Post a Job

get a remote job
you can do anywhere

325 Remote Infosec Jobs at companies like Surevine, Geocomm and Redox last posted 14 hours ago. The median salary for Infosec jobs while working remotely is $107,500 as of September 2018.

325 Remote Infosec Jobs at companies like Surevine, Geocomm and Redox last posted 14 hours ago. The median salary for Infosec jobs while working remotely is $107,500 as of September 2018.

Get a  email of all new remote infosec jobs

  Jobs

  People

Are you hiring for a remote Infosec position?

Post a Job in this section

Today


Surevine

Information Security Lead


Surevine


infosec

exec

infosec

exec

14h

Apply


UK APPLICANTS ONLY

Description

Security is at the heart of what Surevine do and our Information Security Lead is responsible for keeping us honest to that. Responsible for the development, implementation, delivery and support of our Information Security Management System (ISMS), they will ensure Security doesn’t become a tick-box exercise in compliance, but remains aligned with the strategic requirements of the business, through the promotion of a security awareness culture throughout the business and an active programme of training, audits and exercises.

This role is ultimately to ensure protections are in place, and being continually monitored and improved, to ensure the business minimises security threats and our security culture is externally benchmarked to meet or exceed the appropriate standards to demonstrate our security stance to the business’ stakeholders, e.g. maintaining ISO27001 and Cyber Essentials Plus certification.

Skills and experience

Essential


* You will have carried out audits and have many examples of actioning any non-compliances or making improvements through effective training, processes and systems, e.g. you have completed ISO27001 audits and actioned observations

* You will have defined and run exercises that test people, processes and tools are complying with a Security Information Management System and more generally ensuring a system is in place that is effective against a documented set of potential threats

* You have maintained and run an effective Incident Management process responding to security incidents quickly and ensure continuity of the business or organization

* You will be a sensitive and sophisticated communicator, able to adapt your interactions to allSurevine stakeholders, including the board, in a way that is accessible to both technical and non-technical customers, employees, contractors, partners and board memberS

* You will be able to demonstrate highly experienced managerial skills required to expertly manage the security programmes, projects and initiatives you will lead.




Highly-Desirable


* You will have a deep understanding of software, platform and infrastructure cloud services (particularly Amazon Web Services) and the implications of using such services to support the business and its customers

* You will be able to support an estate of mainly Apple end-user devices, e.g. Macs and iOS devices, used to connect to typically cloud-based services by our remote workers.Information Security Lead




Responsibilities


* Ensure the right tools, processes and culture is in place to maintain and continue to build on our living Information Security Management System

* Maintain an accurate risk register for the business, ensuring effective treatments are in place for risks and communicating an accurate picture of the risk profile to the board as required, e.g. at board meetings

* Complete the necessary audits to maintain our ISO27001 certification and build on our Information Security Management System to incorporate aspects of other relevant standards, to include our current Cyber Essential Plus certification

* Be the main point-of-contact for external accreditation bodies ensuring our certifications are maintained


See more jobs at Surevine

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Geocomm

verified

Senior Software Engineer - Security Video Integration


Geocomm


esri

gis

azure

agile

esri

gis

azure

agile

1d

Apply

We are looking for a motivated and experienced senior software engineer to help enhance our development effort using a cutting-edge tech stack. Successful candidates will demonstrate a passion for high quality software, have strong engineering principles and methodical problem-solving skills. This is a unique opportunity to build products that truly make a difference. This position is exempt and reports directly to the Joint Operations General Manager.
Qualifications
BS/MS in Computer Science or Software Engineering
7+ years of experience developing software applications and web services
Programming experience in Python, C# / .NET, JavaScript or TypeScript
Working experience with video camera system SDKs and APIs
Working experience with frameworks such as Angular
Working experience with SQL databases
Working knowledge of Git version control
Hands on experience creating responsive web applications using modern frameworks
Experience designing applications that operate on cloud environments such as AWS or Azure
Ability to establish priorities and work independently on multiple tasks
Knowledge of Agile software development methodologies and practices
Preferred Experience
Experience developing, maintaining, and innovating large scale, consumer facing applications
Familiar with the development challenges inherent with highly scalable and available web applications
Experience with open source technologies
Experience with various modern web frameworks
Experience developing GIS applications using Esri technology
Experience with Docker
Geo-Comm is an equal opportunity employer and does not discriminate in hiring or employment on the basis of race, color, religion, sex, national origin, age, disability, marital status, familial status, sexual orientation, veteran status or any other status protected by applicable law.
Geo-Comm Corporation provides a drug-free working environment and is an Equal Opportunity Employer.

See more jobs at Geocomm

Visit Geocomm's website

How do you apply?

Go to www.geo-comm.com and go to the careers tab.
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

This week


Redox

Security Systems Engineer


Redox


infosec

engineer

infosec

engineer

7d

Apply


Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology. At Redox, security comes first as patients depend on our systems to be secure, available and reliable. The Security team partners with every team in our business to make that happen.

As a cloud-centric, remote first company we’re looking for a person who will take on securing our highly distributed workforce and make it more secure than the traditional "corporate network." You will be responsible for technical leadership and the hands on building, operating and maintaining of Corporate Operations Security.

The scope of this program includes securing the devices, networks and software we use everyday to build and operate Redox. You’ll also build monitoring and alerting systems for the Security team to identify and tackle threats and issues in real-time.

Security Engineer (Corporate Operations) is a new, yet critical role at Redox. To be successful in this role you will need to have a vision for what this program should look like and design capabilities which scale as the team and company grows. You can be based anywhere in the US. (See “Work Anywhere” below)


* Be an active voice in our small, focused security team as the primary engineer responsible for Corporate Operations Security.

* Define the secure baseline and secure configuration required for devices and networks at Redox.

* Approach securing our company pragmatically, emphasizing with your end-users to understand their needs.

* Be responsible for the security management program of all corporate devices. (Asset Management, MDM, Secure Configuration, Monitoring)

* Take the complex problems you’re working on each day and make them simple when explaining them to your stakeholders.

* Build scalable systems which enforce and monitor device compliance with the secure baseline, rectify issues automatically and alert on problematic systems.

* Support and build valuable training activities which uplift employee awareness and responses to security threats.

* Monitor, report and seek to address security vulnerabilities in corporate devices or networks.

* Maximize security impact and reduce risk while minimizing negative impact on our businesses velocity.

* Build automated monitoring and alerting which identifies anomalous events.

* Lead security incident response through engaging relevant engineers and management to provide support and guidance.

* Mentor and guide engineering teams on best practices and preparation for potential compromises (logging etc)

* Build scalable alerting and monitoring systems using vendor solutions, open source and/or homegrown systems to detect breaches.




Required Skills


* Knowledge of current threats and risks, how to detect them, build controls to stop them and training to create awareness of them.

* Ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.

* Familiarity with MacOS operating system internals, knowledge and ideas of how to manage and secure these devices at scale.

* Development experience sufficient to automate repetitive tasks and scale your impact.

* Experience with log aggregation and monitoring tooling.

* [Bonus Points] Experience with Jamfsoft (Casper Suite)

* [Bonus Points] Experience with Vulnerability Management Tooling




We provide benefits that allow you to live life by your own design. Redox employees enjoy unmatched autonomy in their work and the support to live a balanced life. We trust you know what you need to be happy, at work and at home.


* Tackle Challenging Problems Everyday. There is no roadmap for what we are building, so you’ll have the backing and support of talented engineers and security practitioners to make sure you have what you need to be successful.

* Work Anywhere. (Within the US) We want to have the best people at Redox - no matter where you call home. All Redox employees are encouraged to live and work wherever they're happiest. All you need is power, wifi, and a computer and you’re good to go. We also run a number of co-located working spaces across many US cities if you prefer an office environment.

* Flexible Time Off. Take a trip somewhere fun, stay home to recover from being sick, or have a staycation to unplug and recharge. Our best work happens when we feel fresh and inspired. We leave it up to you to decide when you need to take breaks and encourage you to make time for adventure and discovery.

* Health & Dental from Day 1. Working in healthcare makes you understand all the challenges life can throw at you. Your health and dental coverage starts when you do to make sure you're always covered. We provide health and dental insurance for employees, spouses, domestic partners, and dependents, as well as life and disability insurance.

