, so it’s pretty clear that you’re awesome.  And awesome people like to work on awesome stuff, right?{linebreak}{linebreak}{linebreak}We want you to help us establish and solidify our SecDevOps framework.  We’re fully invested in the latest security and platform technologies such as Containerization, Kubernetes, AWS services, Go, Web Application Firewalls, and much more.  You will get to work on tools and security products that will help protect our organization and customers; and critical in helping the business succeed.{linebreak}{linebreak}{linebreak}Your work will directly contribute to people loving their work. You will manage the SecDevOps team and collaborate closely with our Platform’s DevOps team to maintain the security of the build, stability, and availability of our service. It’s genuinely a lot of fun working on a great product and pushing the edge in SecDevOps.{linebreak}{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Be accountable for your team’s delivery and execution on projects and operation of services.{linebreak}{linebreak}* Lead and grow the engineers on your team through coaching and mentoring, regular reviews, and one-on-ones.{linebreak}{linebreak}* Manage projects through effective planning, communication of status, and coordination of activities within your team and across teams.{linebreak}{linebreak}* Continuously improve your team’s processes.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Strong Player Coach that can develop and lead SecDevOps strategy{linebreak}{linebreak}* Experienced in mentoring and coaching engineers.{linebreak}{linebreak}* Experienced in delivering complex projects quickly and with a focus on quality and reliability.{linebreak}{linebreak}* Process-oriented but hates bureaucracy. Experienced with Agile and/or Lean.{linebreak}{linebreak}* Good at getting things done with minimal oversight while maintaining good information flow.{linebreak}{linebreak}* Experienced hiring good engineers who add to the strengths of the team.{linebreak}{linebreak}* Strong architectural understanding of back end systems.{linebreak}{linebreak}* Balances good strategic vision with tactical execution.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}There are a number of reasons you really want to be an Engineering Manager on this team.  You will have the opportunity to work with a super talented, engaged engineers who love what they do.  You will work with an experienced leadership team that has successfully grown and mentored managers. You’ll be part of a peer group that is supportive and always learning.  {linebreak}{linebreak}If this sounds like you, we’d like to know more!

See more jobs at InVisionApp

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Security Engineer


Auth0


infosec

engineer

infosec

engineer

12mo

Apply


Stats (beta): πŸ‘ 1,095 views,✍️ 0 applied (0%)
{linebreak}Auth0 gives companies simple, powerful and developer friendly building blocks so they can free up resources to focus on innovation. We strive to be the identity platform of choice of developers and Enterprises. We take our culture very seriously and are looking for people who are drawn to both our mission and our culture.{linebreak}{linebreak}We are a security company and Auth0's Security Team is in the privilege position of supporting a security first culture for a company that wants to make the internet safer.{linebreak}{linebreak}{linebreak}The Infrastructure Security team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a Senior engineers...{linebreak}{linebreak}{linebreak}This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Security Operations team.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Provide team leadership and own the delivery of security engineering projects{linebreak}{linebreak}* Design, build and maintain the systems that help keep Auth0 secure{linebreak}{linebreak}* Demonstrate the effectiveness and coverage of these systems{linebreak}{linebreak}* Develop tools to test, monitor and enforce security policy{linebreak}{linebreak}* Automate security process to reduce as much manual process as possible{linebreak}{linebreak}* Own and improve our security monitoring pipeline{linebreak}{linebreak}* Participate in the on-call rotation to support the infrastructure and respond to security events{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Experience working as a Security Engineer and delivering engineering projects{linebreak}{linebreak}* Experience administering and securing AWS{linebreak}{linebreak}* Strong Linux experience{linebreak}{linebreak}* Proficiency in at least one programming language (e.g. Python, Node, Go etc.){linebreak}{linebreak}* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc){linebreak}{linebreak}* Strong written and verbal communication skills{linebreak}{linebreak}* Comfort working in a globally distributed environment with a remote workforce{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Extra Points:{linebreak}{linebreak}{linebreak}* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation{linebreak}{linebreak}* Experience running a vulnerability management programme{linebreak}{linebreak}* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc){linebreak}{linebreak}* You write readable, maintainable code and have experience managing source code with git{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Examples of our Engineering Culture:{linebreak}{linebreak}{linebreak}* https://auth0.engineering/{linebreak}{linebreak}* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d{linebreak}{linebreak}* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


CoverMyMeds

Application Security Engineer


CoverMyMeds


infosec

engineer

infosec

engineer

12mo

Apply


Stats (beta): πŸ‘ 1,146 views,✍️ 0 applied (0%)
{linebreak}As the Application Security Engineer at CoverMyMeds, you’ll be responsible for building and growing our application security program.  You’ll focus on creating and improving tools and processes that contribute to highly-secure application development environments and technical operations.  You’ll partner closely with developers across the company, supporting their needs and advocating for security best practices.  You’ll work on a small team with endless opportunities to continue growing and mentor others.{linebreak}{linebreak}What You'll Do: {linebreak}{linebreak}{linebreak}* Build and grow our application security program, including:{linebreak}{linebreak}{linebreak}{linebreak}* Assessing and assigning risk{linebreak}{linebreak}* Static code reviews{linebreak}{linebreak}* Secure coding policies{linebreak}{linebreak}* Security checkpoints{linebreak}{linebreak}* Code review methodologies{linebreak}{linebreak}* Security education for our development teams{linebreak}{linebreak}* Anything else you think should be part of the program{linebreak}{linebreak}{linebreak}{linebreak}* Document everything important you do for our application security program{linebreak}{linebreak}* Partner closely with our development teams to understand their needs and incorporate secure code-development practices from the very beginning of our processes to disseminate security expertise and knowledge of our complex environment{linebreak}{linebreak}* Proactively seek out opportunities to continuously learn about security best practices{linebreak}{linebreak}* Support the assessment and implementation of application security tools and technologies {linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About You:{linebreak}{linebreak}{linebreak}* 3+ years of web development experience{linebreak}{linebreak}* 2+ years of application security experience{linebreak}{linebreak}* 2+ years of experience using dynamic web application vulnerability scanning and static code analysis tools and services{linebreak}{linebreak}* Proven experience mitigating and addressing application threat vectors {linebreak}{linebreak}* Proven experience securing all major web server environments and cloud platforms based on OWASP top ten recommendations {linebreak}{linebreak}* A natural collaborator who seeks out new perspectives and builds trusting relationships with stakeholders and team members{linebreak}{linebreak}* Excellent interpersonal skills to influence stakeholders to do the right thing for our products{linebreak}{linebreak}* Devoted to learning, constantly working to stay up-to-date on security best practices{linebreak}{linebreak}{linebreak}

See more jobs at CoverMyMeds

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stats (beta): πŸ‘ 1,859 views,✍️ 0 applied (0%)
Blockstack is a new internet for decentralized apps. With Blockstack, you own your data and maintain your privacy, security and freedom. Blockstack is open source project and a public benefit corporation. [Learn more](https://blockstack.org).{linebreak}{linebreak}Blockstack is looking for a passionate and collaborative DevOps Engineer to help develop rigorous testing suites to guarantee the safety of a soon-to-be launched cryptocurrency and blockchain. This person will work on implementing securely tested solutions, and interface with our dev team and back end engineers on product builds and feature implementation. This role will span testing and security, software development and upgrades, improvements to our Developer API, and community support. {linebreak}{linebreak}Our engineering team builds software using JavaScript/ES6, React, Redux, Swift, and Objective-C on the frontend and Python, bash, and Bitcoin Core on the backend.{linebreak}{linebreak}Things You'll Work On:{linebreak}- Manage distribution of Blockstack software upgrades for developers and everyday users{linebreak}- Keep our users happy by managing Blockstack browser availability, scalability, and performance {linebreak}- Build tools for faster deployment schedules {linebreak}- Instate monitoring protocols and fail-over measures {linebreak}- Implement continuous testing practices to ensure the security and performance goals of Blockstack are met across backend services, blockchain infrastructure, and our frontend user clients{linebreak}- Deliver on rapid implementation schedules (without compromising on smart development goals and principles) to build web functionality that is functional, fast, and scalable{linebreak}{linebreak}Qualifications{linebreak}You are have worked in a large, highly available systems environment before, as well as an agile start-up. You are familiar with strategizing and improving for system security and availability. Your strengths lie in backend development, but can work across the full-stack when needed. {linebreak}{linebreak}KPIs{linebreak}- Increased uptime of Blockstack software {linebreak}- Delivery of long term, securely tested software {linebreak}- Work to improve our failure processes, alerting, and emergency response times {linebreak}- Support our community developers to increase number and usability of Blockstack Apps {linebreak}{linebreak}Skills {linebreak}- Experience developing with python and bash{linebreak}- Comfort across operating systems, with a strong Linux background{linebreak}- Experience across the CI/CD pipeline, with an understanding of best practices for automated testing and deployment{linebreak}- Ability to build and maintain highly available infrastructure{linebreak}- Competency in monitoring and quick response time in the event of an emergency{linebreak}- Security background with strength in automated testing and infrastructure{linebreak}- Experience deploying Bitcoin infrastructure with bitcoin core or utxo providers{linebreak}{linebreak}Qualities + Traits {linebreak}- Passion for building the new internet for decentralized apps {linebreak}- Strong problem solving skills, ability to think fast and thoroughly{linebreak}- Development mindset with strong security background{linebreak}- Experience in a rapidly scaling start-up{linebreak}- Proactive solution provider{linebreak}- Excellent communication

See more jobs at Blockstack

Visit Blockstack's website

# How do you apply? Please send cover letter, resume, and Github or personal website. We look forward to hearing from you!
Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


VMRay

Security Engineer Malwareanalyse Macos


VMRay


macos

infosec

engineer

macos

macos

infosec

engineer

macos

1yr

Apply


Stats (beta): πŸ‘ 1,036 views,✍️ 0 applied (0%)
{linebreak}SECURITY ENGINEER (M/F){linebreak}{linebreak}Malware Analysis macOS{linebreak}{linebreak}Location:{linebreak}{linebreak}Bochum, Germany{linebreak}{linebreak}Remote work:{linebreak}{linebreak}Partial{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}We are looking for a new Software Engineer focused on macOS. Your main task will be to research, design, and implement effective detection rules based on results from our static and dynamic analysis. You will be responsible for identifying typical malware behavior patterns by analyzing macOS malware and eventually turning your findings into detection rules. You will collaborate with the rest of the development team to provide insights that help improve the efficacy and performance of VMRay Analyzer. The job requires a strong interest in gaining an in-depth understanding of macOS internals, such as official and unofficial APIs, binary file formats, kernel internals, etc. You will have to keep yourself and the team up to date with the current macOS malware landscape.{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Strong interest in macOS internals and malware analysis{linebreak}{linebreak}* Good knowledge of macOS API{linebreak}{linebreak}* Proficient with Python programming or at least one similar high-level programming language{linebreak}{linebreak}* Experience in malware analysis is a plus{linebreak}{linebreak}* Fluent in English{linebreak}{linebreak}* On-site employment at our headquarters in Bochum (partial remote work possible){linebreak}{linebreak}{linebreak}

See more jobs at VMRay

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Carium

Software Engineer Application Security


Carium


infosec

dev

engineer

digital nomad

infosec

dev

engineer

digital nomad

1yr

Apply


Stats (beta): πŸ‘ 1,102 views,✍️ 0 applied (0%)
{linebreak}Carium is looking for a software engineer to help build and secure the core of our healthcare application including our identity solution.  This position provides the opportunity for you to participate in a variety of disciplines as you help connect individuals to the enterprise systems where the bulk of our healthcare data is stored today.   {linebreak}{linebreak}Qualities we admire:{linebreak}{linebreak}{linebreak}* The motivation to deliver products that improve our population’s quality of life{linebreak}{linebreak}* The ability and drive to work independently and complete projects{linebreak}{linebreak}* Commitment to building high quality software through extensive use of test automation{linebreak}{linebreak}* A proactive, communicative individual who is always excited to learn something new{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Relevant Experience:{linebreak}{linebreak}{linebreak}* Deep understanding of mobile and web application security{linebreak}{linebreak}* Good knowledge of information security best practices{linebreak}{linebreak}* Exposure to distributed systems architectures{linebreak}{linebreak}* Solid coding skills in a language such as Python, Go, or Javascript{linebreak}{linebreak}* Test Automation{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Bachelor's degree in computer science, engineering, math or related field or equivalent experience{linebreak}{linebreak}* Minimum of 2 years of experience in engineering{linebreak}{linebreak}{linebreak}

See more jobs at Carium

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Carbon Black

Product Security Engineer


Carbon Black


infosec

product manager

engineer

exec

infosec

product manager

engineer

exec

1yr

Apply


Stats (beta): πŸ‘ 1,159 views,✍️ 0 applied (0%)
{linebreak}Located either in Boulder, CO; Boston, MA; or Remote in USA.{linebreak}{linebreak}{linebreak}{linebreak}Why Carbon Black?{linebreak}{linebreak}At Carbon Black, you’ll have the chance to make an impact in the ever-evolving cybersecurity space. Our advanced technology tackles even the toughest challenges and stays ahead of the latest threats. If you want to join an agile company that’s building bleeding edge technology in the cloud, Carbon Black is the place for you. Driven by passionate people who are dedicated to making the world safer, it’s no wonder we’ve been named a “Top Place to Work” by the Boston Globe for four consecutive years. Join us!{linebreak}{linebreak}Why You Matter:{linebreak}{linebreak}Our Product Security team will coordinate our security efforts across our product, engineering and operations departments. This is an opportunity to join a security team that is supported by a strong internal security community.  You will help to build an even more secure security product by which we build trust with our customers and deliver superior protection of their endpoints.{linebreak}{linebreak}As a Product Security Engineer, you will work with the engineering and operations teams to:{linebreak}{linebreak}{linebreak}* collaborate across the organization to help solve more complex security problems{linebreak}{linebreak}* evolve our Secure Development Lifecycle{linebreak}{linebreak}* evolve standards for securing build processes{linebreak}{linebreak}* evolve third party library management processes{linebreak}{linebreak}* assist with managing our bug bounty program{linebreak}{linebreak}* assist in planning for and participating in incident response as required{linebreak}{linebreak}* collaborate with product teams to address application security questions and issues{linebreak}{linebreak}* research security vulnerabilities in current architecture and communicate mitigation strategies to impacted teams{linebreak}{linebreak}* clearly communicate the security plan – including the risks and controls in place for key stakeholders{linebreak}{linebreak}* communicate with customers on our security posture, both on calls and with the RFP team{linebreak}{linebreak}* support the rest of the Engineering Security team in continuous improvement of the overall Engineering Security program{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What You’ll Bring:{linebreak}{linebreak}{linebreak}* BS in Computer Science or equivalent work experience{linebreak}{linebreak}* 3+ years providing security support for SaaS/SaaS-like cloud systems required{linebreak}{linebreak}* Experience with platforms used to provide security services in SaaS environments for configuration management, authentication, automation and validation{linebreak}{linebreak}* Understanding of code level scanning tools{linebreak}{linebreak}* Strong communication skills preferred{linebreak}{linebreak}* Nice to haves{linebreak}{linebreak}{linebreak}{linebreak}* Understanding of kernel level applications{linebreak}{linebreak}* Experience building and automating security testing{linebreak}{linebreak}* Understanding of compliance frameworks (SOC, NIST, etc){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at Carbon Black

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Railroad19

Transmit Security Mobile Integration Engineer


Railroad19


infosec

mobile

engineer

infosec

mobile

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,167 views,✍️ 0 applied (0%)
{linebreak}Transmit Security Mobile Integration Engineer (remote US){linebreak}{linebreak}At Railroad19, we develop customized software solutions and provide software development services. {linebreak} We are currently seeking a Transmit Security Mobile Integration Engineer.  The successful Engineer will work with the local Transmit field team (Field Engineer and Sales Executive) to execute against various customer implementation projects. This would include potentially POC, production environments and use cases. In addition to contributing deliverables the role is expected to work as an adviser to help identify, educate, and foster best-in-class solutions.{linebreak}{linebreak}At Railroad19, you are part of a company that values your work and gives you the tools you need to succeed. We are headquartered in Saratoga Springs, New York, but we are a distributed team of remote developers/engineers across the US. {linebreak} This is a full-time role with vacation, full benefits, and 401k.  Railroad19 provides competitive compensation with excellent benefits and a great corporate culture.{linebreak} {linebreak} The role is remote - U.S. located, with some travel to client.  Full time employment.{linebreak}{linebreak}(NO- contractors, Corp-to-Corp or 1099).  {linebreak} {linebreak}{linebreak}Core responsibilities:{linebreak}{linebreak}{linebreak}* Strong overall mobile development skills. This includes native objective-c, Swift (iOS) and Java (Android) programming languages.{linebreak}{linebreak}* Strong background in development platforms such as Cordova, Ionic3, Phonegap, MobileFirst/Worklight{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Experience with integrating third party mobile SDKs into both iOS and Android mobile applications{linebreak}{linebreak}* Good fundamental understanding of best practices and security applied to mobile application development{linebreak}{linebreak}* Strong background with all aspects of transport as applied to mobile applications (connection handling, push notifications, client-side certificates/SSL, PKI on mobile){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Skills & Experience:{linebreak}{linebreak}{linebreak}* 5+ years of mobile development experience recommended{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Experience working in an Agile environment{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Nice to have but not required:{linebreak}{linebreak}{linebreak}* Familiarity with continuous integration practices{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Available right away{linebreak}{linebreak}* Position based in US/remote{linebreak}{linebreak}* Ability to travel as needed{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* BS in CS, EE or equivalent experience required{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}No Agencies***