* Parental Leave. As your family grows, it’s important that you’re there and have time to figure out what your family’s new norm is. You can take 12 weeks of paid time off within the first year of your new addition arriving. We know that they need you and we have your back.

* Productivity Fund. We want you to be able to set up a workspace that allows you to perform at your very best. All Redox employees receive an annual discretionary stipend so you can select what helps you be productive.

* 401k. We offer an optional, customizable and flexible 401k plan for you to plan for your financial future on your terms.


See more jobs at Redox

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

This month


Github

Security Operations Engineer


Github


infosec

ops

engineer

infosec

ops

engineer

8d

Apply

Full Time: Security Operations Engineer at GitHub in Remote-US

See more jobs at Github

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Platform.sh

Security & Compliance Engineer


Platform.sh


security

infrastructure

compliance

infosec

security

infrastructure

compliance

infosec

19d

Apply

To reinforce our commitment to customersโ€™ privacy, we are looking to grow our compliance team. If youโ€™re looking for an exciting, high-growth opportunity with an award-winning, cutting-edge company, this could be the job for you.

For its PaaS solution, https://platform.sh is looking for a Security & Compliance Engineer with a taste for Python and Go, great Linux system understanding, outstanding written English skills, experience working on PCI and/or SOC compliance, and a real hunger for the challenges of building compliant distributed systems.

This position is unique and well suited for engineers wanting to transition into a heavy security and compliance role. We are targeting developers/sysadmins that like writing documentation. Initially, this high-visibility position will be non-coding while we overcome a bubble of compliance activities. In the future this role may convert over to a SecOps engineering position depending upon the desire of the candidate.

Security, privacy and compliance controls are at the heart of what we do as our mission is to simplify the cloud. The job is to transform what is often regarded as red-tape and constraints to a well-oiled machine where everything is automated, where every constraint becomes a feature making the product better.

The ideal candidate will work USA-friendly hours (and ideally resides in the Americas).

About Platform.sh

Platform.sh is an idea-to-cloud application platform that simplifies cloud infrastructures.

We give developers the tools they need to experiment, innovate, get rapid feedback and deliver better-quality features with speed and confidence thanks to our unique rapid cloning technology.

Platform.sh serves thousands of customers worldwide including The Financial Times, Gap, Magento Commerce, Orange, Hachette, Ikea, Stanford University, Harvard University, The British Council, and Lufthansa.

We want people who are passionate, open, multicultural, friendly, humble and smart to join us and help this fast-growing, award-winning company to revolutionize the tech industry.

Responsibilities

Directly reporting to our Security, Compliance and Data Protection Officer (VP), and in close interaction with our Chief Product Officer, CTO, VP of Infrastructure, and our Engineering and Customer Support teams, you will be responsible for: - acting as a technical liaison between our compliance department and our product, engineering, and operations staff - creating documentation and processes in English to help satisfy compliance requirements - evaluating, deploying, and possibly creating, systems and tools that will enhance our support and operations efficiency - supporting our data protection officer and compliance team with information requests, pen testing, disaster recovery, and related activities - executing our security incident management process - working with appropriate teams to deploy and operate security tools and solutions - ensuring all systems, security applications, and services in environment are securely configured and managed through operating system appropriate security platforms and tools - ensuring optimal operation of all security solutions and tools - automating all the above, so we can instead drink margaritas (or non-alcoholic beverages, of course)

Requirements

The ideal candidate must have: - works USA-friendly hours - has excellent written English skills (as in, you could have been a tech writer or commercial author in another life) - has proven experience with Linux (preferably Debian-based) - knows markdown - has experience implementing PCI, SOC, or related - can operate largely independently (go take that hill) with management support - has proven successful experience in an operations role - has had good exposure to cloud services (AWS in particular) - understands how an OS works, knows networking, how git works, and the constraints of a distributed system - is proficient in Python - has an understanding of .. Patch and Vulnerability Management process .. Principle of Least Privilege .. Incident response .. Identity and Access Management .. IPTABLES .. WAFs Nice to have : - resides in the Americas - has experience with containerization technologies (LXC/LXD, Docker) - has experience with vendor management - has experience with Puppet - has demonstrated the ability to successfully manage cloud-based infrastructure for a fast growing organization - knowledge of Magento Ecommerce, Symfony, Drupal, eZ Platform, or Typo3 - has experience with Golang - relational database skills - public speaking experience - ability to speak French or German a plus - ability to kick ass in Chess or beat Zork without using a map CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, or CASP Certification or similar will get you moved to the top of the queue - CIPM/E, CIPP/E, CIPM/E certification or similar will get you moved to the top of the queue - can bravely take on new challenges like a Gryffindor, analyzes problems like Ravenclaw, protects our infrastructure and client data like a Slytherin, and talks with clients like a Hufflepuff.

See more jobs at Platform.sh

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Cloud Technology Partners

Cloud Security Architect


Cloud Technology Partners


infosec

architecture

cloud

infosec

architecture

cloud

24d

Apply


Cloud Technology Partners is growing! We are expanding our team and actively recruiting for our growing Security practice area. Here are a few reasons why to consider CTP for your next career move:


* You want to be on the leading edge of a monumental change in IT

* You enjoy venturing into new territory and think of yourself as a “builder”

* You appreciate the balance of a dynamic and entrepreneurial culture led by an experienced management team

* You want to contribute to the success of a growing company

* You are committed to the success of clients and your colleagues




We are the cloud application and infrastructure experts behind some of the world’s most advanced cloud computing initiatives. We’re not just learning a new way of doing things – we’re defining the best way to do them. We are innovative, disciplined, passionate and creative individuals who stay ahead of the technology curve and love what we do. We are building a great company by doing work that matters delivering best practices, solutions, and methodologies to accelerate our clients’ cloud transformations.

Although we are headquartered in Boston, our clients are located across the US. We are open to candidates interested in either full-time employment or contractor status. We are flexible on location – you may work remotely from any US location, as long as you are able to travel to client locations at least 50%.

As a Security Architect, you will:


* Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients;

* Identify and document information security risks and propose mitigating controls;

* Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security requirements;

* Research, design, and develop new information security controls for clients;

* Assess current IT environments and make recommendations to increase security;

* Assist clients in troubleshooting and resolving information security issues;

* Author project and support documentation and diagrams; and

* Implement security solutions.




Desired Skills and Experience


* Bachelor's Degree in Computer Science, other technical fields

* 7+ years of hands-on experience with − Identity and Access Management solutions (Ping, Okta, OneLogin)



* Roles Based Access Control (RBAC)

* Identity Federation (OAuth, SAML 2.0, WS-FED)

* Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store)

* Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and

* Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)



* Experience with security architecture frameworks in cloud-based environments (e.g., AWS, OpenStack, VMware, etc) is strongly preferred.

* Knowledge of Cloud Security Alliance (CSA) best practices and guidelines.

* Experience as a hands-on technical practitioner/specialist in a client facing role in mid-size or large enterprises and demonstrated client facing consulting skills, including building strong client relationships

* Ability to design and implement reliable, scalable, high performing web-based solutions that meet the service levels associated with mission-critical Identity and Access Management based solutions.

* Security certifications desired, such as CISSP, CISM or CISA; ability to earn certifications required

* Understanding of identity and IAM processes, technologies, standards and industry best practices

* Proven ability to thrive and succeed in a dynamic, fast growing, startup environment

* Superior written and verbal communication skills as well as strong consultative selling, presentation and negotiation skills

* Ability to thrive in ambiguous/pressure situations.

* Team player

* Must have the ability to travel and work onsite at client locations (typically 50%)

* A sense of humor a requirement!




We offer competitive compensation (base, bonus, and equity) and a comprehensive benefits program that includes medical, dental, life, disability, 401(k) and a competitive paid time off program.