See more jobs at Railroad19

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stats (beta): πŸ‘ 2,941 views,✍️ 54 applied (2%)
Doximity is transforming the healthcare industry. Our mission is to help doctors save time so they can provide better care for patients.{linebreak}{linebreak}We value diversity β€” in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds to help build the future of healthcare.{linebreak}{linebreak}This position is for an experienced DevOps engineer to own Security efforts for our entire application stack and join our 8 person DevOps team. We’re looking for someone with a strong track record in building infrastructure, maintaining high level of uptime and optimal security. You will be supporting and building products alongside our 50+ person engineering team used by hundreds of thousands of people.{linebreak}{linebreak}How you’ll make an impact:{linebreak}{linebreak}-Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.{linebreak}-Write penetration tests for applications and services.{linebreak}-Periodically audit and rotate access credentials.{linebreak}-Document current and future security procedures and policies in the wiki.{linebreak}-Lead security/policy related audits such as SOC2 Type II (annual renewal).{linebreak}-Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.{linebreak}-Remediate and write post-mortem reports on security-related issues.{linebreak}-Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.{linebreak}-Work on automating tasks using Jenkins.{linebreak}-Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.{linebreak}-Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.{linebreak}-Write Chef cookbooks (using "Berkshelf Way") to automate configuration management.{linebreak}-Participate in a 1-week on 7-week off, 24/7 on-call rotation.{linebreak}-Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.{linebreak}-Troubleshoot issues across the whole stack: hardware, software, and network.{linebreak}{linebreak}What we’re looking for:{linebreak}{linebreak}-Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.{linebreak}-Minimum of 5 years of relevant web application security experience{linebreak}-Extensive AWS experience{linebreak}-Experience writing application security penetration tests with an open source framework.{linebreak}-Automation experience with configuration management tools such as Chef, Ansible, or Puppet.{linebreak}-Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus){linebreak}-Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.{linebreak}-Experience automating application deployments with Capistrano or Jenkins.{linebreak}-Ability to work in a proactive manner and manage your own queue.{linebreak}-Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.{linebreak}{linebreak}About Doximity{linebreak}{linebreak}We’re thrilled to be named the Fastest Growing Company in the Bay Area, and one of Fast Company’s Most Innovative Companies. Joining Doximity means being part of an incredibly talented and humble team. We work on amazing products that over 70% of US doctors (and over one million healthcare professionals) use to make their busy lives a little easier. We’re driven by the goal of improving inefficiencies in our $2.5 trillion U.S. healthcare system and love creating technology that has a real, meaningful impact on people’s lives. To learn more about our team, culture, and users, check out our careers page, company blog, and engineering blog. We’re growing fast, and there’s plenty of opportunity for you to make an impactβ€”join us!{linebreak}{linebreak}Doximity is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

See more jobs at Doximity

Visit Doximity's website

# How do you apply? Use Apply Button
Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Elastic

Cloud Security Engineer


Elastic


infosec

cloud

engineer

infosec

cloud

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,093 views,✍️ 0 applied (0%)
{linebreak}At Elastic, we have a simple goal: to solve the world's data problems with products that delight and inspire. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with their data. From stock quotes to real time Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. The Elastic family unites employees across 30+ countries into one team, while the broader community spans across over 100 countries.{linebreak}{linebreak}Thanks to our ongoing expansion we have the opportunity to grow our Cloud Security Operations team. We're part of the Elastic Cloud team with a development, operations and security background who aren’t afraid to get our hands dirty.{linebreak}{linebreak}We’re looking for people who are just as passionate about solving issues with distributed systems as they are to automate, code and collaborate to tackle problems with a proven focus on Security. You will be assisting the development and implementation of security controls to mitigate risks and threats but also participating in daily security operational tasks.{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}* Build and improve security focused tooling for the Elastic Cloud product and infrastructure{linebreak}{linebreak}* Architect and maintain a SIEM infrastructure{linebreak}{linebreak}* Be a part of a Security Incident Response Team{linebreak}{linebreak}* Work closely with the SRE and Development team as well as third party auditors to ensure a smooth road to security compliance and alignment to regulations (SOC2, GDPR etc){linebreak}{linebreak}* Demonstrate and promote Security best practices{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Experience (in 2+ areas){linebreak}{linebreak}{linebreak}* You performed automated and manual testing against a large codebase. You identify and exploit an SQL injection vulnerability without using sqlmap.{linebreak}{linebreak}* Kali Linux for PenTest, Burp or OWASP for security testing.{linebreak}{linebreak}* Ability to exploit XSS in something more meaningful than a PoC alert?{linebreak}{linebreak}* Deploy perimeter scanners against a large network, with knowledge of Snort, Nessus and Bro.{linebreak}{linebreak}* Linux Systems / Containers Security: Hardened a VM with SELinux / AppArmor, tweaked cgroups, created Seccomp profiles.{linebreak}{linebreak}* Profile an application to get the minimum syscall / kernel capabilities gamut required for it to run.{linebreak}{linebreak}* Experience with SOC2, PCI, and HIPAA.{linebreak}{linebreak}* Experience working in a Security Operations Center.{linebreak}{linebreak}* Consistently dealing with security incidents that required quick mitigation and extensive root cause analysis.{linebreak}{linebreak}* Authentication and Authorization protocols such as OIDC, OAuth and SAML. Deployed large scale LDAP / Kerberos?{linebreak}{linebreak}* Familiar with security principles for Software Engineering. Can you help developers build security in throughout the Software Development Process?{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Key Skills{linebreak}{linebreak}{linebreak}* Desire to represent work in git, driven by a GitHub workflow through issues and pull requests and rigorous code reviews{linebreak}{linebreak}* Love open source development, and have contributed to some project somewhere (doesn't have to be ours), whether it's mailing lists, patches, documentation, etc.{linebreak}{linebreak}* Enjoy working remotely and the communication it requires{linebreak}{linebreak}* Love a diverse environment,{linebreak}{linebreak}* Working with men and women all over the world{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Additional Information{linebreak}{linebreak}{linebreak}* Competitive pay and benefits{linebreak}{linebreak}* Stock options{linebreak}{linebreak}* Catered lunches, snacks, and beverages in most offices{linebreak}{linebreak}* An environment in which you can balance great work with a great life{linebreak}{linebreak}* Passionate people building great products{linebreak}{linebreak}* Employees with a wide variety of interests{linebreak}{linebreak}* Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.{linebreak}{linebreak}* Fully remote, with optional coworking from an Elastic office (Mountain View, Amsterdam, Phoenix, etc.) or in your town{linebreak}{linebreak}* Lots of opportunities for conference travel, being in the community is encouraged, not just tolerated{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.

See more jobs at Elastic

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Jack Henry & Associates .Β

Application Security Engineer


Jack Henry & Associates .Β


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,150 views,✍️ 0 applied (0%)
{linebreak}Jack Henry & Associates is seeking an Application Security Engineer to join the Chief Information Security Officer ‘s Enterprise Information Security Group. This position is part of a small team of experienced security analysts that works with all internal development teams to assess application security threats across the organization. Must possess strong communication and interpersonal skills. This position will be responsible for testing and analyzing applications for security weaknesses and vulnerabilities. This position will be hired to work Remote and travel is up to 5% to attend meetings, conferences and or additional training.{linebreak}{linebreak}The Application Security Engineer should possess basic knowledge of application security, including security concepts and secure coding principles such as the OWASP Top 10 and the Center for Internet Security (CIS) Top 20.  Applicant should be familiar with security/penetration testing concepts and be familiar with common testing tools like web proxies such as Rapid7 AppSpider, and or Burpsuite Pro.{linebreak}{linebreak}Applicant should have familiarity with programming in at least one of the following languages: .NET (ASP, C#), JavaScript, HTML, and be able to read and understand basic code and programming concepts, as well as concepts related to how software is commonly deployed (ex, common web application architectures). Familiarity with SDLC, threat modeling, and other aspects of software security and architectural analysis is a plus.  If you are interested in this position please apply on or before March 19, 2018.{linebreak}{linebreak}MINIMUM QUALIFICATIONS{linebreak}{linebreak}{linebreak}* Must have a minimum of 18 months of experience in information security or web application development.{linebreak}{linebreak}* Must have experience with application security testing tools such as:  IBM AppScan, HP Webinspect, Accunetix, Rapid7 AppSpider, and or Burpsuite Pro.{linebreak}{linebreak}* Must have experience with OWASP tools and or methodologies in HTTP and web programming.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}PREFERRED SKILLS{linebreak}{linebreak}{linebreak}* Bachelor’s degree in Information Technology is preferred.{linebreak}{linebreak}* Security certifications (e.g., CISSP, CEH, GWEB) preferred.{linebreak}{linebreak}* Experience with web development technologies such as HTML, CSS, and JavaScript is preferred.{linebreak}{linebreak}* Experience with web service technologies such as REST, XML, SOAP, and AJAX is preferred.{linebreak}{linebreak}* Knowledge of common security requirements within web based applications is preferred.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}ESSENTIAL FUNCTIONS{linebreak}{linebreak}{linebreak}* Perform application security assessment and penetration testing.{linebreak}{linebreak}* Perform manual and/or automated security reviews across a variety of application platforms.{linebreak}{linebreak}* Follows up on application security assessment with development teams.{linebreak}{linebreak}* Participates as needed in documenting software security standards, guidelines, policies and procedures.{linebreak}{linebreak}* Acts as a resource on assigned projects.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Equal Employment Opportunity{linebreak}{linebreak}Applicants for U.S. based positions with Jack Henry & Associates must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.{linebreak}{linebreak}Jack Henry & Associates, Inc. is an Equal Employment Opportunity/Affirmative Action Employer and maintains a Drug-Free Workplace.{linebreak}{linebreak}Females, minorities, veterans, and individuals with disabilities are encouraged to apply.

See more jobs at Jack Henry & Associates .Β

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Swarm Technologies

Blockchain Security Engineer


Swarm Technologies


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,338 views,✍️ 0 applied (0%)
{linebreak}**Blockchain experience not required!** {linebreak}{linebreak}We're operating in a very new industry and we're prepared to bring candidates up to speed! Few sectors are hot as blockchain right now - talk about professional growth :){linebreak}{linebreak}Join the Swarm{linebreak}{linebreak}We're developing innovative solutions to age-old information security problems - and we need your help.{linebreak}{linebreak}At it's core, PolySwarm is market design enabled by smart contracts. We're (literally) programming a market that will produce crowdsourced threat intelligence (malware detection today, more tomorrow). {linebreak}{linebreak}No one has done this before. We'll get things wrong - that's okay! With your help, we'll get fewer things wrong, identify mistakes earlier and improve processes to prevent future missteps.{linebreak}{linebreak}You're in on the ground floor - you'll have a say in what we do and how we do it. By joining Swarm Technologies, you'll be joining a dynamic team on the bleeding edge of information (computer) security and blockchain - answering questions few have thought to ask.{linebreak}{linebreak}If you're interested in any of:{linebreak}{linebreak}* information security{linebreak}{linebreak}* blockchain (Ethereum smart contracts in particular){linebreak}{linebreak}* malware reverse engineering{linebreak}{linebreak}* market design (a la Who Gets What and Why by Alvin Roth){linebreak}{linebreak}* technical challenges that cannot be solved via iteration{linebreak}{linebreak}* unknown unknowns{linebreak}{linebreak}{linebreak}{linebreak}... then we're interested in you.{linebreak}{linebreak}The Ideal Candidate Is...{linebreak}{linebreak}* independently motivated & self-directing{linebreak}{linebreak}* introspective: able to identify weak spots / problem areas our existing processes or code and suggest / implement solutions{linebreak}{linebreak}* interested in information security topics outside of work - huge props for capture the flag (CTF) participation!{linebreak}{linebreak}{linebreak}{linebreak}Example Big-Picture Problem{linebreak}{linebreak}The Ethereum block time leaves a lot to be desired for a marketplace that intends to supplant millions of malware scans a day.{linebreak}{linebreak}How do we best reconcile millions of scans daily with a 15 second block time and today's block size limits?{linebreak}{linebreak}Example Tactical Problem{linebreak}{linebreak}The rust-web3 bindings don't support WebSockets. WebSocket support is necessary for subscribing to "push" notifications of Ethereum events: https://github.com/tomusdrw/rust-web3/pull/101{linebreak}{linebreak}At Swarm Technologies, you'll tackle both big-picture and tactical problems :){linebreak}{linebreak}We Offer{linebreak}{linebreak}{linebreak}* Competitive salaries{linebreak}{linebreak}* Excellent health, dental, vision coverage{linebreak}{linebreak}* Unlimited* paid vacation days{linebreak}{linebreak}* Travel (if you like). We have offices in San Diego, Puerto Rico and Tokyo and we often find ourselves travelling elsewhere. If travel interests you, we can scratch that itch.{linebreak}{linebreak}* Flexible work hours - outside of scheduled meetings, we don't care *when* you work, we care about your output.{linebreak}{linebreak}* Powerful servers, laptops, desktops - whatever you need to be most productive!{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}*Within reason! We avoid arbitrary numbers for vacation allotments. Take what you need, don't abuse it. As a start-up, we may ask that you avoid vacation for crunch times.