See more jobs at Cloud Technology Partners

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Olo

Senior Security Engineer Blue Team


Olo


infosec

senior

engineer

infosec

senior

engineer

24d

Apply


At Olo we develop an online food ordering platform used by many of the country’s largest restaurant chains, reaching millions of consumers. Chances are if you’ve ordered directly from a restaurant brand’s app or website, we’ve made that happen. Mobile ordering and payments is an exciting and active industry full of interesting players and yet still a relatively untapped market ripe for disruption. We’re quite up-front about the technical challenges our business faces. Running a platform with multiple white-labeled front-ends, that maintains real-time connections into thousands of restaurants’ POS systems, and coordinates complex transactions between these and other third parties (such as payment gateways and gift card providers) is not for the faint of heart!

We take great pride in the reliability, security, and performance of our systems and services. We are looking for a talented security engineer with experience in a Blue Team role to help us fortify our defenses and protect the systems that enable hungry people to order their food quickly and securely.

In the role of Senior Security Engineer, you will design and implement the security defenses that enable our systems to keep running while protecting the data of our clients and their customers. Specific responsibilities include:


* Monitoring and defending attacks using security technologies that include advanced anti-malware solutions, network forensics, and detection solutions

* Participating in Security Incident response investigations

* Supporting AV and Endpoint technology and supporting deployments

* Responding to alerts, events, and incidents per our specified procedures and policies

* Resolving or escalating events and incidents

* Interacting with IT operational teams to advise on, coordinate, and track mitigation and remediation activities

* Conducting Blue Team exercises and Computer Network Defense drills that enable us to evaluate and improve processes related to threat detection, incident response, patching, remediation, and user training

* Maintaining centralized patch and vulnerability management solutions to ensure endpoints are compliant with security guidelines

* Performing endpoint management to provide patching and task automation of servers and desktops to maintain a secure and compliant environment.

* Performing daily operational work that includes security monitoring, addressing security tickets, security data/logs, and Forensic analysis, host configuration audits, firewall rule reviews, and other security tasks.




This is a full-time position reporting into our Operations Team. Any engineer may work at Olo’s headquarters in New York City’s Financial District or remotely from anywhere in the U.S. In fact, more than half of our engineering team is remote!

Desired Experience


* Previous Blue Team experience

* Proven experience developing and leading remediation/ mitigation activities, and providing status updates and reports.  Emphasis on remediation plans and strategies.

* Experience with Windows Desktop, Windows Server and Linux operating systems and system administration – specifically with regard to patching and compliance

* Experience with networking hardware (routers, switches, firewalls) and configuration – specifically with regard to patching and compliance

* Understanding of networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT

* Technical knowledge of information technology and cyber security standards and issues

* Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)

* Past experience deploying and maintaining security technologies such as Symantec DLP, Palo Alto, Check Point, Carbon Black, CrowdStrike, Alert Logic, Sophos

* Security experience in an AWS operational environment

* CISSP certification

* Strong English writing and verbal communication skills

* Legal right to work in the U.S.





About Olo

Olo is the on-demand interface for the restaurant industry, powering digital ordering and delivery for over 200 restaurant brands. Olo’s enterprise-grade software powers every stage of the digital restaurant transaction, from fully-branded user interfaces to the back-of-house order management features that keep the kitchen running smoothly. Orders from Olo are injected seamlessly into existing restaurant systems to help brands capture demand from on-demand channels such as branded website and apps, third-party marketplaces, social media channels, and personal assistant devices like the Amazon Echo. Olo is a pioneer in the industry, beginning with text message ordering on mobile feature phones in 2005. Today, millions of consumers use Olo to order ahead (SKIP THE LINE®) or get meals delivered from the restaurants they love. Customers include Applebee’s, Chili’s, Chipotle, Denny’s, Five Guys Burgers & Fries, Jamba Juice, Noodles & Company, Red Robin, Shake Shack, sweetgreen, Wingstop, and more.

Olo is located at 26 Broadway in the historic Standard Oil Building, the former home of John D. Rockefeller.  We offer great benefits, such as 20 days of Paid Time Off, fully paid health, dental and vision care premiums, stock options, a generous parental leave plan, and perks like FitBits, rotating craft beers on tap in our kitchen, and food events featuring our clients' menu items (now you know why we give out FitBits!). Check out our culture map: https://www.olo.com/images/culture.jpg.

We encourage you to apply!

At Olo, we know a diverse and inclusive team not only makes our products better, but our workplace better. Many groups are consistently underrepresented across the tech sector and we are fully committed in doing our part to move the needle.

Olo is an equal opportunity employer and diversity is highly valued at our company. All applicants receive consideration for employment. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, pregnancy, age, marital status, veteran status, or disability status.

If you like what you read, hear, and/or know about Olo, and want to be a part of our team, please do not hesitate to apply! We are excited to hear from you!

See more jobs at Olo

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

Last 30 days

Doximity is transforming the healthcare industry. Our mission is to help doctors save time so they can provide better care for patients.

We value diversity โ€” in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds to help build the future of healthcare.

This position is for an experienced DevOps engineer to own Security efforts for our entire application stack and join our 8 person DevOps team. Weโ€™re looking for someone with a strong track record in building infrastructure, maintaining high level of uptime and optimal security. You will be supporting and building products alongside our 50+ person engineering team used by hundreds of thousands of people.

**How youโ€™ll make an impact:**

* Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
* Write penetration tests for applications and services.
* Periodically audit and rotate access credentials.
* Document current and future security procedures and policies in the wiki.
* Lead security/policy related audits such as SOC2 Type II (annual renewal).
* Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.
* Remediate and write post-mortem reports on security-related issues.
* Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.
* Work on automating tasks using Jenkins.
* Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.
* Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.
* Write Chef cookbooks (using "Berkshelf Way") to automate configuration management.
* Participate in a 1-week on 7-week off, 24/7 on-call rotation.
* Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.
* Troubleshoot issues across the whole stack: hardware, software, and network.

**What weโ€™re looking for:**

* Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.
* Minimum of 5 years of relevant web application security experience
* Extensive AWS experience
* Experience writing application security penetration tests with an open source framework.
* Automation experience with configuration management tools such as Chef, Ansible, or Puppet.
* Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus)
* Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.
* Experience automating application deployments with Capistrano or Jenkins.
* Ability to work in a proactive manner and manage your own queue.
* Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.

**About Doximity**

Weโ€™re thrilled to be named the Fastest Growing Company in the Bay Area, and one of Fast Companyโ€™s Most Innovative Companies. Joining Doximity means being part of an incredibly talented and humble team. We work on amazing products that over 70% of US doctors (and over one million healthcare professionals) use to make their busy lives a little easier. Weโ€™re driven by the goal of improving inefficiencies in our $2.5 trillion U.S. healthcare system and love creating technology that has a real, meaningful impact on peopleโ€™s lives. To learn more about our team, culture, and users, check out our careers page, company blog, and engineering blog. Weโ€™re growing fast, and thereโ€™s plenty of opportunity for you to make an impactโ€”join us!

*Doximity is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.*

Requirements

Use apply button

See more jobs at Doximity

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Teramind

verified

Product Marketing Manager


Teramind


product marketing

marketing manager

saas

startup

product marketing

marketing manager

saas

startup

2mo

Apply

Teramind is looking for a world class product marketing manager to take on the challenge of revamping its collateral, web site and marketing campaign strategy. If you like working in a highly distributed, fast paced and fun environment with super smart people, and have prior experience in security SaaS offerings, you are a perfect fit!

See more jobs at Teramind

Visit Teramind's website

How do you apply?

Send a link to your LinkedIn profile to hiring@teramind.co and quote "Product Marketing Manager"
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Center for Internet Security

Senior Application Developer


Center for Internet Security


dev

senior

infosec

digital nomad

dev

senior

infosec

digital nomad

2mo

Apply


The Senior Application Developer is assigned to the Security Best Practices team at the Center for Internet Security. Reporting to the Benchmarks Team Manager, the Sr. Application Developer will partner with other cybersecurity team members to promote the CIS mission and help support our growth. As an integral member of the Benchmarks Team, you will be responsible for the creation of machine readable content from our Benchmark recommendations document. This senior role requires a strong computer science background with an emphasis in Ruby with a DevOps mindset.

Tasks and Responsibilities


* Develop and maintain new and existing software applications and scripts.

* Maintain existing code and debug when necessary.

* Create and maintain documentation of all applications.

* Maintain code in an appropriate repository.

* Lead Software Quality Assurance (SQA) efforts through the use of unit testing and integration testing and scheduled roll out of new/updated applications.

* Other tasks and responsibilities as assigned.




Qualifications and Experience


* Bachelor’s Degree from an accredited college in Computer Science or related field. *

* 5+ years of relevant work experience.

* Excellent working knowledge of Ruby development and scripting.

* Thorough documentation skills for both code and end user.

* Proficiency in HTML.

* Must be authorized to work in the United States.




*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

Preferred:


* Experience in agile development.

* Strong understanding of PHP or modern JavaScript client frameworks.

* Experience within the security automation domain, including expertise in Security Content
Automation Protocol (SCAP)-related schemas, such as Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Configuration Enumeration (CCE) and Common Platform Enumeration (CPE).

* Experience with XML.




Core Competencies:


* Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach.

* Accountable for successful completion of multiple, individual projects simultaneously.

* Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.

* Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.

* Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.




The CIS Offer


* A culture that is engaging, fun and energetic

* An organization that supports Work/Life balance

* Competitive compensation

* Comprehensive benefits package including medical, dental, vision and life insurance

* 401K plan with company match

* Bonding and military leave

* Paid time off upon date of hire

* Tuition and certification reimbursement

* Relocation Assistance

* On-site wellness programs

* Community involvement opportunities

* An environment that promotes growth and professional development including our award-winning training opportunities


See more jobs at Center for Internet Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

This year

Blockstack is a new internet for decentralized apps. With Blockstack, you own your data and maintain your privacy, security and freedom. Blockstack is open source project and a public benefit corporation. [Learn more](https://blockstack.org).

Blockstack is looking for a passionate and collaborative DevOps Engineer to help develop rigorous testing suites to guarantee the safety of a soon-to-be launched cryptocurrency and blockchain. This person will work on implementing securely tested solutions, and interface with our dev team and back end engineers on product builds and feature implementation. This role will span testing and security, software development and upgrades, improvements to our Developer API, and community support.

Our engineering team builds software using JavaScript/ES6, React, Redux, Swift, and Objective-C on the frontend and Python, bash, and Bitcoin Core on the backend.

Things You'll Work On:
- Manage distribution of Blockstack software upgrades for developers and everyday users
- Keep our users happy by managing Blockstack browser availability, scalability, and performance
- Build tools for faster deployment schedules
- Instate monitoring protocols and fail-over measures
- Implement continuous testing practices to ensure the security and performance goals of Blockstack are met across backend services, blockchain infrastructure, and our frontend user clients
- Deliver on rapid implementation schedules (without compromising on smart development goals and principles) to build web functionality that is functional, fast, and scalable

Qualifications
You are have worked in a large, highly available systems environment before, as well as an agile start-up. You are familiar with strategizing and improving for system security and availability. Your strengths lie in backend development, but can work across the full-stack when needed.

KPIs
- Increased uptime of Blockstack software
- Delivery of long term, securely tested software
- Work to improve our failure processes, alerting, and emergency response times
- Support our community developers to increase number and usability of Blockstack Apps

Skills
- Experience developing with python and bash
- Comfort across operating systems, with a strong Linux background
- Experience across the CI/CD pipeline, with an understanding of best practices for automated testing and deployment
- Ability to build and maintain highly available infrastructure
- Competency in monitoring and quick response time in the event of an emergency
- Security background with strength in automated testing and infrastructure
- Experience deploying Bitcoin infrastructure with bitcoin core or utxo providers

Qualities + Traits
- Passion for building the new internet for decentralized apps
- Strong problem solving skills, ability to think fast and thoroughly
- Development mindset with strong security background
- Experience in a rapidly scaling start-up
- Proactive solution provider
- Excellent communication

See more jobs at Blockstack

Visit Blockstack's website

How do you apply?

Please send cover letter, resume, and Github or personal website. We look forward to hearing from you!
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

Doximity is transforming the healthcare industry. Our mission is to help doctors save time so they can provide better care for patients.

We value diversity โ€” in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds to help build the future of healthcare.

This position is for an experienced DevOps engineer to own Security efforts for our entire application stack and join our 8 person DevOps team. Weโ€™re looking for someone with a strong track record in building infrastructure, maintaining high level of uptime and optimal security. You will be supporting and building products alongside our 50+ person engineering team used by hundreds of thousands of people.

How youโ€™ll make an impact:

-Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
-Write penetration tests for applications and services.
-Periodically audit and rotate access credentials.
-Document current and future security procedures and policies in the wiki.
-Lead security/policy related audits such as SOC2 Type II (annual renewal).
-Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.
-Remediate and write post-mortem reports on security-related issues.
-Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.
-Work on automating tasks using Jenkins.
-Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.
-Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.
-Write Chef cookbooks (using "Berkshelf Way") to automate configuration management.
-Participate in a 1-week on 7-week off, 24/7 on-call rotation.
-Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.
-Troubleshoot issues across the whole stack: hardware, software, and network.

What weโ€™re looking for:

-Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.
-Minimum of 5 years of relevant web application security experience
-Extensive AWS experience
-Experience writing application security penetration tests with an open source framework.
-Automation experience with configuration management tools such as Chef, Ansible, or Puppet.
-Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus)
-Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.
-Experience automating application deployments with Capistrano or Jenkins.
-Ability to work in a proactive manner and manage your own queue.
-Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.

About Doximity

Weโ€™re thrilled to be named the Fastest Growing Company in the Bay Area, and one of Fast Companyโ€™s Most Innovative Companies. Joining Doximity means being part of an incredibly talented and humble team. We work on amazing products that over 70% of US doctors (and over one million healthcare professionals) use to make their busy lives a little easier. Weโ€™re driven by the goal of improving inefficiencies in our $2.5 trillion U.S. healthcare system and love creating technology that has a real, meaningful impact on peopleโ€™s lives. To learn more about our team, culture, and users, check out our careers page, company blog, and engineering blog. Weโ€™re growing fast, and thereโ€™s plenty of opportunity for you to make an impactโ€”join us!

Doximity is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

See more jobs at Doximity

Visit Doximity's website

How do you apply?

Use Apply Button
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

The Senior Product Manager will work (remotely or on-site) with our team, leading the future development of our game-changing internet security product and has the responsibility of the business direction, technical advisory and distribution of our distributed blockchain based VPN in addition to general product management and technical partnerships.

We work in a simple and structured way so the work will be fluid and fast paced. In addition, we are building a distributed platform that is in large parts managed by our customers, so we will be working very closely with their business and technical teams. This role will, in conjunction with the design and engineering teams, define business priorities, architecture, and manage fast cycle releases across the system and its related components. Besides the technical part, the Senior Product Manager will work very closely with engineering and business operations on resource utilization/allocation and throughput, and organizational timelines to launch products and grow them over time.

Responsibilities & Requirements

- Working with clients and team members to deeply understand the business situations of the rapidly changing internet security and blockchain industry
- Advise, plan and design an elegant solution of a token based payment & trust model, in cooperation with our R&D team to develop a decentralized approach of a VPN infrastructure
- Design, launch and oversee ongoing enhancements of a system that can gracefully scale by size and be easily supported by numerous products and form the foundation of, yet to be identified', derivative products
- Work smoothly in multi functioning teams with fast release cycles, balanced with a distributed system that will be deployed and operated - partly - by our clients
- Understand and incorporate supportability, cost and ease of use concepts into solution designs from our current alpha version on through a mature platform
- Help structure and administer a community of clients who are installing, running and modifying their own nodes into a distributed system

In order to be successful, this person must thoroughly understand:

- Advancements in technology supporting transacting, translating, processing large volumes of data at high speeds, strategies for scaling and 'future-proofing' a rapidly growing company
- How to speak with clients and develop the perception as an industry expert and key partner in helping clients navigate through a dynamic marketplace
- Design and operation of distributed peer-to-peer systems, encryption and Blockchain technologies.
- Software strategy, design, development and management at scale and in a structured and an organized way
- What it takes to build and operate 'bleeding edge' products at varying stages of their lifecycle, with resource tradeoffs from prototypes, v1s thru to scaled production systems
- How to collaborate and provide consistent, value-added leadership to your team and the company as a whole
- Be able to work remotely with an engineering team based in South-East Asia and across multiple hub locations and timezones
- Be able to wear many hats and shift to the work that needs doing as it needs doing

This position will require frequent and meaningful interaction with clients and prospects. This position also requires being comfortable with uncertainty and balancing the needs of many large clients with speed of creation and innovation. The ability to effectively work within a startup organization but also across very large complex client companies such that senior exec clients and partners look to you for guidance and advice.