See more jobs at Swarm Technologies

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


intersection of information security cryptocurrency

DevOps Engineer


intersection of information security cryptocurrency


devops

engineer

infosec

devops

devops

engineer

infosec

devops

1yr

Apply


Stats (beta): πŸ‘ 1,290 views,✍️ 0 applied (0%)
Full Time: DevOps engineer at intersection of information security and cryptocurrency at Chorus One in Remote

See more jobs at intersection of information security cryptocurrency

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


intersection of information security and cryptocurrency

DevOps Engineer Chorus One


intersection of information security and cryptocurrency


devops

engineer

infosec

devops

devops

engineer

infosec

devops

1yr

Apply


Stats (beta): πŸ‘ 1,583 views,✍️ 0 applied (0%)
{linebreak}Chorus One builds and operates infrastructure for emerging cryptocurrency and blockchain networks. Our products will help token holders make returns and shape the evolution of decentralized networks.{linebreak}{linebreak}The first product is a validator for the Proof-of-Stake Cosmos network. In the medium term, we will be operate nodes and running infrastructure on various other cryptocurrency networks.{linebreak}{linebreak}We are hiring a DevOps engineer to implement and maintain production infrastructure.. This position is a unique opportunity to work with a very experienced team on cutting-edge blockchain networks and information security.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Design, implement and maintain production systems for cryptocurrency validators. Systems are expected to incorporate signing servers, test networks, validating servers, relaying nodes, key security solutions, monitoring tools and administration tools.{linebreak}{linebreak}* Implement security policies to ensure that production systems are hardened against external attack.{linebreak}{linebreak}* Develop a continuous integration and testing pipeline to automatically test and upgrade code bases powering test networks and production validators.{linebreak}{linebreak}* Setup and operate a Kubernetes and/or Docker Swarm cluster on production and test networks.{linebreak}{linebreak}* Harden Linux hosts via HIDS policies (e.g., apparmor, SELinux).{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}The ideal candidate:{linebreak}{linebreak}{linebreak}* Is able to work independently{linebreak}{linebreak}* Has prior work experience in a medium sized company or as a DevOps lead in a startup{linebreak}{linebreak}* Knowledge of AWS, continuous integration and automated deployment{linebreak}{linebreak}* Good knowledge of security as it relates to cloud based infrastructure{linebreak}{linebreak}* Experience using automated monitoring tools{linebreak}{linebreak}* Experience scaling containers both horizontally and vertically.{linebreak}{linebreak}* Experience working with firewalls, intrusion prevention and intrusion detection systems{linebreak}{linebreak}* Bachelor’s or advanced degree in computer science is a plus,but not strictly needed.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}We offer:{linebreak}{linebreak}{linebreak}* Competitive salary + equity.{linebreak}{linebreak}* 5 weeks annual leave.{linebreak}{linebreak}* Full-time position.{linebreak}{linebreak}* Location: Remote, Los Angeles or Berlin.{linebreak}{linebreak}* Work on cool technology and interesting problems at the intersection of finance, cryptocurrency, information security and blockchain networks.{linebreak}{linebreak}{linebreak}

See more jobs at intersection of information security and cryptocurrency

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


SemanticBits

Security Engineer


SemanticBits


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,371 views,✍️ 0 applied (0%)
{linebreak}SemanticBits is looking for a Security Engineer to keep our business, users and data safe by assuring the security of our applications and platforms. This will be a highly collaborative position, in which the right candidate works to secure existing applications and platforms, makes platform and security enhancements and helps to scale our security program through automation, process improvement and tool creation.{linebreak}{linebreak}{linebreak}The selected candidate will be required to work on multiple products and must be able to develop and present secure solutions and advice to technical teams as well as leadership. The candidate will further be required to assess risks and advise on security standards, best practices and solutions. All this must be done by maintaining security quality and customer satisfaction{linebreak}{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Collaborating with various teams to secure new platforms/applications{linebreak}{linebreak}* Implementing platform security and framework improvements{linebreak}{linebreak}* Implementing analysis and monitoring tools{linebreak}{linebreak}* Working with engineering and QA teams to build tools and scale security in a continuous deployment environment{linebreak}{linebreak}* Assessing the security of applications, APIs and platforms via penetration testing and code reviews{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements{linebreak}{linebreak}Strong knowledge to perform below tests{linebreak}{linebreak}{linebreak}* Penetration testing{linebreak}{linebreak}{linebreak}* Static Analysis/Static Application Security Testing{linebreak}{linebreak}* Vulnerability Assessment/Scanning{linebreak}{linebreak}* Dynamic Analysis/Dynamic Application Security Test (DAST){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* {linebreak}{linebreak}{linebreak}* Malicious Software Analysis{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Strong foundation in one or more of the following:{linebreak}{linebreak}{linebreak}* Data management security{linebreak}{linebreak}* Authentication{linebreak}{linebreak}* Applied cryptography{linebreak}{linebreak}* Linux security{linebreak}{linebreak}* Network & Cloud security{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Strong engineering background preferred{linebreak}{linebreak}* Application architecture experience preferred{linebreak}{linebreak}* Advanced knowledge of Linux platforms{linebreak}{linebreak}* Advanced knowledge of application mobile security tools{linebreak}{linebreak}* Strong technical acumen securing software and hardware{linebreak}{linebreak}* Understanding of software development and working experience with any one of the higher level programming languages or scripting{linebreak}{linebreak}* A Bachelor's degree or higher in Computer Science, Electrical Engineering, Information Assurance, Network Security Computer Engineering or related field, or equivalent experience{linebreak}{linebreak}* Familiarity and experience with security technologies such as security engineering, security architecture, cryptography, data security, risk management, identity and access management, communication and network security, security assessment and testing, software development security, security operations{linebreak}{linebreak}* Familiarity and experience with popular open source security projects such as jptables and Snort{linebreak}{linebreak}* Thorough understanding of issues documents in the OWASP Top Ten and CWE Top 25{linebreak}{linebreak}* Demonstrated ability to exploit and mitigate application-level vulnerabilities{linebreak}{linebreak}* Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation{linebreak}{linebreak}* Experience using Linux/Unix at the command line for tasks related to web application development and deployment (DevOps){linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Benefits{linebreak}{linebreak}{linebreak}* Generous base salary{linebreak}{linebreak}* Three weeks of PTO{linebreak}{linebreak}* Excellent health benefits program (Medical, dental and vision){linebreak}{linebreak}* Education and conference reimbursement{linebreak}{linebreak}* 401k retirement plan. We contribute 3% of base salary irrespective of employee's contribution{linebreak}{linebreak}* 100% paid short-term and long-term disability{linebreak}{linebreak}* 100% paid life insurance{linebreak}{linebreak}* FSA{linebreak}{linebreak}* Casual working environment{linebreak}{linebreak}* Flexible working hours{linebreak}{linebreak}{linebreak}

See more jobs at SemanticBits

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Aeolus Robotics

DevOps Sysops Security Engineer Admin Lead


Aeolus Robotics


infosec

devops

admin

exec

infosec

devops

admin

exec

1yr

Apply


Stats (beta): πŸ‘ 1,500 views,✍️ 0 applied (0%)
{linebreak}Job Responsibilities{linebreak}{linebreak}Lead and/or collaborate in the design, development, and testing of our infrastructure, in one or more of these areas: {linebreak}{linebreak}- Day-to-day cofiguration, maintenance and administration{linebreak}- Planning, team management, tools evaluation, employee support{linebreak}- Deploying environments, support continuous integration tools{linebreak}- Develops product security requirements, participates in security design and audit{linebreak}- ... and more ...{linebreak}{linebreak}About you{linebreak}{linebreak}You are looking for the place to stretch yourself, able to work within a senior, highly performant product team, and aren't afraid of a challenge.  You are a self-starter with the motivation and skills needed to effectively operate on your own time in your own way while being responsive to the needs of your team mates and the team as a whole. You are innvoative as are our products and you wish you have impact on the world as our products will have.{linebreak}{linebreak}You love working on the systems and make things work efficiently and safe. You are effective at quickly understanding and operating on various platforms making other workers' lifes easier.  You are comfortable working alongside experts in these areas, or are an expert yourself. You have a proven track record of delivering ideas into working prototypes at high velocity.  You have commercial/agile development teaming experience. You've architected some serious systems and may have even been a team lead.{linebreak}{linebreak}Skill Set / Experience{linebreak}{linebreak}We welcome people with passion on security and integration. Keen on new technologies, especially robots! Among our whole bunch of positions (see a list here: http://aeolusbot.com/careers/) there may be one for you which reflects your dreams of perfect job so make sure you check every single one of them!{linebreak}{linebreak}Flexible Hours & 100% Remote Work{linebreak}{linebreak}You can work in one of our offices (South San Francisco, Taipei, Vienna or Wroclaw), but some of these roles permit 100% remote cooperation.{linebreak}{linebreak}You will work in a scrum-based agile development cycle. You will be working alongside founders, researchers, and engineers to design and build first-generation robotic solutions for mass consumer adoption.{linebreak}{linebreak}Whether you prefer contract work or a permanent position, we can accommodate you.

See more jobs at Aeolus Robotics

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Application Security Engineer


Wikimedia Foundation


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,392 views,✍️ 0 applied (0%)
{linebreak}Location: San Francisco, CA or Remote {linebreak}{linebreak}Summary{linebreak}{linebreak}The Wikimedia Foundation is looking for an Application Security Engineer to join the Security team working to help protect Wikipedia and our other projects. You'll be working with other developers and security engineers to create new security features, review the security of other people's code, and help find and fix security bugs before they're exploited.{linebreak}{linebreak}YOU ARE ...a smart security practitioner with experience building and auditing security features in large scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You must have a passion for the WMF mission. We do (almost) everything publicly, and volunteers can add arbitrary JavaScript to our site. That should both frighten and thrill you.{linebreak}{linebreak}You will be joining a team responsible for ensuring the security and integrity of applications written in PHP, Python, Ruby, Lua, Perl, JavaScript (Node.js) among others, using both relational and key-value data storage mechanisms. (Don't worry, you don't need to have had experience with all of those technologies.){linebreak}{linebreak}As an Application Security Engineer, we’d like you to do these things:{linebreak}{linebreak}{linebreak}* Triage and remediate reported security issues{linebreak}{linebreak}* Work with Security team members to build and maintain security features{linebreak}{linebreak}* Review and deploy features developed by the Foundation and community members{linebreak}{linebreak}* Work with other development teams to ensure that they make safe architectural and implementation choices{linebreak}{linebreak}* Constantly poke and abuse our software to find bugs before attackers do{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}We’d like you to have these skills:{linebreak}{linebreak}The right person is better than the right set of experiences, these are the traits we’ve identified make great additions to our team so far.{linebreak}{linebreak}{linebreak}* Two or more years of application security experience, including thorough understanding of issues documented in the OWASP Top Ten and CWE Top 25{linebreak}{linebreak}* Strong understanding of modern, object-oriented PHP development{linebreak}{linebreak}* Demonstrated ability to exploit and mitigate application-level vulnerabilities{linebreak}{linebreak}* Experience conducting software security reviews using a combination of source code inspection, manual testing, and automated scanning{linebreak}{linebreak}* Patience in explaining security issues and their implications on privacy to non-technical audiences{linebreak}{linebreak}* Sensitivity to the security challenges faced by participants in a large, international project{linebreak}{linebreak}* Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation{linebreak}{linebreak}* Strong knowledge of the use of a scripting language for system administration and automation{linebreak}{linebreak}* Experience using Linux/Unix at the command line for tasks related to web application development and deployment ("DevOps"){linebreak}{linebreak}* Ability to maintain focus when working remotely{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}And it would be even more awesome if you have this:{linebreak}{linebreak}In addition to the basic skills needed for being successful these skills could set you apart from the pack!{linebreak}{linebreak}{linebreak}* Experience as a contributor in the Wikipedia or Wikimedia project communities{linebreak}{linebreak}* Experience contributing to a consensus-based open source project{linebreak}{linebreak}* Experience developing, maintaining, or administering authentication systems{linebreak}{linebreak}* In-depth experience developing or auditing client-side JavaScript{linebreak}{linebreak}* Experience with both relational and NoSQL/key-value data storage mechanisms{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About the Wikimedia Foundation{linebreak}The Wikimedia Foundation is the non-profit organization that supports and hosts Wikipedia and several other Wikimedia free knowledge sites. Every month, the Wikimedia sites are accessed by more than a billion unique devices. Wikipedia consists of more than 40 million articles across hundreds of languages. Every month, more than 250,000 volunteer editors contribute to Wikipedia. Based in San Francisco, California, the Wikimedia Foundation is an audited, 501(c)(3) non-profit that is funded primarily through donations and grants. It currently employs over 300 staff members.{linebreak}{linebreak}{linebreak}At the Foundation, we build technology to help people everywhere access Wikipedia, across devices and in nearly 300 languages. We engineer privacy for our readers and editors so they can safely and securely explore Wikipedia. We create programs and initiatives to make Wikipedia freely available to more people in more parts of the world. We build new tools for the community of editors so they can continue to improve and grow Wikipedia. Roughly a quarter of our budget goes to supporting the community that make the site possible, including through grantmaking programs that enable volunteers and enrich the information on the sites.{linebreak}{linebreak}{linebreak}The Wikimedia Foundation is an equal opportunity employer, and we encourage people with a diverse range of backgrounds to apply.{linebreak}{linebreak}{linebreak}Benefits & Perks * {linebreak}{linebreak}{linebreak}{linebreak}* Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!){linebreak}{linebreak}* The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more{linebreak}{linebreak}* The 401(k) retirement plan offers matched contributions at 4% of annual salary{linebreak}{linebreak}* Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.{linebreak}{linebreak}* Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.{linebreak}{linebreak}* For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program{linebreak}{linebreak}* Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses{linebreak}{linebreak}* Telecommuting and flexible work schedules available{linebreak}{linebreak}* Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax{linebreak}{linebreak}* Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* for benefits eligible staff, benefits may vary by location{linebreak}{linebreak}More Information{linebreak}{linebreak}https://wikimediafoundation.org{linebreak}{linebreak}https://blog.wikimedia.org

See more jobs at Wikimedia Foundation

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Software Engineer Nodejs


Contrast Security


dev

javascript

node js

engineer

dev

javascript

node js

engineer

1yr

Apply


Stats (beta): πŸ‘ 2,002 views,✍️ 0 applied (0%)
{linebreak}About the Position{linebreak}{linebreak}Contrast is looking for a talented engineer to join our team developing instrumentation agents for NodeJS, specifically supporting ExpressJS, Sails, Koa and HapiJS. You would be joining the larger “agents organization”, which includes engineers working in Ruby, Java, PHP, Perl, GoLang, .NET, and Python.{linebreak}{linebreak}Writing instrumentation agents is a responsibility we take very seriously at Contrast. Our customers trust us enough to run our agents directly in their applications. We're looking for an engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence.{linebreak}{linebreak}An ideal candidate has advanced experience with server side JavaScript (NodeJS). He or she likely has professional C experience, including some experience contributing to open source frameworks and/or libraries, this could be a great opportunity for you to deepen your understanding of NodeJS' unique characteristics. You like to reverse engineer code, making it better with each iteration.{linebreak}{linebreak}Please include a link to your Github or BitBucket account, as well as any links to some of your projects if available.{linebreak}{linebreak}More About You{linebreak}{linebreak}{linebreak}* Love all things String related...specifically String Literals and String Objects{linebreak}{linebreak}* Build, ship, curate, and iterate on Contrast Security agent features.{linebreak}{linebreak}* Work with design, product, and support teams to build features.{linebreak}{linebreak}* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.{linebreak}{linebreak}* Be a team player. You love to work with others to find the right solutions.{linebreak}{linebreak}* You must love to code and have a strong passion for making software more secure.{linebreak}{linebreak}* You’re a true scientist and think about algorithms and regular expressions while you sleep.{linebreak}{linebreak}* You’re a NodeJS expert with a strong understanding of JavaScript, C, Linux (Ubuntu) and Apache.{linebreak}{linebreak}* Experience writing NodeJS services using ExpressJS, Koa, Sails, Meteor, DerbyJS and/or Hapi{linebreak}{linebreak}* Experience with popular NodeJS ORM frameworks like Sequalize.{linebreak}{linebreak}* Experience building NodeJS packaging via NPM.{linebreak}{linebreak}* You have experience or desire to learn Lua.{linebreak}{linebreak}* Have a deep understanding of NodeJS dependencies and sub-dependencies.{linebreak}{linebreak}* You approach problems from a product perspective, thinking through how the user will interact with what you're building.{linebreak}{linebreak}* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.{linebreak}{linebreak}* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.{linebreak}{linebreak}* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally. {linebreak}{linebreak}{linebreak}

See more jobs at Contrast Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Zapier