See more jobs at Hide.me VPN

Visit Hide.me VPN's website

How do you apply?

Send us your resume via email to mail@eventure.my
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

We are looking for a part time security expert to review web and mobile applications.

Responsibilities:

Perform penetration tests and security reviews for core applications and APIs

Hunt for security flaws in web and mobile software

Develop custom software to test, monitor and enforce security across our applications

Research security vulnerability disclosures and design and propose appropriate mitigations

Requirements:

A great candidate will have many of the following:

Experience with threat modeling and web application security assessments

Experience applying security engineering practices

Experience with a variety of security testing methodologies, including fuzzing and source code analysis

Experience with secure networking best practices

Knowledge of web application vulnerabilities and attack methods including CSRF, XSS, SQL Injection etc.

Experience with high throughput real-time systems and/or content delivery networks preferred

Development experience using Python, Go, Ruby or C/C++ a huge plus

Extra tags: infosec, analyst

See more jobs at Testlauncher

Visit Testlauncher's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

The Cyber Security Engineer is a member of an enterprise-level team of security and compliance experts. This person is responsible for protection of the corporate infrastructure from infiltration or exfiltration as a part of the Security Operations Center (SOC). This individual is also expected to participate in many facets of corporate security and thus must have a well-rounded, hands-on background.

Viewpost encourages both independence and collaboration in an environment that fosters a fun yet serious atmosphere. Team members are expected to diligently maintain existing protocols while simultaneously challenge the status quo in an effort to continually improve and enhance the security measures at Viewpost.


The candidate must have demonstrable experience in at least 2 of the following:


* Palo Alto Networks firewall administration. Candidate must be able to troubleshoot service issues in support of Enterprise initiatives and have a strong understanding of networking concepts. Experience with Panorama is a plus

* Websense proxy administration to include O&M of Triton and appliances. Candidate must have experience with configuration and troubleshooting of DLP, exceptions, incidents, SSL decryption, and content filtering

* McAfee ePO administration, to include O&M of McAfee security features such as anti-virus, whole disk encryption, HIPS, and VSE. The Candidate will be expected to keep devices up to date with latest signatures, troubleshoot issues, and report end point compliance

* Splunk administration to include data ingestion, custom alerts, agent configuration and deployment, management of indexers and heavy forwarders, development of complex queries and dashboards, and troubleshooting of Splunk service issues. This role will require Linux experience

* Incident Response to including incident identification, investigation, response, recovery and data connectivity.



Other responsibilities include:

* Perform daily checks of all services to ensure functionality

* Interface with our internal customers to assist with their service requests

* This position may work in shifts to support a 24x7 security operations center

* This position participates in an on call rotation (approximately 1 week on call every 2 months)

* This employee shall maintain or assist in the maintenance of the confidentiality, integrity, and availability of all data in physical and/or electronic format



Qualifications:

* Bachelorโ€™s Degree in one of the STEM areas (Science, Technology, Engineering, Math)

* 6 years of experience with at least 3 years of Systems Administrator experience and two years in a role with a security focus

* Ability to automate tasks to minimize manual work
Ability to read and understand IP network designs and security fundamentals, including firewall ACLโ€™s, router configurations, and system alerts

* The candidate should have an understanding of security policies and security best practices driven by federal regulations

* Must be able to work with geographically dispersed peers and internal customers

* Experience with IT ticketing systems and IT customer support



Preferred Skills:

* Cross platform experience with Windows, Linux, MAC OS and UNIX Platforms

* Experience working in a security operations center or network operations center which operates 24/7/365

* Industry recognized professional certification (e.g., Cisco, Microsoft, SANS, CEH, Security+, CASP, CISSP Associate)

* Knowledge of security control initiatives such as ISO, SSAE 16, PCI, ITIL, and COBIT a plus

* Experience with SIEM, vulnerability scanners, IDS/IPS, forensics tools

* Experience with IDS/IPS and Snort rule creation
VPN administration experience



Accomplishments of the Security and Compliance team at Viewpost:

IDGโ€™s 2015 CSO50 Award for top50 innovative security initiatives across the US

ISO 27001 Certified by Brightline

TRUSTe certification

AICPA certification




Viewpost is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Viewpost via-email, the Internet or in any form and/or method without a valid written Statement of Work in place for this position from Viewpost HR/Recruitment will be deemed the sole property of Viewpost. No fee will be paid in the event the candidate is hired by Viewpost as a result of the referral or through other means.




Viewpost is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived, race, religion, color, sex (including pregnancy and gender identity), sexual orientation, parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, any other non-merit based factoror any other characteristic protected by applicable federal, state or local laws. Our leadership team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment. If youโ€™d like more information about your EEO rights as an applicant under the law, please click here http://www1.eeoc.gov/employers/poster.cfm

Extra tags: cyber, security, information

See more jobs at Viewpost

Visit Viewpost's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

When it comes to modern day software development, you will have your finger on the pulse of the entire pipeline. You will need to be comfortable interfacing with various software components and always considering how best to deliver in a rapidly iterative fashion with a strong focus on service availability, scalability and resilience.

DevOps is as much about communication and business relationships as it is about any of the software or tools you will use.

About Us
New Context is a rapidly growing consulting company in the heart of downtown San Francisco. We specialize in Lean Security; an approach that leads organizations to build better software thru hands-on technical and management consulting. We are a group of engineers who live and breath Agile Infrastructure, Systems Automation, Cloud Orchestration, and Information Security.
The New Context team personifies the DevOps spirit. We love a challenge and look forward to working with clients to solve their own challenges. Our teams operate with complete stack awareness of infrastructure, application and security.
Our driving methodologies are Lean Security and Humane Systems. In adopting a security first approach to infrastructure focused on people, processes and technologies, our team will have an integral part in driving the direction of these exciting new approaches.


Duties & Responsibilities

As a New Context DevOps Engineer you will be expected to provide technical leadership with a hands-on approach. On a daily basis you will be interfacing with our clients and other New Context staff members while working from the New Context office, at client sites or from your home. Expect to heavily leverage open source software to tackle challenges like delivery of highly secured containers to IoT devices or building Big Data ecosystems at petabyte scale and beyond.
The team works well together, but also understands that sometimes they go rogue to motivate the group into being effective. Your most important daily responsibilities: have fun, lead by example and solve exciting challenges.

Qualifications
Seasoned Technical Veteran
We are looking for a team member with 5+ years of experience in a similar role that can demonstrate they have already learned how to excel in this role.
Experience with highly available and high-performance open source web technologies
Existing familiarity (or the eagerness to learn) Ruby and/or Python is helpful, given they are the common languages of systems automation.
Strong communication skills
You must be ready to communicate current status in an effective and professional manner.
Independent worker
Work may often require direct interaction with clients or team members without direct supervision. You must be able to think on your feet, communicate constantly and professionally, and above all else meet the expectations of our clients.
Calm and professional demeanor
This is critical! You will be faced with frustrated clients, team members and situations. You must be able to handle yourself in a professional manner and find the best course of action to take in order to please the client as much as is possible.