Security Infrastructure Engineer


Zapier


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,901 views,✍️ 0 applied (0%)
{linebreak}Hi there!{linebreak}{linebreak}We're looking for someone to join our Engineering team at Zapier as a Security Infrastructure Engineer. Are you interested in helping build and secure a powerful automation tool? Then read on…{linebreak}{linebreak}{linebreak}We know applying for and taking on a new a job at any company requires a leap of faith. We want you to feel comfortable and excited to apply at Zapier. To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier. We hope you'll take the leap of faith and apply.{linebreak}{linebreak}{linebreak}* Our Commitment to Applicants{linebreak}{linebreak}* Culture and Values at Zapier{linebreak}{linebreak}* Zapier Guide to Remote Work{linebreak}{linebreak}* Zapier Code of Conduct{linebreak}{linebreak}* Diversity and Inclusivity at Zapier{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.{linebreak}{linebreak}{linebreak}Even though our job description may seem like we're looking for a specific candidate, the role inevitably ends up tailored to the person who applies and joins. Regardless of how well you feel you fit our description, we encourage you to apply if you meet these criteria:{linebreak}{linebreak}You care deeply about building secure products in secure ways that simplify the lives of millions of people through automation.{linebreak}{linebreak}About You{linebreak}{linebreak}You have web application and infrastructure security experience. Keeping the core Zapier web application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and managing infrastructure under a similar model is a big plus.{linebreak}{linebreak}You love writing software and building infrastructure. Most of what you’ll do each day is guiding, building and maintaining Zapier's infrastructure and product. You'll focus on high value, high risk portions of Zapier. You'll use code to automate and improve the more mundane parts of auditing and monitoring of internal processes, as well as in the product.{linebreak}{linebreak}You have worked with teams before on large Python, AWS, & Kubernetes projects. You’re also familiar with frameworks for several languages like Django/Flask or React/Backbone.js. You've also worked extensively in cloud providers like AWS, GCE, or Azure as well as container automation frameworks like Kubernetes.{linebreak}{linebreak}You love doing things efficiently. At Zapier, the work you do will have a disproportionate impact on the business. We believe in systems and processes that let us scale our impact to be larger than ourselves. You'll be in a unique position to find and eliminate "insecure and painful" experiences and replace them with "secure and joyful" experiences.{linebreak}{linebreak}You love learning. Engineering is an ever-evolving world. You enjoy playing with new tech and exploring areas that you might not have experience with yet.{linebreak}{linebreak}You love to set your own direction. At Zapier, we have one team meeting each week and one-on-one meetings every month. Between those we chat in Slack and then go make things happen.{linebreak}{linebreak}You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Things You Might Do{linebreak}{linebreak}Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:{linebreak}{linebreak}{linebreak}* Write some Python!{linebreak}{linebreak}* Build and maintain tooling to log, monitor and audit our infrastructure. You'll do this via AWS SDKs, k8s APIs, or directly.{linebreak}{linebreak}* Periodically embed with product teams with to help with security sensitive projects.{linebreak}{linebreak}* Migrate tooling to SSO/SAML providers to reduce password risk and improve UX.{linebreak}{linebreak}* Build internal tooling to ensure safe data access patterns for Zapier employees.{linebreak}{linebreak}* Review code across Zapier's product and infrastructure.{linebreak}{linebreak}* Locating weak points across Zapier and strengthening them.{linebreak}{linebreak}* Ship code to millions of users every week.{linebreak}{linebreak}* As part of our All Hands Support initiative, help customers have the best experience with Zapier as possible.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}How to Apply {linebreak}{linebreak}{linebreak}This is a security focused role. If this isn't a good fit for you, we do have an Infrastructure Engineer (Western Hemisphere) that you can apply to instead.{linebreak}{linebreak}{linebreak}We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate. Please make sure to answer each question.{linebreak}{linebreak}Complete this form with answers to the below questions. Make sure each answer stands alone as we review question-by-question instead of applicant-by-applicant.{linebreak}{linebreak}* Tell us why you’d be a good fit for the role. Please reference any particular parts of the "About You" and "Things You Might Do" sections that fit you and why.{linebreak}{linebreak}* Tell us about the most difficult API/library/software bug you've squashed. We love troubleshooting stories!{linebreak}{linebreak}* Tell us about an engineering solution you've built that you're particularly proud of. Don't skimp on the technical details!{linebreak}{linebreak}* Tell us about the largest deployment you've worked on. What was your role and what did the team look like?{linebreak}{linebreak}* Tell us about your favorite technology to work with and why.{linebreak}{linebreak}* Share some code (preferably Python) that you’ve written. You can include a link to a GitHub, GitLab, or other public code repository. Or provide us with a 500+ Line of Code (LOC) sample via Dropbox, gist, or other link to help us get a feeling for how you write code.{linebreak}{linebreak}* How might you gradually introduce auditing and permissions into many disparate SaaS services and custom applications?{linebreak}{linebreak}* What steps can you take to ensure that an average application (that might utilize AWS secret keys, database credentials, makes internal and external API calls, etc.) would have minimal negative impact on a server or the internal network if it were compromised?{linebreak}{linebreak}* Optional: Share anonymously some demographic information about yourself to help us better track trends related to the backgrounds of candidates interested in working at Zapier in order for us to build a team that represents the users at Zapier and the broader world population.{linebreak}{linebreak}{linebreak}{linebreak}Finally, wait for us to reply! You are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.

See more jobs at Zapier

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


InVisionApp

Senior Security Software Engineer


InVisionApp


infosec

dev

senior

engineer

infosec

dev

senior

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,434 views,✍️ 0 applied (0%)
{linebreak}InVision is the Digital Product Design platform used to make the world’s best customer experiences. We provide design tools and educational resources for teams to navigate  every stage of the product design process, from ideation to development.{linebreak}{linebreak}Today, more than 3.5 million people use InVision to create a repeatable and streamlined design workflow; rapidly design and prototype products before writing code, and collaborate across their entire organization. That includes more than 80 percent of the Fortune 100, and organizations like Airbnb, Amazon, HBO, Netflix, Slack, Starbucks and Uber, who are now able to design better products, faster.{linebreak}{linebreak}InVision is a fully distributed company with employees in 25 countries around the world. The company has raised more than $235 million in funding from leading investors including Accel, ICONIQ, FirstMark, Tiger Global, Battery Ventures, and Spark Capital. Visit us at InVisionApp.com andInVisionApp.com/blog.{linebreak}{linebreak}Our development flow is designed and built for maximum speed and velocity.As such, we have an engineering security team heavily focused on identifying and remediating application vulnerabilities.You will be part of a team that has an opportunity to work across a wide range of products and services, working with and communicating across all teams in technology and responding to internal and external stakeholders.You will have an opportunity to identify security enhancement and cutting edge features that are attractive and desirable to our customer base.{linebreak}{linebreak}You will contribute to an environment that enables you to do your best engineering work, and you’ll do it with new web standards and frameworks like ES6, React, MongoDB, NodeJS, Go, and Docker. We empower engineers by being laser focused on maximum developer velocity through automation of tests, builds, deploys and tight customer feedback loop to continuously improve the product.{linebreak}{linebreak}Building and shipping something this amazing and owning it from prototypes and specifications to release requires constant collaboration with the brightest people in the organization. Whether you’re at a beach house in Hawaii or a coffee shop on the East Coast, you’ll have the support of brilliant developers at your fingertips to get you through and keep the workday challenging and fun.{linebreak}As Part of The Team:{linebreak}{linebreak}{linebreak}* Secure our code.  Identify emergent vulnerabilities in our application source code.  {linebreak}{linebreak}* Bake security into our product.  Work with InVision engineers to evolve, design, implement security measures.{linebreak}{linebreak}* Help us be compliant.  Design and implement strategies and solution to maintain industry compliance requirements.{linebreak}{linebreak}* Be a security advocate.  Every day offers a variety of work, exciting new challenges, opportunities to contribute new ideas (your voice will be heard and valued), and the ability to share your knowledge across the engineering organization. {linebreak}{linebreak}* Evolve security.   Help evolve InVision’s vulnerability remediation process and response efforts. {linebreak}{linebreak}* Build security stuff.  Work with product and engineering teams to build new application security features.  Interface with other Product Engineering teams and Platform Service teams to take advantage of and incorporate their services and tools into your product.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What You’ll Need to Join Us:{linebreak}{linebreak}{linebreak}* Proficiency in NodeJS and Golang.  {linebreak}{linebreak}* Advance working knowledge of application vulnerabilities. OWASP top 10 is a good place to start but understanding that there are over 600 distinctly different types of coding vulnerabilities.{linebreak}{linebreak}* Ability to debug full-stack problems; debug a web application problem single-handedly all the way from the browser, through transport, to the application servers/databases. Not afraid of logs and core dumps.{linebreak}{linebreak}* Use of continuous integration and delivery technologies at an expert level and ability to teach others best practices.{linebreak}{linebreak}* Experience designing and building high volume, scalable SaaS applications from end to end.{linebreak}{linebreak}* Curiosity to iterate and improve on solutions; you view unknowns as challenges and enjoy them.{linebreak}{linebreak}* Motivation to understand the business and our users, their requirements, and deliver results.{linebreak}{linebreak}* Passion for continued learning and achieving personal goals through developer community involvement and contributions.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Also Good To Have:{linebreak}{linebreak}{linebreak}* Multi-lingual is your language.  You can spot vulnerabilities in code for various language (React, Java, Kotlin, Swift){linebreak}{linebreak}* You know mobile.  Be it iOS or Android you understand mobile development, security, testingstrategy, and interfaces.  Mobile experience is a strong, strong PLUS!!{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Benefits{linebreak}{linebreak}InVision offers an incredibly unique work environment. The company employs a diverse team all over the world. In the United States we have team members throughout 40+ states including New York, San Francisco, Austin, Portland, and Boston. Each InVision team member is given the freedom and tools to do their best work from wherever they choose. The benefits we offer in the United States include competitive health plans and a 401k plan.{linebreak}{linebreak}Some InVision-wide benefits offered to all employees across the globe include a flexible vacation policy, monthly coffee shop stipends, annual allowances for books related to your profession, and home office setup & wellness reimbursements. InVision is an international employer so some benefit offerings will vary from country to country.  Please ask our recruiting team about the benefits and perks package available in your country.{linebreak}{linebreak}InVision is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.

See more jobs at InVisionApp

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


PROEMION

Security Engineer


PROEMION


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,310 views,✍️ 0 applied (0%)
{linebreak}We give our customers the technology they need to globally transmit and analyze CAN-based telemetry data of mobile industrial machinery and therefore boost their efficiency. Some of the world's most respected OEMs rely on Proemion and thousands of off-road vehicles use our solution daily.{linebreak}{linebreak}Proemion is at the forefront of the IoT/Telematics revolution and is looking for a Security Engineer (f/m). We offer the position on-site in Fulda, Germany (relocation support offered) at the earliest possible date. We also offer the position as a full-time remote position.{linebreak}{linebreak}Your Role{linebreak}{linebreak}{linebreak}* comprehensively assess system properties from a security point of view{linebreak}{linebreak}* guide technical, architectural and design decisions to ensure they will not weaken the overall system security or leave us prone to inadequate risks{linebreak}{linebreak}* identify and document application level vulnerabilities and ensure risks are being addressed{linebreak}{linebreak}* communicate identified vulnerabilities and develop mitigation strategies{linebreak}{linebreak}* recommend deployment strategies and parameters{linebreak}{linebreak}* recommend and facilitate security training for our staff{linebreak}{linebreak}* proactively identify opportunities for improvements in application security{linebreak}{linebreak}* conduct security testing and penetration tests.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Your Skills{linebreak}{linebreak}{linebreak}* Computer Science degree or equivalent qualification{linebreak}{linebreak}* several years of relevant work experience in security architecture and engineering{linebreak}{linebreak}* experience in application software planning, development and integration{linebreak}{linebreak}* experience in identifying, evaluating and managing risk in a complex and changing environment{linebreak}{linebreak}* intimate familiarity with existing security protocols{linebreak}{linebreak}* deep understanding of the operational implications of security hardening{linebreak}{linebreak}* experience with networking (IP Routing, DNS, reverse Proxying){linebreak}{linebreak}* ability to grasp new concepts quickly, self-starting, self-managing{linebreak}{linebreak}* you value reliability and advancement of team{linebreak}{linebreak}{linebreak}

See more jobs at PROEMION

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Numbrs

Security Engineer


Numbrs


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,385 views,✍️ 0 applied (0%)
{linebreak}Responsibilities include but are not limited to reviewing designs, code, performing in-depth security assessments of mobile apps, distributed backend systems and internal IT infrastructure; developing custom security tools; documenting the infrastructure, policies, and procedures. Applicants are also expected to participate in after-hours work.{linebreak}{linebreak}All candidates will have{linebreak}{linebreak}{linebreak}* a Bachelor's or higher degree in technical field of study{linebreak}{linebreak}* a minimum of two years security work experience{linebreak}{linebreak}* experience with performing application code reviews, design reviews and penetration testing{linebreak}{linebreak}* experience in penetration testing web-based apps, mobile apps and back-end infrastructure{linebreak}{linebreak}* experience implementing modern cryptosystems{linebreak}{linebreak}* excellent knowledge with at least one modern programming language, such as Go, Java, C++, Python and Scala{linebreak}{linebreak}* excellent troubleshooting and creative problem-solving abilities{linebreak}{linebreak}* excellent written and oral communication and interpersonal skills{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Ideally, candidates will also have{linebreak}{linebreak}{linebreak}* experience with systems for automating deployment, scaling, and management of containerised applications, such as Kubernetes or Mesos{linebreak}{linebreak}* experience working with large scale distributed systems{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Location: Remote or Zurich, Switzerland

See more jobs at Numbrs

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Sapien

San Francisco, CA verified

Meteor.js Security Engineer for Upcoming ICO


Sapien

San Francisco, CA verified

meteor js

full time

infosec

javascript

meteor js

full time

infosec

javascript

San Francisco, CA1yr

Apply


Stats (beta): πŸ‘ 1,456 views,✍️ 0 applied (0%)
{linebreak}{linebreak} {linebreak}{linebreak}#Location{linebreak}- San Francisco, CA

See more jobs at Sapien

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


MINDBODY

Senior Software Security Engineer


MINDBODY


infosec

dev

senior

engineer

infosec

dev

senior

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,480 views,✍️ 0 applied (0%)
{linebreak}JOB SUMMARY:{linebreak}{linebreak}MINDBODY’s Security Engineering team is seeking an experienced software engineer to help keep our users safe from real world threats. You will build large, distributed security solutions that harden the MINDBODY SaaS platform and enable us to protect against and surface malicious activity. We are looking for a candidate with a passion for security and innovation, who will research and develop new solutions to protect our users but also help us share the goodness to make the internet a safer place for all.{linebreak}{linebreak}{linebreak}PRINCIPAL DUTIES AND RESPONSIBILITIES:{linebreak}{linebreak}{linebreak}* Take a leadership role in driving internal security and privacy initiatives{linebreak}{linebreak}* Design core, backend software security components{linebreak}{linebreak}* Code using primarily .Net, C#, and Classic ASP{linebreak}{linebreak}* Implement abuse detection and logging systems to surface threats{linebreak}{linebreak}* Interface with Product Development teams to incorporate their innovations and vice versa{linebreak}{linebreak}* Conduct design and code reviews{linebreak}{linebreak}* Performs Mobile Risk Assessments, Vulnerability Assessments, and Penetration Tests.{linebreak}{linebreak}* Recommends countermeasures and safeguards that would mitigate mobile risk.{linebreak}{linebreak}* Establish mobile policies and procedures and advise Product Owners as to the most optimum deployment of integrated mobile security solutions.{linebreak}{linebreak}* Perform investigations for evidence of intrusion or policy violations{linebreak}{linebreak}* Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines.{linebreak}{linebreak}* Designs, produces, and delivers compelling OWASP training content.{linebreak}{linebreak}* Implements and improves software tools to gather system configuration information and proactively identify vulnerabilities.{linebreak}{linebreak}* Maintains awareness regarding OWASP and application security trends.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}MINIMUM QUALIFICATIONS AND REQUIREMENTS: {linebreak}{linebreak}{linebreak}* Extensive knowledge of web technologies with an emphasis on the .NET framework, MVC, and Web API{linebreak}{linebreak}* Extensive knowledge of Security principles: confidentiality and integrity of data, authentication and authorization, security protocols (HMAC, SSL, JKS, AES, OAuth){linebreak}{linebreak}* Extensive knowledge of web application security principles{linebreak}{linebreak}* Extensive experience building secure large-scale, server applications{linebreak}{linebreak}* Extensive experience with service-oriented architecture principles to implement tools like WCF{linebreak}{linebreak}* Expert knowledge of VB, C#, and the .NET Framework{linebreak}{linebreak}* Experience with operating system internals, programming language design, compilers{linebreak}{linebreak}* Experience in building authentication or authorization services{linebreak}{linebreak}* Experience with scalable rules engines{linebreak}{linebreak}* Experience or bent in thinking about operability, monitoring, performance, testability and scalability while building large-scale systems.{linebreak}{linebreak}* Experience with designing and implementing secure web based payments systems{linebreak}{linebreak}* Ability to influence design and architectural decisions.{linebreak}{linebreak}* B.S. or M.S. in Computer Science or related field, or equivalent experience{linebreak}{linebreak}* 7+ years working on complex web applications{linebreak}{linebreak}* Full software development lifecycle experience; must be comfortable working using Agile methodology as well as iterative methodologies.{linebreak}{linebreak}* Must have prior experience of being a developer of a REST interface{linebreak}{linebreak}{linebreak}

See more jobs at MINDBODY

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Clevertech

Security Engineer


Clevertech


infosec

engineer

infosec

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,553 views,✍️ 0 applied (0%)
{linebreak}DESCRIPTION{linebreak}{linebreak}Clevertech is looking for a Security Engineer to join our global team. We are looking for team members to help us develop world-class software products for the most exclusive organizations in the world. We have been at this since 2000, and continue to grow off our best asset, our people.{linebreak}{linebreak}You are comfortable with security protocols and DevOps development. You have worked extensively with the Zed Attack Proxy Protocol and understand vulnerabilities and engage in proactive problem-solving.{linebreak}{linebreak}REQUIREMENTS{linebreak}{linebreak}Clevertech looks for craftsmen developers who take ownership of their code. You can deliver quickly while being clever to avoid missteps. You have an effective positive attitude that shines as you show your care about client and colleague concerns. You are always learning and are a transparent communicator even when it is challenging. You thrive on challenging yourself daily and seek to surround yourself with like-minded individuals.{linebreak}{linebreak}Technically, you have an excellent background with AWS, Docker, Kubernetes, logging, monitoring, and build tools. Well qualified applicants will have deep experience in the latest libraries and programming techniques. You enjoy being on the bleeding edge of technology and are well versed in modern programming languages.{linebreak}{linebreak}BENEFITS{linebreak}{linebreak}Own Your Time{linebreak}{linebreak}We are a completely remote team. That means we have a large amount of trust and a lot of flexibility. World travellers, young parents, nature lovers, and commute avoiders love working here. We are a collective of like minded people in over ten countries, and our global perspective shapes our every move.{linebreak}{linebreak}Focused Work{linebreak}{linebreak}You will work together on a dedicated team with your eye on one finish line at a time. Our teams are nimble and agile, and cover the technical range you would expect in world class product delivery teams. And keep your eye on the mail - we send out swag everywhere in the world and there are celebratory pictures of Clevertech socks, hoodies, and mugs all over slack.{linebreak}{linebreak}Learn at your edges{linebreak}{linebreak}We believe in learning and provide unique programs that improve your tech skills, leadership skills and even challenge you in personal development. CleverFridays, guest speakers, mentorship opportunities and in-depth industry exposure are all on offer here.{linebreak}{linebreak}And of course, if you speak at a tech conference, we cover all expenses.{linebreak}{linebreak}Recharge Time{linebreak}{linebreak}We insist that you take recharge time. We are closed for major holidays and then require that you take at least two weeks a year to refresh.{linebreak}{linebreak}Want to learn more about Clevertech and the team? Check out why.clevertech.biz.