Technologies you will interact with regularly
Methodologies
Agile, Lean, DevOps, TDD, paired programming
Operating Systems
Linux, OS X
Automation
Chef, Puppet, Docker, Ansible, Salt, CFengine, Automated Testing
Containerization Ecosystem
Docker, Mesosphere, Rancher, CoreOS, Kubernetes
Cloud & Virtualization
AWS, Google Compute Engine, OpenStack, Cloudstack, kvm, libvirt
Tools
Jenkins, RunDeck, Atlassian Suite, Pivotal Tracker, Vagrant, Maven, Git
Monitoring
SysDig, Data Dog, AppDynamics, New Relic, Nagios, Zabbix
Databases/Datastores
Cassandra, Hadoop, Redis, Riak, postgresql, MySQL
Security
Compliance standards, firewalls, scanners, OSSEC, AIDE
Languages
Ruby, Python, Java, Javascript

Extra tags: devops, chef, jenkins, docker, cassandra , puppet, hadoop, lean security,

See more jobs at New Context

Visit New Context's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

Netsparker is seeking a US Sales and Customer Relations Representative to work remotely. You will be contacting potential and existing customers from all around world, so strong interpersonal communication, marketing and negotiating skills should be your forte. You should also be able to plan and organize your own work, and document all type of prospect and customer feedback. The ideal candidate should have good written and verbal communication skills (English) and is self-motivated and goal-oriented.

Extra tags: software sales, security software, web application security, scanner

See more jobs at Netsparker

Visit Netsparker's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

Are you dreaming to work with an uber motivated team? For a Swiss startup who innovates healthcare? If the answer is YES, then please read furtherโ€ฆ We are a small professional team consisting of business analysts/project managers and sales/marketing experts with a proven background in healthcare and lifesciences.
Our goal is to develop user-centered mobile solutions which integrate into existing medical workflows.

For our first application we need a Senior Backend Developer with:
- 5+ years background of building Java RESTful services.
- Perfect English skills (speaking and writing). The application will be audited at the end so we need excellent documentation.
- Writing test cases is a must.
- Ability to work independently with frontend developer (iOS).
- Experienced in eHealth standards HL7 and DICOM is a plus.

Comments

This request is for our MVP.
- Chances are that we will extend the project after a successful MVP.
- Perfect English required!
- Please provide a link to your portfolio which includes your Java backend projects.
- We will use JIRA and Confluence and work in an agile way (Scrum).

Extra tags: git, Java, SQL, Scrum, Git, Java, Scrum, SQL, Jira, Confluence, Maven, Spring, Spring Web MVC, Spring Security, Tomcat, Spring LDAP, REST

See more jobs at Transformify

Visit Transformify's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

#ABOUT US
We're a London based startup that is building an economy around people's data and attention. In short, weโ€™re creating a digital marketplace where consumers can dynamically license their personal data and attention to brands in return for a payment.

Our tech stack currently includes: Node (Heroku), ReactJS and AngularJS (Firebase), Express, Mongoose, SuperTest, MongoDB (MongoLab), npm (npmjs). Our distributed development team covers the development of the responsive web, mobile and browser extension products.

We've recently completed the functional MVP and will be pushing on towards our closed-beta launch at the end of January.

#ABOUT YOU
We're looking for a freelance dev-ops person who has significant experience configuring, managing, and monitoring servers and backend services at scale to support our core development team.


#COME HELP US WITH PROJECTS LIKE...
- Review our platform architecture requirements and deploy a well documented, secure and scalable cloud based solution
- Tighten up security of our servers
- Setup autoscaling of our workers
- Make our deployments faster and safer
- Scale our MongoDB clusters to support our growing data sizes
- Improve API performance
- Automate more processes
- Make sure our backup and recovery procedures are well tested
- Implement a centralized logging system
- Instrument our application with more metrics and create dashboards
- Remove single points of failure in our architecture


#YOU SHOULD...
- Have real world experience building scalable systems, working with large data sets, and troubleshooting various back-end challenges under pressure
- Experience configuring monitoring, logging, and other tools to provide visibility and actionable alerts
- Understand the full web stack, networking, and low level Unix computing
- Always be thinking of ways improve reliability, performance, and scalability of an infrastructure
- Be self-motivated and comfortable with responsibility


#WHY WORK WITH US?

Work remotely from anywhere in the world, or from our HQ in London, UK. Just be willing to do a bit of traveling every quarter for some face-to-face time with the whole team.
Be involved in an early-stage, fast growth startup that has already received national press coverage


Extra tags: Devops, AppSec, NodeJS, Cloud, Mongodb, API, Sys Admin, Engineer, Backend, Freelance, Consultant, security, big data, startup

See more jobs at C8

Visit C8's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

A product development company requires Technical Writer to work for its on going diverse projects. The job is remote based and you can work from home or anywhere.

The work involves -

Preparing user manuals and help files
Reviewing RFPs and creating project design
Preparing project reviews and reports

Desired Skills

Ability to work independently with keen attention to detail
Excellent organising and communication skills
Well versed with MS Visio, Robohelp, MS word and Camtasia

Extra tags: technical writing, remote, infosec, tech

See more jobs at Teleassistants

Visit Teleassistants's website

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.

At **Nuix**, our philosophy is to hire the best from around the world and support them in doing what they do best. We are seeking a highly experienced **Principal Application Security Consultant** to join the Cyber Threat Analysis Team (CTAT). The CTAT is the professional consulting services arm that offers Digital Forensics and Incident Response, Attack Preparedness, Penetration Testing, Attack Simulation Exercises, Malware Reverse Engineering, and Intelligence Acquisition to Nuix clients and customers.

Externally, the chosen candidate will be responsible for supporting Nuix customers by performing application penetration testing for web, desktop, and mobile applications, conducting source code reviews, staying abreast of the application security threat landscape, and providing guidance and training on application security issues.

Internally, the chosen candidate will be responsible for defining, building, and growing the CTATโ€™s application security capabilities and identifying intelligence that can be integrated into the Nuix software platform.

This full time permanent remote position will report to the Director of Penetration Testing.

Work from home and come help build a unique security practice the way you want to see application penetration testing done. Nuix offers full benefits, including health insurance, retirement, dental, and vision. Engage with clients and management directly as a respected contributor in a small but growing team where you are empowered to make the change you want to see. Nuix has a great working environment with a team of experts in their fields. Come work with a fast-growing global software company with competitive compensation and an opportunity for variable pay (bonus).

Full description available here: http://www.nuix.com/security-consultant

Extra tags: application, security, penetration testing, mobile, web app, source code, secure sdlc

See more jobs at Nuix

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Retail Zipline

Security Engineer For Rails Enterprise Saas


Retail Zipline


infosec

saas

ruby

engineer

infosec

saas

ruby

engineer

2mo

Apply


Retailers use archaic, old systems that don't work (think fax machines and voicemails). We're replacing the core operational processes with a modern platform that our customers love. Help us transform a $4.4 trillion industry and improve the way millions of people work. Major retailers like Gap, Nike, LEGO, and Old Navy are already using Zipline every day, but there is so much more to do!

We are looking for our first dedicated Cloud Security Engineer to join our team as the surface area of our product and infrastructure continue to scale and keep up with rapid customer growth.

“I think I just shed a tear. This is great!” – One of our Fortune 100 customers

Here are some projects we're excited for you to work on: 
- Security strategies such as static analysis, alerting, logging, and monitoring 
- Interface with the rest of engineering and product teams by building common libraries and processes for all of engineering to leverage 
- Scoping and managing third party assessment and compliance vendors 
- Security-oriented feature development 
- Collaboration with infrastructure team on security-oriented infrastructure topics 
- Evangelize security best practices for product and engineering teams

What we look for: 
- You have significant relevant production experience with large scale web applications 
- You have great written and verbal communication skills. 
- You prefer taking projects from inception to completion, and are outcome oriented. 
- You have 3+ years experience in web application security 
- You have a strong understanding of security architecture, risk analysis, network security, identity management, and security monitoring. 
- You proactive with communication and have no problem managing your time as a remote employee. 
- You are proud of your craft, and enjoy and value clean code that scales to keep large teams productive.

Bonus points: 
- CISSP certified 
- Scaled security for another cloud startup 
- Experience with retailers

See more jobs at Retail Zipline

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Center for Internet Security

Software Engineer


Center for Internet Security


dev

engineer

infosec

digital nomad

dev

engineer

infosec

digital nomad

3mo

Apply


About the Job

The Software Engineer is assigned to the Security Best Practices Division at the Center for Internet Security. Reporting to the Development Team Leader – CIS-CAT, the Software Engineer will partner with other cybersecurity team members to promote the CIS mission and help support our growth. The primary purpose of this position is development, maintenance, and coordination of the ongoing release (monthly, and as-needed) of our security configuration assessment software offerings (CIS-CAT Pro).