See more jobs at Clevertech

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Northwestern Mutual

Senior Cloud Security Engineer


Northwestern Mutual


infosec

cloud

senior

engineer

infosec

cloud

senior

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,527 views,✍️ 0 applied (0%)
{linebreak}What's the role?{linebreak}{linebreak}The AWS Cloud Security Team is seeking highly skilled Cloud Native Security Engineers that have a passion for delivering security solutions as code. Your role is to architect, develop, test and operate the security solutions as well as provide support to the engineering, infrastructure, security and IT teams to continuously improve and protect our production architecture.{linebreak}{linebreak}Our current tech stack includes AWS, Terraform, Linux, Ansible, Docker, Kubernetes, Spring, Node.js, Java8, iOS, and Python.{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}* Codify traditional security processes to take humans out of the equation making security consumable as a service{linebreak}{linebreak}* Work across multiple Security Epics such as IAM, Logging and Monitoring, Infrastructure Security, Data Protection, and Incident Response{linebreak}{linebreak}* Build security guardrails into the CI/CD pipeline to stop security misconfigurations and vulnerabilities before they happen, creating a tight feedback loop between security and development teams{linebreak}{linebreak}* Build Cloud Native Detective and Responsive controls that enforce the security baseline at scale{linebreak}{linebreak}* Build AMI and Docker Image life cycle management systems to integrate with the vulnerability scanning solutions to provide image rehydration based on vulnerability scanning assessments {linebreak}{linebreak}* Build automation to actively audit the infrastructure for security misconfigurations{linebreak}{linebreak}* Provide security expertise on system, network, encryption, authentication, and governance{linebreak}{linebreak}* Developing secure design patterns for cloud architectures developed in public or private cloud environments.{linebreak}{linebreak}* Research emerging trends and technologies to assess the threats they may face{linebreak}{linebreak}* Support vendor and partner security assessments{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Bring Your Best! What this role needs:{linebreak}{linebreak}{linebreak}* Experience with engineering best practices to include analyzing, designing, developing, deploying, and supporting software solutions, and/or infrastructure implementations/upgrades.{linebreak}{linebreak}* Hands on experience with AWS services such as VPC, EC2, RDS, IAM, KMS, WAF, Lambda, CloudTrail, CloudWatch, Dynamodb, SQS, CloudFront, S3, and Config{linebreak}{linebreak}* Knowledge of Infrastructure as Code, Immutable Infrastructure, and continuous integration/deployment practices{linebreak}{linebreak}* Proficient in at least one programming language (Python, Javascript){linebreak}{linebreak}* Experience in version control systems such as Git, GitLab, etc.{linebreak}{linebreak}* Experience administering and hardening Linux and Windows systems{linebreak}{linebreak}* Familiarity with security issues associated with containers, distributed systems, and large scale web application{linebreak}{linebreak}* Willingness to continuously learn and share learnings with others{linebreak}{linebreak}* Ability to work in a fast-paced, rapidly changing environment{linebreak}{linebreak}* Very strong verbal and written communication skills{linebreak}{linebreak}* Minimum 3 years working with web-scale environments{linebreak}{linebreak}* Minimum 2 years working in a security capacity{linebreak}{linebreak}* Strong problem solving skills{linebreak}{linebreak}* Strong sense of ownership and the ability to work with a limited set of requirements.{linebreak}{linebreak}* Ability to explain technical solutions to technical and non-technical teams.{linebreak}{linebreak}* 4-8 years of experience.{linebreak}{linebreak}{linebreak}

See more jobs at Northwestern Mutual

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Senior Security Engineer


Auth0


infosec

senior

engineer

infosec

senior

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,533 views,✍️ 0 applied (0%)
{linebreak}Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.{linebreak}{linebreak}Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.{linebreak}{linebreak}Auth0 allows anyone to authenticate and authorize users, applications, and APIs with any identity provider running on any stack and any device. Security is at the core of our product and the security of our customers and their data is paramount. We are looking for a Senior Security Engineer to join us in keeping Auth0 and our customers data safe.{linebreak}{linebreak}The Security Operations team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a Senior engineer who is passionate about making reliable and scalable infrastructure. You will build tools and drive automation - removing any manual process that will prevent the security team maintaining coverage as Auth0 grows.{linebreak}{linebreak}This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Security Operations team.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Provide team leadership and own the delivery of security engineering projects{linebreak}{linebreak}* Design, build and maintain the systems that help keep Auth0 secure{linebreak}{linebreak}* Demonstrate the effectiveness and coverage of these systems{linebreak}{linebreak}* Develop tools to test, monitor and enforce security policy{linebreak}{linebreak}* Automate security process to reduce as much manual process as possible{linebreak}{linebreak}* Own and improve our security monitoring pipeline{linebreak}{linebreak}* Participate in the on-call rotation to support the infrastructure and respond to security events{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Significant experience working as a Security Engineer and delivering engineering projects{linebreak}{linebreak}* Experience administering and securing AWS{linebreak}{linebreak}* Strong Linux experience{linebreak}{linebreak}* Proficiency in at least one programming language (e.g. Python, Node, Go etc.){linebreak}{linebreak}* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc){linebreak}{linebreak}* Strong written and verbal communication skills{linebreak}{linebreak}* Comfort working in a globally distributed environment with a remote workforce{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Extra Points:{linebreak}{linebreak}{linebreak}* Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications{linebreak}{linebreak}* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation{linebreak}{linebreak}* Experience running a vulnerability management programme{linebreak}{linebreak}* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc){linebreak}{linebreak}* You write readable, maintainable code and have experience managing source code with git{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Examples of our Engineering Culture:{linebreak}{linebreak}https://auth0.engineering/{linebreak}{linebreak}https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d{linebreak}{linebreak}https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921{linebreak}{linebreak}Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.{linebreak}{linebreak}

See more jobs at Auth0

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Senior Application Security Engineer


Auth0


infosec

senior

engineer

infosec

senior

engineer

1yr

Apply


Stats (beta): πŸ‘ 1,533 views,✍️ 0 applied (0%)
{linebreak}Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.{linebreak}{linebreak}Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.{linebreak}{linebreak}Auth0 allows anyone to authenticate and authorize users, applications, and APIs with any identity provider running on any stack and any device. Security is at the core of our product and the security of our customers and their data is paramount. We are looking for a Senior Application Security Engineer to join us in keeping Auth0 and our customers data safe{linebreak}{linebreak}Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.{linebreak}{linebreak}The individual filling this role will work closely with our product teams, and should feel comfortable shipping bug fixes into production. We love to build tools and automate security whenever it makes sense, enabling others and reducing repetitive tasks.{linebreak}{linebreak}This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our App Sec team.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}{linebreak}* Provide team leadership and own the delivery of application security projects{linebreak}{linebreak}* Be a subject matter expert for application security - supporting our product teams{linebreak}{linebreak}* Own our Secure Software Development Lifecycle  - both the process and tools{linebreak}{linebreak}* Conduct security reviews and provide internal consulting{linebreak}{linebreak}* Build, deploy and maintain security controls and instrumentation around and in our code{linebreak}{linebreak}* Threat modeling of new and existing features{linebreak}{linebreak}* Educate and influence our product teams{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Requirements:{linebreak}{linebreak}{linebreak}* Significant experience working as an Application Security Engineer or developer{linebreak}{linebreak}* Development experience with at least one programming language{linebreak}{linebreak}* Deep understanding of modern web technologies, mobile and web security{linebreak}{linebreak}* Deep understanding of common vulnerabilities in web and mobile applications and how to prevent them{linebreak}{linebreak}* Proven ability to influence development teams to deliver secure code{linebreak}{linebreak}* Experience with threat modeling methodologies{linebreak}{linebreak}* Strong written and verbal communication skills{linebreak}{linebreak}* Comfort working in a globally distributed environment with a remote workforce{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Extra points:{linebreak}{linebreak}{linebreak}* Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications{linebreak}{linebreak}* Development experience with Node.js / Javascript{linebreak}{linebreak}* Experience with authentication protocols (e.g. SAML, OAuth etc){linebreak}{linebreak}* Experience running a bug bounty programmer{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Examples of our Engineering Culture:{linebreak}{linebreak}https://auth0.engineering/{linebreak}{linebreak}https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d{linebreak}{linebreak}https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921{linebreak}{linebreak}Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

See more jobs at Auth0

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Traffic Security Engineer


Wikimedia Foundation


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 1,657 views,✍️ 0 applied (0%)
Location: San Francisco, CA or Remote{linebreak}{linebreak}{linebreak}{linebreak}Summary{linebreak}{linebreak}We are looking for an Operations Engineer to join our Technical Operations team. Would you like to join the highly dynamic team that is responsible for the reliability and performance of a global top-10 website, Wikipedia?{linebreak}{linebreak}The Technical Operations team has a very broad range of shared responsibilities.  The team is globally distributed, working remotely with each other in a highly collaborative and consensus-oriented fashion.  We only write and only use Open Source code wherever possible and we do the vast majority of our work in public view.{linebreak}{linebreak}This Traffic Security position focuses more-specifically on the Security and Privacy responsibilities of our Traffic team within Operations.  The Traffic team runs a private and privacy-protecting global CDN for Wikipedia and related sister projects.  One of the key responsibilities of this position will be technical stewardship of our TLS termination for users at the edges of our network.  We’re passionate about protecting the privacy of our users against mass surveillance and manipulation, and we expect you to share that passion.  If the word “ChaCha” doesn’t make you think of dancing first, you might be the person we’re looking for!{linebreak}{linebreak}We’d like you to do these things:{linebreak}{linebreak}{linebreak}* Protect our users’ reading and editing habits from mass surveillance{linebreak}{linebreak}* Keep our TLS infrastructure up to date in the face of evolving threats{linebreak}{linebreak}* Keep track of the ever-changing landscape of browsers and other UAs{linebreak}{linebreak}* Analyze and optimize our edge software infrastructure to enhance our users’ experiences{linebreak}{linebreak}* Assess and deploy newer protocols, technologies, and software as their time becomes ripe{linebreak}{linebreak}* Deprecate older ones in a timely manner while balancing the needs of legacy clients{linebreak}{linebreak}* Reactively respond to, and proactively engineer against, DDoS and other attacks{linebreak}{linebreak}* Analyze and advise on application-layer security issues exposed over HTTPS{linebreak}{linebreak}* Other related Traffic and Security/Privacy work as required{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Experience we’d like you to bring to the table:{linebreak}{linebreak}{linebreak}* A deep and current understanding of TLS, HTTP[S], TCP/IP, DNS, and other related protocols{linebreak}{linebreak}* Hands-on experience working with TLS libraries and HTTP server software configuration{linebreak}{linebreak}* A working knowledge of modern cryptography from a systems engineering point of view{linebreak}{linebreak}* Experience working on general infrastructure and application-layer security issues{linebreak}{linebreak}* Experience with Open Source operations tooling for configuration management, orchestration, and monitoring.{linebreak}{linebreak}* Experience working on Open Source operations infrastructure in general{linebreak}{linebreak}* Bachelor’s degree or the equivalent in related work experience{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}And it would be even more awesome if you have any any of these:{linebreak}{linebreak}{linebreak}* Experience operating TLS-terminating reverse proxy servers at global scale{linebreak}{linebreak}* Experience operating large web properties at a global scale{linebreak}{linebreak}* Programmer experience writing and/or modifying network daemons and/or libraries in languages such as C, C++, Go, Python, and/or Rust{linebreak}{linebreak}* Some knowledge of Linux IPVS load-balancing{linebreak}{linebreak}* Some knowledge of global IP routing{linebreak}{linebreak}* Some knowledge of HTTP caching and related CDN technologies{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Some public links on the current state of our TLS termination you might be interested in:{linebreak}{linebreak}{linebreak}* https://grafana.wikimedia.org/dashboard/db/tls-ciphers{linebreak}{linebreak}* https://www.ssllabs.com/ssltest/analyze.html?d=en.wikipedia.org{linebreak}{linebreak}* https://wikitech.wikimedia.org/wiki/HTTPS{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}About the Wikimedia Foundation{linebreak}{linebreak}The Wikimedia Foundation is the non-profit organization that supports and hosts Wikipedia and several other Wikimedia free knowledge sites. Every month, the Wikimedia sites are accessed by more than a billion unique devices. Wikipedia consists of more than 40 million articles across hundreds of languages. Every month, more than 250,000 volunteer editors contribute to Wikipedia. Based in San Francisco, California, the Wikimedia Foundation is an audited, 501(c)(3) non-profit that is funded primarily through donations and grants. It currently employs over 300 staff members.{linebreak}{linebreak}{linebreak}At the Foundation, we build technology to help people everywhere access Wikipedia, across devices and in nearly 300 languages. We engineer privacy for our readers and editors so they can safely and securely explore Wikipedia. We create programs and initiatives to make Wikipedia freely available to more people in more parts of the world. We build new tools for the community of editors so they can continue to improve and grow Wikipedia. Roughly a quarter of our budget goes to supporting the community that make the site possible, including through grantmaking programs that enable volunteers and enrich the information on the sites.{linebreak}{linebreak}The Wikimedia Foundation is an equal opportunity employer, and we encourage people with a diverse range of backgrounds to apply.{linebreak}{linebreak}{linebreak}{linebreak}Benefits & Perks *{linebreak}{linebreak}{linebreak}* Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!){linebreak}{linebreak}* The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more{linebreak}{linebreak}* The 401(k) retirement plan offers matched contributions at 4% of annual salary{linebreak}{linebreak}* Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.{linebreak}{linebreak}* Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.{linebreak}{linebreak}* For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program{linebreak}{linebreak}* Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses{linebreak}{linebreak}* Telecommuting and flexible work schedules available{linebreak}{linebreak}* Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax{linebreak}{linebreak}* Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* for benefits eligible staff, benefits may vary by location{linebreak}{linebreak}More Information{linebreak}{linebreak}https://wikimediafoundation.org{linebreak}{linebreak}https://blog.wikimedia.org