Here’s a Snapshot of your Tasks and Responsibilities


* Contribute to the development of new software applications and to the maintenance of existing applications.

* Create and maintain documentation of application features, user guide updates and source code.

* Ensure software quality assurance throughout the software development lifecycle, through the use of unit testing and integration testing.

* Application support activities, such as working with operations staff on member support requests and new member orientation presentations.

* Collaborate with other SCA team members as needed.

* Other tasks and responsibilities as assigned.




What are we looking for in you?

Required Qualifications:


* Bachelor’s degree in Computer Science or Information Technology at an accredited college or equivalent work experience.

* 3+ years’ experience developing data-driven Java (or other JVM language) applications, including web-based and standalone desktop/command-line applications.

* Proficiency in Java and Groovy, or JVM-based programming languages.
Experience parsing and processing large XML data sets.

* Must be authorized to work in the United States.




*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

Preferred Qualifications:


* 5+ years’ experience developing data-driven Java (or other JVM language) applications, including web-based and standalone desktop/command-line applications.

* Demonstrated experience using multiple programming languages is preferable; languages such as Groovy, C#, and Python, PowerShell, Windows API’s, Linux commands and shell scripting, XSLT, JSON, and database management systems.

* Front-end development experience using Bootstrap, JavaScript, and/or JQuery.

* Experience with Security Automation standards, such as the Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Platform Enumerations (CPE), Common Vulnerabilities and Exposures (CVE), or the Common Vulnerability Scoring System (CVSS) are strongly encouraged.

* Operational experience in an Agile/Scrum development team.




Core Competencies:


* Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach.

* Accountable for successful completion of multiple, individual projects simultaneously.

* Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.

* Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.

* Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.




The CIS Offer


* A culture that is engaging, fun and energetic

* An organization that supports Work/Life balance

* Competitive compensation

* Comprehensive benefits package including medical, dental, vision and life insurance

* 401K plan with company match

* Bonding and military leave

* Paid time off upon date of hire

* Tuition and certification reimbursement

* Relocation assistance

* On-site wellness programs

* Community involvement opportunities

* An environment that promotes growth and professional development including our award-winning training opportunities


See more jobs at Center for Internet Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Dealer Inspire

Lead Security Engineer


Dealer Inspire


infosec

exec

engineer

infosec

exec

engineer

3mo

Apply


Job Description:

The Lead Security Engineer, under minimal supervision, is responsible for supporting all aspects of Dealer Inspire Technology Security Risk Management as an IT security subject matter expert.

Responsibilities:


* Leads, as an IT security subject matter expert, the development, monitoring and enforcement of Dealer Inspire's security policies, standards, and process.

* Proactively monitors IT security information resources for threats and vulnerabilities and leads, as an IT security subject matter expert, the assessment of risk of the threats and vulnerabilities to Dealer Inspire and the services Dealer Inspire provides to its clients.

* With direction from management, leads:


* Development and documentation of Security policies and procedures.

* Security project implementations.

* IT Security assessments and audits.

* IT security incident response activities.

* Enterprise intrusion detection monitoring capabilities.

* Enterprise antivirus capabilities.

* The resolution of internal customer security questions and issues.

* Enterprise IT Security communications including notices and alerts.

* Quarterly company-wide trainings / webinars on security and policies.





* Collaborates with project teams to define security requirements designed to comply with applicable Dealer Inspire security policies, standards, and processes.

* Administers and provides level 3 support for enterprise strong authentication and encryption services.

* Develops "how to" guides for team members and customers.

* Mentors other security team members.

* Performs other related duties as assigned.




Required Experience:


* 5+ years experience relevant to security solution/implementation.

* Experience as a lead subject matter expert with the design, implementation and support of general IT security controls.

* Experience as a lead subject matter expert with security systems including firewalls and intrusion detection.

* Experience as a lead subject matter expert with system security hardening.

* Experience as a lead subject matter expert with vulnerability scanning tools.

* Experience as a lead subject matter expert with successfully delivered IT security projects.

* Demonstrated ability to execute well and respond timely.




Required Skills:


* Independent and able to perform tasks with minimum supervision.

* Good written and verbal communications skills with good command of English.

* Good understanding of data communication protocols focusing on Ethernet and IP.

* Good understanding of encryption technologies.

* Knowledge of forensic investigation techniques.

* Ability to support concurrent projects.

* Self-motivated, positive attitude and a team player.

* Ability to instill quality in every aspect of the job function.

* Competence working with: Unix/Linux shell, Amazon Web Services, IDS / vulnerability scanners, Mac OSX




Education:

Bachelor Degree in Computer Science or Computer Information Systems - OR - related/commensurate experience acceptable.

Preferences:

CISSP, CISA certification.

See more jobs at Dealer Inspire

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


SUSE

Senior Security Engineer


SUSE


infosec

senior

engineer

infosec

senior

engineer

3mo

Apply

Full Time: Senior Security Engineer at SUSE in Nuremberg, Germany or remote office

See more jobs at SUSE

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Defiant

Security Analyst ยญ Forensics Remediation


Defiant


infosec

analyst

infosec

analyst

3mo

Apply


Defiant is a fast-moving cybersecurity company that delivers the best threat protection for WordPress sites.

We’re a 100% remote team, nimble, self managing and work in a relaxed atmosphere with a sense of humor. Rather than working for a mega-corp, you will be working in a company where your work has real impact in the fun, high-growth stages of our evolution.

We are looking for security analysts to join our forensics team. You will assist our customers to investigate how their site was hacked and to repair their site and remove all traces of the intrusion. In addition to this you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOC’s (indicators of compromise) and share this data with our product team in a structured way.

General requirements:

You must be highly technical and be comfortable with a wide range of open source tools.

Excellent written and verbal communication skills.

You must work well in a team.

You must be nimble, be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.

Attention to detail.

Note: Applicants who can work weekends will be given priority consideration.

We have the highest star rating for any WordPress plugin in history and we pride ourselves on providing an excellent product with great customer service that helps secure small and large production websites. If you're passionate about information security and would like to help secure the web, this is your dream job. We take our team's family time seriously and don't ask you to work long hours if we can avoid it (we almost always can). Our entire team works remotely using Slack for casual interaction ­so you can live practically anywhere in the world as long as you have an internet connection. Wordfence is high growth, but we are not a startup. The company is still controlled by the founders, we are profitable and have been for many years. So you will enjoy the rush of high growth but you won't have to risk working for a company that is controlled by venture capitalists or may not be here tomorrow.

See more jobs at Defiant

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Federated Wireless

Cloud Security Engineer


Federated Wireless


infosec

cloud

engineer

infosec

cloud

engineer

3mo

Apply


Federated Wireless is a dynamic, fast-paced, cutting-edge software company that is leading the wireless industry through the shared spectrum revolution.

Federated Wireless is disaggregating the wireless networks to allow for new disruptive models for fast, low-cost cloud enabled wireless connectivity solutions. We are taking advantage of the latest cloud services and implementing advanced algorithms to fully automate service creative and delivery. We are looking for leaders who want to revolutionize the way wireless networks are built.

Federated Wireless is led by CEO Iyad Tarazi and a team of industry veterans who continue to build on this heritage, pioneering new territory in the commercialization of shared spectrum.

The Role:

Federated Wireless is seeking a Cloud Security Engineer to monitor and proactively manage the security of Federated Wireless’ network and application services. The engineer is expected to be able to independently design, develop, deploy and maintain security management technologies in all phases of an agile service development and deployment life cycle. She or he will be required to design components or sub-components, and then follow through with the integration, and testing of all components. Self-motivation, teamwork and experience working in a fast paced agile environment are highly desired.

Responsibilities:



* Designs, integrates, and tests a suite of tools for security management of multi-tenant private and public cloud application services.

* Recommends configuration changes to improve the performance, usability, and value of cyber analysis tools.

* Assists with product studies, performs requirements analysis, and develops software architectures to meet requirements

* Creates technical proposals and white papers, writes functional and design specifications

* Measure compliance against standards




Experience in the following areas is required:


* 3-5 years experience (preferred) with security management of cloud based services (SaaS) in a fast-paced Agile environment.