See more jobs at Wikimedia Foundation

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


DrFirst

Information Security Engineer Web Applications


DrFirst


infosec

web dev

engineer

infosec

web dev

engineer

2yr

Apply


Stats (beta): πŸ‘ 1,826 views,✍️ 0 applied (0%)
{linebreak}Purpose: {linebreak} The Information Security Engineer will be on the Information Security team and focus on handling Web Application Vulnerability Management, Issue Management, and Incident Response. The position objective is to support the operations of the Information Security department. With a primary focus on finding, analyzing, and tracking vulnerabilities and security issues to remediation.{linebreak}{linebreak}The successful candidate must have in-depth knowledge of information security, web application vulnerability management, web applications testing, and static code analysis. High level communication skills are essential to successfully translate technology and requirements into business terms.{linebreak} {linebreak} This role lies within the Information Security function, reporting to the Information Security Manager, but is closely aligned with other corporate functions such as Human Resources, Compliance and Information Technology, and may involve liaison with third party suppliers of awareness and training materials and services.{linebreak}{linebreak}{linebreak}{linebreak}Key Responsibilities{linebreak}{linebreak}{linebreak}* Operate and improve the end-to-end vulnerability management process, including aspects of asset inventory, contextual approach to scanning, conducting risk and vulnerability assessment, and providing reporting and remediation guidance.{linebreak}{linebreak}* Operate Web Application security testing, and Static Code vulnerability analysis{linebreak}{linebreak}* Provide in-depth analysis of vulnerabilities and related impact to stakeholders.{linebreak}{linebreak}* Lead regular meetings with stakeholders to coordinate remediation efforts and clarify ownership.{linebreak}{linebreak}* Influence stakeholders to prioritize risk treatment for identified vulnerabilities.{linebreak}{linebreak}* Provide security reviews of change management tickets submitted by the organization to ensure remediation efforts are acted upon in a timely manner.{linebreak}{linebreak}* Serve as the subject matter expert for threat and vulnerability processes.{linebreak}{linebreak}* Assist with associated incident response, security administration, and security monitoring initiatives as requested.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Education and Skill Set:{linebreak}{linebreak}{linebreak}* Bachelor’s degree in related field{linebreak}{linebreak}* A minimum of 5 years of experience in IT and information security, 2 of which must be in information security{linebreak}{linebreak}* Must be a self-motivated, detail-oriented professional{linebreak}{linebreak}* Excellent communication, facilitation, and writing skills{linebreak}{linebreak}* Strong knowledge in a scripting language such as perl or python{linebreak}{linebreak}* Strong knowledge of Java or an equivalent programming language{linebreak}{linebreak}* Experience using JIRA is preferred but not required{linebreak}{linebreak}* Experience with security tools, including: vulnerability management tools such as Nessus, or Qualys, Symantec Endpoint Protection, Veracode or IBM Appscan, nmap, metasploit, core impact.{linebreak}{linebreak}* Expert understanding of operating systems (Windows, Linux, Mac, iOS/Android){linebreak}{linebreak}* Experience with, and understanding of, the healthcare industry is preferred{linebreak}{linebreak}* Demonstrated ability to develop and report on metrics{linebreak}{linebreak}* Excellent communication, facilitation, and writing skills{linebreak}{linebreak}* Understanding of networks and network architecture{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at DrFirst

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Parsons Cyber

Automotive Security Software Engineer


Parsons Cyber


infosec

dev

engineer

digital nomad

infosec

dev

engineer

digital nomad

2yr

Apply


Stats (beta): πŸ‘ 2,790 views,✍️ 0 applied (0%)
Automotive Security Software Engineer{linebreak}– one of the most fascinating jobs around! {linebreak}{linebreak}Do you know who Kevin Mahaffey and Marc Rogers are? Do you want to be in their line of work, but for national security purposes?{linebreak}{linebreak}Description: {linebreak}{linebreak}Parsons is seeking an Embedded Software Engineer to join our team. The ideal engineer will have basic hardware working experience, but significant experience in embedded development, software engineering, and reverse engineering as well as vulnerability research on embedded systems that include information technology and real time operating systems.{linebreak}{linebreak}Your assignments will involve direct interaction with customers and other contractors to participate in the software design and development process. You will work closely with the customer in the deployment and support of new and ongoing operations. Parsons is focused on providing our customers with unique capabilities and expertise that other company’s lack. We operate as a high performance team that maintains the top technical talent to perform the customer mission - our number one priority. The ideal candidate is someone that is enamored by technology and eager to sink his or her teeth into something new.

See more jobs at Parsons Cyber

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Senior Software Engineer Endpoint Agent


Tenable Network Security


dev

senior

engineer

infosec

dev

senior

engineer

infosec

2yr

Apply


Stats (beta): πŸ‘ 3,105 views,✍️ 0 applied (0%)
{linebreak}Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cloud-based platform, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thinkers who are wired for action, focused on delivering results and collaborating to enable decisive actions to protect what matters most. We’re in this together - colleagues, customers and partner communities working as One Tenable.{linebreak} {linebreak}Can you join Team Tenable? Yes you can - if you’re excited by the thought of working with over 700 colleagues, 20,000 customers and a range of revolutionary products that are shaping cybersecurity in 150 countries. Being valued for who you are as well as what you do, you can embrace the pace (we’re recognized as one of the fastest growing security product companies by SC Magazine, Red Herring, Info Securities, Deloitte and E&Y) as well as enjoy a superb rewards package (we’re seen as a Best Places to Work by Glassdoor, The Washington Post, The Baltimore Sun, The Baltimore Business Journal and Expert Marketplace). The key question is: Is This You?

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Software Engineer


Tenable Network Security


dev

engineer

infosec

digital nomad

dev

engineer

infosec

digital nomad

2yr

Apply


Stats (beta): πŸ‘ 3,195 views,✍️ 0 applied (0%)
{linebreak}We are looking for a self-motivated, senior-level back-end web developer to assist in the design and implementation of a next-generation enterprise web application.{linebreak}{linebreak}Responsibilities:{linebreak}{linebreak}As a key member of a small and versatile team, you will:{linebreak}{linebreak}{linebreak}* Work in a dynamic team to develop awesome new features{linebreak}{linebreak}* Work with other developers, front-end designers and various Tenable teams{linebreak}{linebreak}* Promote great software design and quality{linebreak}{linebreak}* Drive innovation by coming up with new ideas for our products and processes{linebreak}{linebreak}* Point out issues with the existing architecture and code, and fix it up{linebreak}{linebreak}{linebreak}

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Osprey Security

Software Engineer for a Fast Paced Disruptive Cybersecurity Company


Osprey Security


golang

dev

engineer

infosec

golang

dev

engineer

infosec

2yr

Stats (beta): πŸ‘ 2,846 views,✍️ 0 applied (0%)
remote or Palo Alto, United States - Osprey Security is a disruptive Cyber Security company transforming the way organizations can manage their cyber threat landscape by providing actionable security and risk intelligence using its Patent Pending Technology and processes tailored to meet the orga...

See more jobs at Osprey Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Northwestern Mutual

Senior IT Security Engineer


Northwestern Mutual


infosec

senior

engineer

infosec

senior

engineer

2yr

Apply


Stats (beta): πŸ‘ 2,659 views,✍️ 0 applied (0%)
{linebreak}What's the role?{linebreak}{linebreak}As a Senior IT Security Engineer you support systems infrastructure, hardware, and software, including: analysis, planning, design, development, implementation, provisioning, upgrade and day-to-day operations.

See more jobs at Northwestern Mutual

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Fastly

Application Security Engineer


Fastly


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 3,792 views,✍️ 0 applied (0%)
{linebreak}APPLICATION SECURITY ENGINEER{linebreak}{linebreak}As an Application Security Engineer at Fastly you will help ensure we provide a secure edge for the biggest online platforms in the world, handling massive amounts of traffic at very low latency.{linebreak}{linebreak}We are looking for versatile engineers at all levels of seniority who enjoy being deeply involved in all aspects of building and securing our platform. Qualified candidates will excel at analyzing the design of our software and implementations, and will show an aptitude for discovering complex security issues. We encourage our security engineers to present at network and security conferences and participate in the open source community.{linebreak}{linebreak}This is a role with a high impact, friendly security team. In addition to contributing to industry leading security products and services, you’ll make sure our customers benefit from a service built to the highest security standards in the industry. We’re in beautiful downtown San Francisco, but for the right candidate, we’re open to considering a remote position, and we have the team and tools in place to make it work.

See more jobs at Fastly

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


GitHub

Application Security Engineer


GitHub


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 2,760 views,✍️ 0 applied (0%)
Full Time: Application Security Engineer at GitHub in Remote

See more jobs at GitHub

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Carve Systems

Software Deconstruction Engineer Aka. Infosec Consultant


Carve Systems


infosec

consulting

dev

engineer

infosec

consulting

dev

engineer

2yr

Apply


Stats (beta): πŸ‘ 3,697 views,✍️ 0 applied (0%)
{linebreak}What's the job?{linebreak}{linebreak}{linebreak}* Information security consulting: assessing the security of software and hardware systems.{linebreak}{linebreak}* Understanding how systems are built and learning how to break them.{linebreak}{linebreak}* Working with our experienced team on short-to-medium term engagements.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}What would you do?{linebreak}{linebreak}Every two to three weeks you'll get a new project to work on. A typical project will involve:{linebreak}{linebreak}{linebreak}* Recon: Digging into the functionality, design, and implementation of the software system or device.{linebreak}{linebreak}* Probing: Searching for implementation weaknesses which could indicate a security issue. This is a combination of tools that we use, tools that we build, and manual probing. For device projects this can include firmware extraction, analysis, and hardware interfacing.{linebreak}{linebreak}* Extending: Now that you've found a weakness... how far can you extend your access into the system?{linebreak}{linebreak}* Writing: Now that you've hacked your way in you'll need to write-up your findings and work with the developers to make sure they understand what the problem is and how to fix it.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}If you enjoy puzzles and technical variety you'll find this job very enjoyable.{linebreak}{linebreak}Who are we looking for?{linebreak}{linebreak}{linebreak}* You do not need to have information security experience. If you've got the right technical background and problem solving skills we can train you in the dark arts of infosec.{linebreak}{linebreak}* People who enjoy writing code, solving problems with code, and learning how computers work at a fundamental level.{linebreak}{linebreak}* This is not a 'travel every week' type of consultant. We do sometimes work at a client site but most of the time we do our projects remotely.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}We’re hiring for all experience levels: from zero career experience to information security veterans.

See more jobs at Carve Systems

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Sauce Labs

Senior DevOps Security Engineer


Sauce Labs


devops

infosec

senior

engineer

devops

infosec

senior

engineer

2yr

Apply


Stats (beta): πŸ‘ 3,146 views,✍️ 0 applied (0%)
{linebreak}Sauce Labs is looking for a Senior DevOps Security Engineer with strong network, host, and Web security skills with a DevOps mindset and hands-on security automation experience.  The position offers the opportunity to use DevSecOps principles and realize innovative security solutions that scale.  You will work in our rapidly growing organization to protect and continue to scale the world’s largest cloud-based platform for automated testing of web and mobile applications.{linebreak}{linebreak}The position offers excellent growth opportunities working with the latest DevOps and Cloud technologies.  We have offices in San Francisco, Vancouver, and offer the option of working remotely for well-qualified candidates.  If you have the skills, passion, solid judgement, and positive mindset to help design, build, and operate IaaS/PaaS security systems at scale, we would love to talk with you.

See more jobs at Sauce Labs

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Resin.io

Application Security Engineer


Resin.io


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 2,800 views,✍️ 0 applied (0%)
{linebreak}Resin.io provides a software platform that helps developers build, deploy and manage the code that runs on connected devices. In short, we make IoT work.{linebreak}{linebreak}Our technology is open, standards-based and proven in production across a wide range of scenarios from drones, 3D printers, point-of-sale devices, tidal turbines, skyscrapers and more. Our investors include DFJ, Aspect Ventures, GE, and Ericsson.{linebreak}{linebreak}Security is paramount for an IoT platform, touching everything from our cloud services to the operating system running on every single device. We're hiring a security engineer to help us ensure our code delivery pipeline is secure, the risks are well understood, and build a platform that our customers can trust.{linebreak}{linebreak}What you will work on{linebreak}{linebreak}{linebreak}* Analyse the system and contribute to threat modeling. Help understand risks and define adequate mitigation{linebreak}{linebreak}* Develop best security practices for our internal processes{linebreak}{linebreak}* Identify and fix security vulnerabilities in the platform with audits, penetration testing and other means{linebreak}{linebreak}* Define a bounty program to incentivise security researchers to find and report problems{linebreak}{linebreak}* Take part in architecture decisions to ensure security invariants are held{linebreak}{linebreak}* Apply the principle of least privilege across the organisation{linebreak}{linebreak}{linebreak}

See more jobs at Resin.io

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Pivotal

Security Engineer


Pivotal


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 2,591 views,✍️ 0 applied (0%)
{linebreak}The Cloud Foundry team at Pivotal is looking for a great Sr. Security Engineer to join us in building our open platform as a service (PaaS), transforming how the world deploys and scales software.{linebreak}{linebreak}You:{linebreak}{linebreak}The Cloud Foundry team at Pivotal is looking for experienced security engineers to work on improving  the security of the platform.{linebreak}{linebreak}As a Sr. Security Engineer you will join our teams building the secure credential and identify management subsystems of the Cloud Foundry platform. If you have a love or hate for authentication and authorization systems, Oauth, PKI systems, RBAC  and/or SAML, we need your help. You’ll be using the Spring framework to enhance the security of our open source platform and provide secure services to applications running on the platform.{linebreak}{linebreak}The Cloud Foundry team works in small agile teams. As a security engineer you will regularly work on the security team, but you will also rotate to other teams either working on important security features or learning valuable things about the platform which are relevant to security. You should be comfortable writing code but also comfortable working on all aspects that improve security, e.g. human factors, penetration testing, and configuring security tools.  You will also spread your domain knowledge to people on your own team as well as other teams. In addition, you will assist the Product Manager in story and overall product definition as well as in customer conversations.  Overall you’ll be helping the greater Cloud Foundry team identify product gaps and opportunities around your domain.{linebreak}{linebreak}Us:{linebreak}{linebreak}Pivotal is on a mission to change the way the world builds software. The Cloud Foundry team is on a mission to change the way the world runs software. We are a building a platform that aims to make deploying, updating, scaling and monitoring all of an enterprise's applications easy and secure.{linebreak}{linebreak}Just as our platform is opinionated about the architecture of applications, we are opinionated about how software should be built. We pair program, all-day every-day, because we know it delivers remarkable results. We believe in working at a sustainable pace – you’ll typically code hard for 8 hours each day, but then you’re off work to relax, recharge, and refocus.{linebreak}{linebreak}DESIRED QUALIFICATIONS:{linebreak}{linebreak}{linebreak}* Strong knowledge of web, security, and networking protocols{linebreak}{linebreak}* In-depth knowledge of security technologies such as cgroups, ACLs,RBAC, and OAuth2{linebreak}{linebreak}* Understanding of applied cryptography, including experience using cryptographic toolkits, such as OpenSSL, RSA BSAFE, Bouncy Castle, or similar{linebreak}{linebreak}* Experience with scalable web services and databases{linebreak}{linebreak}* Understand Kerberos, LDAP and Active Directory{linebreak}{linebreak}* 5 years software development experience{linebreak}{linebreak}* 2 years in security engineering, crypto, policy, auth or related technologies{linebreak}{linebreak}* Bachelor's degree in Computer Science or equivalent experience{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak} {linebreak}We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

See more jobs at Pivotal

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Casumo

Information Security Engineer


Casumo


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 2,969 views,✍️ 0 applied (0%)
{linebreak}Who are we looking for{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}The Security Team is responsible for making sure all of Casumo’s products are designed and implemented to the highest security standards. We are looking for engineers who are passionate about security and helping us build features that will protect our users (both internal and external). The Information Security Engineer will support the business with design, testing, and (where necessary) implementation of state-of-the-art secure application systems, networks, and database products as well as peripheral tools and services that helps the rest of Casumo safeguard the integrity of their data. This person must have the ability to work in a team environment with analysts, management, regulators, vendors and customers. Requires the ability to effectively communicate both verbally and written.{linebreak}{linebreak}{linebreak}As an Information Security Engineer at Casumo you will:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Develop and maintain cybersecurity artifacts for production systems;{linebreak}{linebreak}* Champion security with development teams to make their code more secure, primarily through automated tools and manual code/architecture review{linebreak}{linebreak}* Design, build, and operate innovative tools to enhance our security{linebreak}{linebreak}* Be the first response and remediation for security-related incidents{linebreak}{linebreak}* Consult, evangelize, and teach theoretical and practical security to groups of varying sizes, disciplines, and experience levels{linebreak}{linebreak}* Engage and participate in the security community, and keep abreast of information security incidents in the wild and training to ensure cutting-edge knowledge is within the business.{linebreak}{linebreak}{linebreak}

See more jobs at Casumo

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Crossover

Network Security Engineer With Ruby


Crossover


infosec

ruby

engineer

ruby

infosec

ruby

engineer

ruby

2yr

Apply


Stats (beta): πŸ‘ 4,523 views,✍️ 0 applied (0%)
{linebreak}Are you excited about technology and love building cool stuff? Are you at the top of your game and can beat Mark Zuckerberg in a coding challenge? Do you want to work with a brilliant team on an award winning product and learn new skills? Are a master of pure low level Ruby, Network, protocols and sockets?{linebreak} If so - this could be the job for you! {linebreak} {linebreak}Job Description: {linebreak} {linebreak}You will be responsible for building Ruby applications in pure low-level Ruby logic code (without the rails framework) including anything from complex groups of back-end to command line utilities, TCP/IP based libraries and data processing scripts. {linebreak}This job in nature is not the common RoR web development position, but more of a Network infrastructure engineer in its nature, building a network app. {linebreak}Your primary responsibility will be to design and develop these applications, and to coordinate with the rest of the team working on different layers of the infrastructure. {linebreak}Thus, a commitment to collaborative problem solving, sophisticated design, and building quality products is essential. {linebreak}This is an excellent opportunity to be part of an exciting company, in a dynamic and fast growing environment. {linebreak} {linebreak}Company Description: {linebreak} {linebreak}Qualicode is a software development firm that helps some of the most technologically advanced startup companies in the world with all their development needs. Working with us means youll be a part of a brilliant team with globally recognized award winning products. It also means youll be working with the most advanced technologies/challenges, and learn new skills that will serve you well in the future. Youll have real pride and satisfaction with your work. {linebreak}Some of our clients you might work with got 30+ Million users, or got enterprise level products that serves the biggest companies in the world, including governments. {linebreak} {linebreak} {linebreak} {linebreak}Responsibilities: {linebreak} * {linebreak}Design, build, and maintain efficient, reusable, and reliable pure Ruby logic low-level code (without the rails framework). {linebreak} * {linebreak}Ensure the best possible performance, quality, and responsiveness of the applications. {linebreak} * {linebreak}Identify bottlenecks and bugs, and devise solutions for these problems. {linebreak} * {linebreak}Help maintain code quality, organization, and automatization. {linebreak} {linebreak} {linebreak}40 hrs/week {linebreak}Compensation: $25/hour {linebreak}Location: Global (remote) {linebreak} {linebreak}Were one of the few legitimate companies offering high-paying jobs that are 100% remote, work from home. You never have to fight traffic to the office again and you have the freedom to choose when and where you put in your 40 hours to be most effective each week. {linebreak}To qualify, please provide a resume/CV demonstrating the required experience and skills. From there, to help us find the top 1% of talent, there will be a series of interviews and online skills examinations. We realize these are challenging and can require a decent amount of time - so we thank you in advance for your efforts. {linebreak} Are you up for the challenge?

See more jobs at Crossover

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Senior Software Engineer


Tenable Network Security


infosec

senior

engineer

dev

infosec

senior

engineer

dev

2yr

Apply


Stats (beta): πŸ‘ 3,939 views,✍️ 0 applied (0%)
{linebreak}We are looking for a self-motivated, senior-level Scala software engineer to assist in the development of an application security product, ideally with a background in program analysis.{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}As a key member of a small and versatile team, you will:{linebreak}{linebreak}{linebreak}* Work in a full-stack development environment on a small agile team{linebreak}{linebreak}* Contribute to every aspect of a product developed in Scala (backend, frontend, database, program analysis software & engines, etc.){linebreak}{linebreak}{linebreak}

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Vulnerability Research Engineer


Tenable Network Security


infosec

engineer

infosec

engineer

2yr

Apply


Stats (beta): πŸ‘ 4,277 views,✍️ 0 applied (0%)
{linebreak}Tenable maintains a staff of engineers who keep track of all new publicized vulnerabilities and then develop 'plugins' for the Nessus vulnerability scanner. These 'plugins' are short programs that efficiently and accurately test scanned systems for the presence of the vulnerability. Vulnerability Research Engineers will spend a good portion of their time researching and exploiting disclosed vulnerabilities, while also coding production-level plugins to add to the Nessus Vulnerability Scanner.{linebreak}{linebreak}Often, being able to accurately test for the vulnerability involves analyzing vendor-supplied security patches, manually configuring vulnerable targets in a virtual environment, analyzing the system or application to reliably understand the impact of the vulnerability then developing a method to test for the vulnerability remotely.{linebreak}{linebreak}Key Responsibilities:{linebreak}{linebreak}{linebreak}* Keep track of the newest published vulnerabilities{linebreak}{linebreak}* Analyze vendor-supplied security patches{linebreak}{linebreak}* Reproduce the conditions to exploit a vulnerability{linebreak}{linebreak}* Setting up and exploring new software in a lab environment to determine feasibility for vulnerability checks{linebreak}{linebreak}* Develop plugins to be utilized by Nessus that will recognize the presence of the vulnerability remotely or local{linebreak}{linebreak}* Work with vulnerability data, log data and security events{linebreak}{linebreak}{linebreak}

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Crossover

Python Security Engineer


Crossover


infosec

python

engineer

infosec

python

engineer

3yr

Apply


Stats (beta): πŸ‘ 4,636 views,✍️ 0 applied (0%)
Are you an experienced security researcher with a mastery of Python? Do you have a strong understanding of networking, security, and other related techniques? If you are a highly motivated, efficient, and a team player, this position could be a great fit. {linebreak} Job Description: The Security Research Architect is responsible for supporting the Engineering department in research and security related tasks including content updates for the products and testing products as well as related systems for security issues.{linebreak} Company Description: GFI provides security and networking software for small and medium businesses. At GFI, we are centered on customer success. We pride ourselves on providing the security our customers need for success in their day-to-day operations. GFI team members are set apart by our shared passion for using software technologies to ensure our customers maximum success and satisfaction.{linebreak} Key Responsibilities:{linebreak} * {linebreak}Investigate and maintain Content update data for various products {linebreak} * {linebreak}Good understanding and experience of the Python scripting language {linebreak} * {linebreak}Ability to create, maintain and monitor critical live infrastructure {linebreak} * {linebreak}Experience working with and maintaining CDN systems {linebreak} * {linebreak}Periodic refactoring and continuous performance improvement of Updaters {linebreak} * {linebreak}Keeps up-to-date with what is happening in the international security community {linebreak} * {linebreak}Keeps up-to-date with what is happening in the patch management community {linebreak} * {linebreak}Is aware of the latest viruses, exploits, Trojans and other Malware {linebreak} * {linebreak}Researches new vulnerabilities related to Microsoft products, Linux and email technologies which would benefit GFI to integrate checks for within the assigned GFI products {linebreak} * {linebreak}Provide security checks with detailed description / fix or work around procedures {linebreak} * {linebreak}Monitor Linux security reports and update vulnerable application version list accordingly. {linebreak} * {linebreak}Monitor Windows security reports and update vulnerable application version list accordingly. {linebreak} * {linebreak}Tests GFI products when required for possible weaknesses {linebreak} * {linebreak}Properly documents and catalogues research results. {linebreak} * {linebreak}Ability to perform various tasks at the same time and multitask between them as necessitated by daily needs. {linebreak} * {linebreak}Stay overtime as require to ensure timely release of Content updates {linebreak} {linebreak}

See more jobs at Crossover

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


GitHub

Application Security Engineer Systems


GitHub


infosec

engineer

infosec

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,043 views,✍️ 0 applied (0%)
Full Time: Application Security Engineer - Systems at GitHub in Remote

See more jobs at GitHub

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Software Engineer Security


Wikimedia Foundation


infosec

engineer

dev

digital nomad

infosec

engineer

dev

digital nomad

3yr

Apply


Stats (beta): πŸ‘ 3,474 views,✍️ 0 applied (0%)
{linebreak}Summary:{linebreak}{linebreak}The Wikimedia Foundation is looking for a Software Engineer to join the Security team working to help protect Wikipedia and our other projects. You'll be working with other developers and security engineers to create and maintain security-centric features of our public sites, and to develop tools used by the Security team to aid in finding and fixing security bugs before they're exploited.{linebreak}{linebreak}YOU ARE ...a smart software developer with experience building security features in large scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You must have a passion for the WMF mission. We do (almost) everything publicly, and volunteers can add arbitrary JavaScript to our site. That should both frighten and thrill you.{linebreak}{linebreak}You will be joining a team responsible for ensuring the security and integrity of applications written in PHP, Python, Ruby, Lua, Perl, JavaScript (Node.js) among others, using both relational and key-value data storage mechanisms. (Don't worry, you don't need to have had experience with all of those technologies.){linebreak}{linebreak}As a Software Engineer for the security team, we’d like you to do these things:{linebreak}{linebreak}{linebreak}* Collaborate with Foundation and community members on creation of software specifications{linebreak}{linebreak}* Implement and maintain security-centric features (authentication/authorization, encryption, hashing, and PKI management){linebreak}{linebreak}* Create tools to automate Security team processes{linebreak}{linebreak}* Write and apply software patches to remediate reported security issues{linebreak}{linebreak}{linebreak}

See more jobs at Wikimedia Foundation

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Elastic

Sr Java Engineer Security


Elastic


infosec

java

engineer

infosec

java

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,260 views,✍️ 0 applied (0%)
{linebreak}Want to work for one of the fastest growing software companies in the World?{linebreak}{linebreak}Elastic is building out our security offering and looking for a Java Engineer with Security expertise.{linebreak}{linebreak}Responsibilities{linebreak}{linebreak}{linebreak}* {linebreak}{linebreak}Hands-on design, development, integration, documentation and testing of Elasticsearch security features{linebreak}{linebreak}{linebreak}* {linebreak}{linebreak}Collaborate with other development teams, our community, and our customers to execute on product security deliverables{linebreak}{linebreak}{linebreak}* {linebreak}{linebreak}Lead security initiatives both within Elasticsearch and our Open Source community{linebreak}{linebreak}{linebreak}* {linebreak}{linebreak}Occasionally provide training at various Elasticsearch Training Events{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at Elastic

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stats (beta): πŸ‘ 3,304 views,✍️ 0 applied (0%)
The Cyber Security Engineer is a member of an enterprise-level team of security and compliance experts. This person is responsible for protection of the corporate infrastructure from infiltration or exfiltration as a part of the Security Operations Center (SOC). This individual is also expected to participate in many facets of corporate security and thus must have a well-rounded, hands-on background.{linebreak}{linebreak}Viewpost encourages both independence and collaboration in an environment that fosters a fun yet serious atmosphere. Team members are expected to diligently maintain existing protocols while simultaneously challenge the status quo in an effort to continually improve and enhance the security measures at Viewpost.{linebreak}{linebreak}{linebreak}The candidate must have demonstrable experience in at least 2 of the following:{linebreak}{linebreak}{linebreak}* Palo Alto Networks firewall administration. Candidate must be able to troubleshoot service issues in support of Enterprise initiatives and have a strong understanding of networking concepts. Experience with Panorama is a plus{linebreak}{linebreak}* Websense proxy administration to include O&M of Triton and appliances. Candidate must have experience with configuration and troubleshooting of DLP, exceptions, incidents, SSL decryption, and content filtering{linebreak}{linebreak}* McAfee ePO administration, to include O&M of McAfee security features such as anti-virus, whole disk encryption, HIPS, and VSE. The Candidate will be expected to keep devices up to date with latest signatures, troubleshoot issues, and report end point compliance{linebreak}{linebreak}* Splunk administration to include data ingestion, custom alerts, agent configuration and deployment, management of indexers and heavy forwarders, development of complex queries and dashboards, and troubleshooting of Splunk service issues. This role will require Linux experience{linebreak}{linebreak}* Incident Response to including incident identification, investigation, response, recovery and data connectivity.{linebreak}{linebreak}{linebreak}{linebreak}Other responsibilities include:{linebreak}{linebreak}* Perform daily checks of all services to ensure functionality{linebreak}{linebreak}* Interface with our internal customers to assist with their service requests{linebreak}{linebreak}* This position may work in shifts to support a 24x7 security operations center{linebreak}{linebreak}* This position participates in an on call rotation (approximately 1 week on call every 2 months){linebreak}{linebreak}* This employee shall maintain or assist in the maintenance of the confidentiality, integrity, and availability of all data in physical and/or electronic format{linebreak}{linebreak} {linebreak}{linebreak}Qualifications: {linebreak}{linebreak}* Bachelor’s Degree in one of the STEM areas (Science, Technology, Engineering, Math){linebreak}{linebreak}* 6 years of experience with at least 3 years of Systems Administrator experience and two years in a role with a security focus{linebreak}{linebreak}* Ability to automate tasks to minimize manual work{linebreak}Ability to read and understand IP network designs and security fundamentals, including firewall ACL’s, router configurations, and system alerts{linebreak}{linebreak}* The candidate should have an understanding of security policies and security best practices driven by federal regulations{linebreak}{linebreak}* Must be able to work with geographically dispersed peers and internal customers{linebreak}{linebreak}* Experience with IT ticketing systems and IT customer support{linebreak}{linebreak} {linebreak}{linebreak}Preferred Skills: {linebreak}{linebreak}* Cross platform experience with Windows, Linux, MAC OS and UNIX Platforms{linebreak}{linebreak}* Experience working in a security operations center or network operations center which operates 24/7/365{linebreak}{linebreak}* Industry recognized professional certification (e.g., Cisco, Microsoft, SANS, CEH, Security+, CASP, CISSP Associate){linebreak}{linebreak}* Knowledge of security control initiatives such as ISO, SSAE 16, PCI, ITIL, and COBIT a plus{linebreak}{linebreak}* Experience with SIEM, vulnerability scanners, IDS/IPS, forensics tools{linebreak}{linebreak}* Experience with IDS/IPS and Snort rule creation{linebreak}VPN administration experience{linebreak}{linebreak}{linebreak}{linebreak}Accomplishments of the Security and Compliance team at Viewpost:{linebreak}{linebreak}IDG’s 2015 CSO50 Award for top50 innovative security initiatives across the US{linebreak}{linebreak}ISO 27001 Certified by Brightline{linebreak}{linebreak}TRUSTe certification{linebreak}{linebreak}AICPA certification{linebreak}{linebreak} {linebreak}{linebreak}{linebreak}Viewpost is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Viewpost via-email, the Internet or in any form and/or method without a valid written Statement of Work in place for this position from Viewpost HR/Recruitment will be deemed the sole property of Viewpost. No fee will be paid in the event the candidate is hired by Viewpost as a result of the referral or through other means. {linebreak}{linebreak}{linebreak} {linebreak}{linebreak}Viewpost is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived, race, religion, color, sex (including pregnancy and gender identity), sexual orientation, parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, any other non-merit based factoror any other characteristic protected by applicable federal, state or local laws. Our leadership team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment. If you’d like more information about your EEO rights as an applicant under the law, please click here http://www1.eeoc.gov/employers/poster.cfm {linebreak}{linebreak}Extra tags: cyber, security, information

See more jobs at Viewpost

Visit Viewpost's website

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Linux Appliance Software Engineer


Tenable Network Security


infosec

engineer

linux

dev

infosec

engineer

linux

dev

3yr

Apply


Stats (beta): πŸ‘ 5,347 views,✍️ 0 applied (0%)
{linebreak}Linux Appliance Software Engineer{linebreak}{linebreak}We are looking for a self-motivated, senior-level, Linux Appliance Engineer to assist in the maintenance and improvement of our Linux based virtual and hardware appliances.{linebreak}{linebreak}Key Responsibilities:{linebreak}{linebreak}{linebreak}* Work with other designers and developers to build new features{linebreak}{linebreak}* Perform maintenance fixes and improve on existing functionality across multiple hardware and virtual systems{linebreak}{linebreak}* Point out issues with the existing architecture and fix it{linebreak}{linebreak}* Work with Quality Assurance to identify and troubleshoot issues{linebreak}{linebreak}* Unit testing{linebreak}{linebreak}* Promote great software design and quality{linebreak}{linebreak}* Drive innovation by coming up with new ideas for our products and processes{linebreak}{linebreak}{linebreak}

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Tenable Network Security

Cloud Operations Engineer


Tenable Network Security


infosec

cloud

engineer

ops

infosec

cloud

engineer

ops

3yr

Apply


Stats (beta): πŸ‘ 4,519 views,✍️ 0 applied (0%)
{linebreak}Tenable Network Security delivers comprehensive security solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization.  Transform security with Tenable, the creators of Nessus and pioneers of continuous monitoring.{linebreak}{linebreak}Our global expansion is creating job opportunities for creative thinkers who are wired for action and delivering big results. We’re also stacked with industry rock stars who are just as comfortable keynoting a conference or delivering a podcast as they are mentoring up-and-coming colleagues. But what our employees are most excited about is our products and customers!{linebreak}{linebreak}Tenable now has over 600 employees globally and over 20,000 customers in 150 countries. Tenable Network Security is recognized as one of the fastest growing security product companies by SC Magazine, Red Herring, Info Securities, Deloitte, E&Y and as a Best Places to Work by Glassdoor, The Washington Post, The Baltimore Sun, The Washingtonian, The Baltimore Business Journal and Expert Marketplace.{linebreak}{linebreak}The Cloud Services Engineer position will support the implementation of Cloud technologies for Tenable. The position will utilize strong technical skills as part of a team of engineers responsible for the automated deployment and support of full application stacks from the system (Linux) up through a custom application in all cloud environments. Cross-functional collaboration with internal teams to ensure a consistent and high-quality level of service delivery will be a critical focus.{linebreak}{linebreak}Role Requirements:{linebreak}{linebreak}{linebreak}* Responsible for responding to support escalations which involve troubleshooting complex technical problems and resolving data/configuration issues within defined service level objectives{linebreak}{linebreak}* Responsible for developing software, tools, and scripts to automate deployment, management, and monitoring of production systems in all environments{linebreak}{linebreak}* Provide strategic and thought leadership among peers on complex projects{linebreak}{linebreak}* Collaboration with cloud engineers in understanding new cloud technologies, assessing impact to security services operations, and proposing solutions to existing business problems{linebreak}{linebreak}* Collaboration in the software development lifecycle to develop detailed enhancement/bug definitions, write functional requirements, translate the requirements into solution designs, and navigate the functional requirements through to Production deployments{linebreak}{linebreak}* Proactively look for ways to create efficiencies within operations as it pertains to the tools and technology used by Tenable to support their customer base{linebreak}{linebreak}* Manage, participate in, or directly work on any additional projects, assignments, or initiatives assigned by management{linebreak}{linebreak}* Create/maintain documentation for operational procedures{linebreak}{linebreak}* Document and perform system upgrades, application updates, and define monitoring requirements based on customer needs{linebreak}{linebreak}* Participate in an on-call rotation{linebreak}{linebreak}{linebreak}

See more jobs at Tenable Network Security

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stats (beta): πŸ‘ 4,995 views,✍️ 0 applied (0%)
When it comes to modern day software development, you will have your finger on the pulse of the entire pipeline. You will need to be comfortable interfacing with various software components and always considering how best to deliver in a rapidly iterative fashion with a strong focus on service availability, scalability and resilience.{linebreak}{linebreak}DevOps is as much about communication and business relationships as it is about any of the software or tools you will use. {linebreak}{linebreak}About Us{linebreak}New Context is a rapidly growing consulting company in the heart of downtown San Francisco. We specialize in Lean Security; an approach that leads organizations to build better software thru hands-on technical and management consulting. We are a group of engineers who live and breath Agile Infrastructure, Systems Automation, Cloud Orchestration, and Information Security. {linebreak}The New Context team personifies the DevOps spirit. We love a challenge and look forward to working with clients to solve their own challenges. Our teams operate with complete stack awareness of infrastructure, application and security.{linebreak}Our driving methodologies are Lean Security and Humane Systems. In adopting a security first approach to infrastructure focused on people, processes and technologies, our team will have an integral part in driving the direction of these exciting new approaches.{linebreak}{linebreak}{linebreak}Duties & Responsibilities{linebreak}{linebreak}As a New Context DevOps Engineer you will be expected to provide technical leadership with a hands-on approach. On a daily basis you will be interfacing with our clients and other New Context staff members while working from the New Context office, at client sites or from your home. Expect to heavily leverage open source software to tackle challenges like delivery of highly secured containers to IoT devices or building Big Data ecosystems at petabyte scale and beyond.{linebreak}The team works well together, but also understands that sometimes they go rogue to motivate the group into being effective. Your most important daily responsibilities: have fun, lead by example and solve exciting challenges.{linebreak}{linebreak}Qualifications{linebreak}Seasoned Technical Veteran{linebreak}We are looking for a team member with 5+ years of experience in a similar role that can demonstrate they have already learned how to excel in this role.{linebreak}Experience with highly available and high-performance open source web technologies{linebreak}Existing familiarity (or the eagerness to learn) Ruby and/or Python is helpful, given they are the common languages of systems automation.{linebreak}Strong communication skills{linebreak}You must be ready to communicate current status in an effective and professional manner.{linebreak}Independent worker{linebreak}Work may often require direct interaction with clients or team members without direct supervision. You must be able to think on your feet, communicate constantly and professionally, and above all else meet the expectations of our clients.{linebreak}Calm and professional demeanor{linebreak}This is critical! You will be faced with frustrated clients, team members and situations. You must be able to handle yourself in a professional manner and find the best course of action to take in order to please the client as much as is possible.{linebreak}{linebreak}Technologies you will interact with regularly{linebreak}Methodologies{linebreak}Agile, Lean, DevOps, TDD, paired programming{linebreak}Operating Systems{linebreak}Linux, OS X{linebreak}Automation{linebreak}Chef, Puppet, Docker, Ansible, Salt, CFengine, Automated Testing{linebreak}Containerization Ecosystem{linebreak}Docker, Mesosphere, Rancher, CoreOS, Kubernetes{linebreak}Cloud & Virtualization{linebreak}AWS, Google Compute Engine, OpenStack, Cloudstack, kvm, libvirt{linebreak}Tools{linebreak}Jenkins, RunDeck, Atlassian Suite, Pivotal Tracker, Vagrant, Maven, Git{linebreak}Monitoring{linebreak}SysDig, Data Dog, AppDynamics, New Relic, Nagios, Zabbix{linebreak}Databases/Datastores{linebreak}Cassandra, Hadoop, Redis, Riak, postgresql, MySQL{linebreak}Security{linebreak}Compliance standards, firewalls, scanners, OSSEC, AIDE{linebreak}Languages{linebreak}Ruby, Python, Java, Javascript{linebreak}{linebreak}Extra tags: devops, chef, jenkins, docker, cassandra , puppet, hadoop, lean security,

See more jobs at New Context

Visit New Context's website

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Fastly

Infrastructure Security Engineer


Fastly


infosec

engineer

infosec

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,251 views,✍️ 0 applied (0%)
{linebreak}INFRASTRUCTURE SECURITY ENGINEER{linebreak}{linebreak}As an Infrastructure Security Engineer at Fastly you will help ensure we provide a secure edge for the biggest online platforms in the world, handling massive amounts of traffic at very low latency.{linebreak}{linebreak}We are looking for versatile engineers at all levels of seniority who enjoy being deeply involved in all aspects of building and securing our platform. Qualified candidates will excel at analyzing components of our infrastructure, and will show an aptitude for discovering complex security issues. We encourage our security engineers to present at network and security conferences and participate in the open source community.{linebreak}{linebreak}This is a role with a high impact, friendly security team. In addition to contributing to industry leading security products and services, you’ll make sure our customers benefit from a service built to the highest security standards in the industry. We’re in beautiful downtown San Francisco, but for the right candidate, we’re open to considering a remote position, and we have the team and tools in place to make it work.

See more jobs at Fastly

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Vox Media

Full Stack Engineer Security


Vox Media


infosec

engineer

full stack

infosec

engineer

full stack

3yr

Apply


Stats (beta): πŸ‘ 5,226 views,✍️ 0 applied (0%)
{linebreak}Full-Stack Engineer, Security{linebreak}{linebreak}Vox Media is one of the fastest growing media companies today, combining the best content, technology, and distribution capabilities to connect with an audience of 170 million people each month who rely on us for a modern, intelligent take on the world. Simply put, we create smart media brands for smart audiences.{linebreak}{linebreak}We got our start innovating in sports media with SB Nation, the largest and fastest-growing network of fan-centric online sports communities. We now have eight brands including Polygon, The Verge, Vox.com, Curbed, Racked, Eater, and Re/code.{linebreak}{linebreak}We are seeking an outstanding software engineer to take ownership of application security at Vox Media. You are someone with hands-on experience discovering and addressing common web application security vulnerabilities; or a resourceful senior engineer who is eager to learn more about and focus solely on security.{linebreak}{linebreak}Primary responsibilities:{linebreak}{linebreak}{linebreak}* Identifying security vulnerabilities across Vox Media via code review and penetration testing. Writing code to directly address smaller vulnerabilities; working with other engineers to address larger ones. Documenting and advising project teams on security best practices.{linebreak}{linebreak}* Implementing new features focused on improving the security and privacy of our editorial staff and their readers.{linebreak}{linebreak}* Developing internal tools for monitoring, alerting, and prevention of suspicious activity and abuse - both at the application and network level.{linebreak}{linebreak}* Managing incident response and bug-bounty programs. Responding to CVEs and other alerts.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Additionally, you:{linebreak}{linebreak}{linebreak}* Are a self-starter who can take a challenging task and run with it{linebreak}{linebreak}* Care deeply about the quality of your work{linebreak}{linebreak}* Communicate well{linebreak}{linebreak}* Have a solid grounding in object-oriented programming and fundamental computer science concepts such as concurrency, complexity theory, and algorithms & data structures{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}Ideally, you also have:{linebreak}{linebreak}{linebreak}* Built and deployed into production a non-trivial Ruby on Rails application{linebreak}{linebreak}* Worked on small development teams and with remote team members{linebreak}{linebreak}* Experience using a variety of programming languages and frameworks{linebreak}{linebreak}* Passion for online media and journalism{linebreak}{linebreak}* Love or strong tolerance for animated GIFs and bad puns{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}For more on the things we're building and problems we're solving, and what it's like to work on the Vox product team, see our product team blog; Press Reset, the documentary about the making of Polygon; and Chorus, our modern media platform.{linebreak}{linebreak}About working at Vox Media: this is a permanent, full-time position with excellent benefits—including flexible hours and generous parental leave. Candidates can be based out of either of our main offices—in New York City or Washington, DC—or may work remote from anywhere within the major US timezones (Eastern, Mountain, Central, Pacific). You'll be joining a group of focused, hard-working, creative people who are passionate about doing work that's challenging and fun—all while maintaining a healthy work/life balance.{linebreak}{linebreak}We encourage candidates of all experience levels to apply. If the above doesn't describe you perfectly, please get in touch anyway and tell us why you want to work with us.{linebreak}{linebreak}Vox Media is committed to building an inclusive environment for people of all backgrounds and everyone is encouraged to apply.  Vox Media is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.

See more jobs at Vox Media

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Instructure

Security Engineer


Instructure


infosec

engineer

infosec

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,488 views,✍️ 0 applied (0%)
Instructure was founded to define, develop, and deploy superior, easy-to-use software. (And that’s what we did / do / will keep on doing.) We are dedicated to the fight against iffy, mothbally, shoddy software. We make better, more usable tools for teaching and learning (you know, stuff people will actually use). A better connected and more open edtech ecosystem. And more effective ways for everyone everywhere to access education, make discoveries, share knowledge, be inspired, and do big things. We accomplish all this by giving smart, creative, passionate people opportunities to create awesome. So here’s your opportunity.{linebreak}{linebreak}At Instructure, we make software that makes people smarter, and we offer this software as a service hosted on a global cloud based platform. Being a cloud based company, we must ensure our platform is extremely secure and our customer’s data well protected. In today’s online economy, a great defense is no longer good enough … organizations need to mount an impressive offense as well. We are looking for a security engineer who enjoys getting dirty, breaking things, and looking in dark corners for ways that the bad guys can get in.{linebreak}{linebreak}If you are the kind of person who enjoys being a red team of one, working with wickedly smart people, and building a security practice within a fast paced, responsive, and customer obsessed company, do we have an opportunity for you.{linebreak}{linebreak}{linebreak}{linebreak}WHAT YOU WILL BE DOING:{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}* Analyzing, troubleshooting, and investigating anomalies within our global cloud based platform.{linebreak}{linebreak}* Implementing tools, systems, policies, and processes which help identify and address security vulnerabilities across the enterprise.{linebreak}{linebreak}* Assessing and analyzing physical security controls within all of our globally distributed offices.{linebreak}{linebreak}* Working with engineering to identify areas of opportunity for improving our secure coding practices and standards.{linebreak}{linebreak}* Helping us get ready for entry into high security market verticals like finance, healthcare, and government.{linebreak}{linebreak}* Maintaining a company culture of openness, trust, and transparency while ensuring a safe, secure, and protected environment for our customers.{linebreak}{linebreak}* Working across the entire company, with various personalities, to improve security without mucking up the culture.{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}{linebreak}

See more jobs at Instructure

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


DataRobot

Network Security Engineer


DataRobot


infosec

engineer

infosec

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,414 views,✍️ 0 applied (0%)
{linebreak}DataRobot is looking for Network and Security engineers to help us build out, maintain and improve our highly reliable cloud based and on-premise infrastructures. You will work with other team members to build and maintain highly available, high performance, and scalable systems.  You will participate in building, maintenance and support our networks to support our global users and employees. You will participate in systems and network security testing. You will be part of our Core Infrastructure team, and will work closely with our Release Engineering, Test Automation and Development teams on automation of infrastructure processes.  You will participate in creating and improving our security policies and procedures that will ensure the protection of customer and corporate data.  You are expected to assist other team members on system and infrastructure related issues when necessary.  You will participate in on-call rotation.

See more jobs at DataRobot

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Mobiquity

Senior Security Engineer


Mobiquity


infosec

senior

engineer

infosec

senior

engineer

3yr

Apply


Stats (beta): πŸ‘ 4,199 views,✍️ 0 applied (0%)
{linebreak}Senior Security Engineer{linebreak}{linebreak}Role:  Senior, Security & Compliance Engineering{linebreak}{linebreak}Reporting directly to the VP of Technology Services/Chief Information Security Officer (CISO), and working with other members of the security team, project delivery, devops, and IT teams, the role will:{linebreak}{linebreak}{linebreak}* ensure new projects are scoped, implemented and deployed in a secure manner;{linebreak}{linebreak}* provide security expertise on customer project delivery teams throughout the Mobiquity Software Development Lifecycle (SDLC){linebreak}{linebreak}* maintain, apply, and enhance security architecture standards;{linebreak}{linebreak}* maintain, apply, and enhance  security development and testing standards;{linebreak}{linebreak}* maintain, apply, and enhance industry compliance standards throughout the organization;{linebreak}{linebreak}* provide security and compliance subject matter expertise and consultation to internal Business Units and to Customers;{linebreak}{linebreak}* coordinate with the IT, DevOps and Delivery teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices;{linebreak}{linebreak}* perform security/compliance internal audits on new projects;{linebreak}{linebreak}* perform risk assessments on vendors, tools and processes;{linebreak}{linebreak}* maintain and oversee execution of security policies;{linebreak}{linebreak}* advise on strategy for new and existing compliance standards for Mobiquity and customers;{linebreak}{linebreak}* consult with Labs team on projects and strategies related to research in security and compliance;{linebreak}{linebreak}* support security/vulnerability incident responses;{linebreak}{linebreak}* consult with IT team and Delivery teams on forensic analysis of breaches and exploits;{linebreak}{linebreak}* maintain, apply, and enhance a set of materials for internal and external use related to Mobiquity security and compliance posture and on-going expertise;{linebreak}{linebreak}* contribute to writing a periodic blog post and other market-facing content on topical security & compliance subjects;{linebreak}{linebreak}* be prepared to participate as a member of the Mobiquity Corporate Security Team;{linebreak}{linebreak}* represent Mobiquity with industry leaders, analysts and standards bodies in areas related to security and compliance;{linebreak}{linebreak}* provide other security, compliance, and technical tasks as assigned by the VP Technology Services/CISO.{linebreak}{linebreak}{linebreak}

See more jobs at Mobiquity

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Olo

White Hat Hacker Security Engineer


Olo


infosec

engineer

infosec

engineer

3yr

Apply


Stats (beta): πŸ‘ 3,584 views,✍️ 0 applied (0%)
{linebreak}At Olo we run an online food ordering platform used by many of the country’s largest restaurant chains, reaching millions of consumers through branded mobile apps and ordering websites. We are seeking an experienced security engineer to help us maintain our excellent security track record. You would be collaborating closely with all development teams and across all services.{linebreak}{linebreak}Your responsibilities would include conducting internal and external penetration testing, advising engineers and other employees on secure designs, reviewing and testing new releases for vulnerabilities, hardening our hosting infrastructure, and monitoring for malicious activity. You would be involved throughout the development lifecycle from design to production. You would help Olo maintain compliance as a PCI DSS Level 1 Service Provider.

See more jobs at Olo

Apply for this Job

πŸ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.