* Experience architecting, deploying and managing a suite of security management tools, including tools for: WAF, SIEM, log management, DDOS protection, Pen-testing, vulnerability management, automated code analysis, and anti-malware.

* Hands-on experience with security management of virtual machines, containers, and applications.

* Experience with Git source code control

* Excellent oral and written communication skills

* Strong knowledge of public key cryptography, web services SSO strategies, CVSS scoring




 Experience in the following area is desired:


* Experience with Agile development and participating in CI/CD pipelines

* Experience with automation and dev-ops technologies (such as puppet, chef, ansible, etc)

* Strong knowledge of open-source libraries/packages




 Location:


* Open to any of Federated Wireless' office locations in Arlington, VA; Boston, MA; or San Jose, California

* Travel will be required in this position, domestically or internationally as deemed necessary to the growth and expansion of the Company.




 Federated Wireless is committed to providing equal opportunity for all employees and applicants without regard to race, color, religion, sex, sexual preference/orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, veteran status, or any other protected classification under applicable law.

See more jobs at Federated Wireless

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Enbw Energie Baden-wรผrttemberg AG

Cloud Security Architect


Enbw Energie Baden-wรผrttemberg AG


infosec

architecture

cloud

infosec

architecture

cloud

3mo

Apply


Ihre Aufgaben


* Sie entwickeln und auditieren Sicherheitsarchitekturen für Cloud-Lösungen und Ihre Mitarbeit ist in agilen Softwareentwicklungsprojekten gefragt

* Sie definieren und implementieren die Security-Strategie, wozu Sie auch die konzernweiten Security-Vorgaben für Cloud-Lösungen formulieren und einführen

* Durch Ihr Adlerauge bei technischen Sicherheitsanalysen leiten Sie die Gefährdungslage her

* Bei Projekten im Umfeld IaaS, PaaS und SaaS sind Sie kompetenter Ansprechpartner

* Sie sind operatives Mitglied im Computer Emergency Response Team (CERT) der EnBW




Ihr Profil


* Sie verfügen über ein erfolgreich abgeschlossenes (Fach-) Hochschulstudium, bspw. der Informatik oder Wirtschaftsinformatik. Viel wichtiger ist uns, dass Sie mehrjährige Erfahrung in Web-/Appentwicklung, Enterprise Architekturmanagement oder Securitymanagement haben

* Ihre Kenntnisse in IT-Sicherheitskonzepten, Entwicklung auf AWS, Google und Microsoft Azure Plattformen sind exzellent

* Ihr Spaß an der Zusammenarbeit in crossfunktionalen Teams begeistert auch andere für Security

* Sie kennen spezifische Normen und Standards (ISO/IEC 27001, BSI) und arbeiten analytisch und strukturiert

* Sie riechen die IT-Risiken von IT-Systemen und Software und wenden adäquate Verfahren (funktional und wirtschaftlich) an


See more jobs at Enbw Energie Baden-wรผrttemberg AG

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Information Security Analyst


Wikimedia Foundation


infosec

analyst

infosec

analyst

3mo

Apply


Summary

We are looking for a smart security practitioner with an interest in large scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You must have a passion for the WMF mission. We do (almost) everything publicly, and volunteers can add arbitrary JavaScript to our site. That should both frighten and thrill you.

Privacy is one of the core values of the Wikimedia Foundation and you will be joining the team responsible for providing technical and governance security solutions to ensure the confidentiality, integrity and availability of Wikimedia applications.  This is your opportunity to participate in and provide security and privacy solutions so together we can create a world in which everyone can freely share in the sum of all knowledge.  

This is what you will be doing:


* Review security controls, policies and procedures and provide recommendations for the adaption of new technologies or policies.  

* Conduct internal and external security audits

* Provide support for security incidents or events

* Evaluate current organizational risk and threat profile

* Identify improvement areas and provide organization wide security awareness training.  

* Work with teams to ensure they make safe, compliant, design and architectural decisions

* Participate in privacy initiatives

* Participate in operational security initiatives




You’ll need these skills and experience:


* 5+ years experience as part of an Information Security team

* CISSP/GIAC

* Experience in policy creation and enforcement

* Experience with Threat Modeling and Risk Assessments

* Experience in Incident Response

* Bachelor’s degree in CS or related field or the equivalent in work related experience




Pluses


* Wikimedia community experience

* Interest in/passion for all things open source





The Wikimedia Foundation is... 


...the nonprofit organization that supports Wikipedia and the other Wikimedia free knowledge projects. Our vision is a world in which every single human can freely share in the sum of all knowledge. We believe that everyone has the potential to contribute something to our shared knowledge, and that everyone should be able to access that knowledge, free of interference. We host the Wikimedia projects, build software experiences for reading, contributing, and sharing Wikimedia content, support the volunteer communities and partners who make Wikimedia possible, and advocate for policies that enable Wikimedia and free knowledge to thrive. The Wikimedia Foundation is a charitable, not-for-profit organization that relies on donations. We receive financial support from millions of individuals around the world, with an average donation of about $15. We also receive donations through institutional grants and gifts. The Wikimedia Foundation is a United States 501(c)(3) tax-exempt organization with offices in San Francisco, California, USA.

The Wikimedia Foundation is an equal opportunity employer, and we encourage people with a diverse range of backgrounds to apply



Benefits & Perks *


* Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!)

* The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more

* The 401(k) retirement plan offers matched contributions at 4% of annual salary

* Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.

* Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.

* For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program

* Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses

* Telecommuting and flexible work schedules available

* Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax

* Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people




* for benefits eligible staff, benefits may vary by location

More information

WMF

Blog

Annual Report - 2017

Wikimedia 2030



See more jobs at Wikimedia Foundation

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Elastic

Security Operations Area Lead


Elastic


infosec

exec

ops

infosec

exec

ops

3mo

Apply


At Elastic, we have a simple goal: to solve the world's data problems with products that delight and inspire. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with their data. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. We unite Elasticians across 34 countries (and counting!), 18 timezones and 30 different languages into one coherent team, while the broader community spans across over 100 countries.

We are looking for someone to lead a team of engineers focused on implementing, improving and maintaining security controls for Elastic Cloud. You will be acting as a partner for the security of the Elastic Cloud, and assume ownership of architectural decisions, organizing cross-team efforts and being a security SME for Elastic’s SaaS. Does this sound like something you are interested in?

What You Will be Doing:


* Leading the Security Engineers on the Elastic Cloud team

* Owning of Compliance items agenda for Elastic Cloud (SOC-2, ISO 27k, HIPAA)

* Organizing cross-team efforts

* Maintaining a tight collaboration with Infosec and SecEng teams

* Collaborating with the Cloud team Lead




What You Bring Along:


* Experience in leading engineering teams

* Architect level experience in public cloud provider environments

* A Deep understanding of Linux systems hardening, containerization, and network perimeter controls.

* The Ability to drive decisions and being hands-on

* Experience with compliance (SOC-2, PCI, ISO 27k, GDPR)

* Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem solving, debugging and troubleshooting skills




Bonus Points:


* Experience in running or participating in a Blue team

* If you are a leader in Security within SaaS products




Additional Information:

We're looking to hire team members invested in realizing the goal of making real-time data exploration easy and available to anyone. As a distributed company, we believe that diversity drives our vibe! Whether you're looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life.


* Competitive pay based on the work you do here and not your previous salary

* Stock options

* Global minimum of 16 weeks of paid parental leave (moms & dads)

* Generous vacation time and one week of volunteer time off

* An environment in which you can balance great work with a great life

* Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.




Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.

See more jobs at Elastic

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Numbrs Personal Finance AG

Security Engineer


Numbrs Personal Finance AG


golang

infosec

engineer

golang

infosec

engineer

3mo
Zรผrich, Switzerland - Responsibilities include but are not limited to reviewing designs, code, performing in-depth security assessments of mobile apps, distributed backend systems and internal IT infrastructure; developing custom security tools; documenting the infrastructure, poli...

See more jobs at Numbrs Personal Finance AG

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Invisionapp

Senior Security DevOps Engineer


Invisionapp


infosec

devops

senior

engineer

infosec

devops

senior

engineer

4mo

Apply

As a Security SRE, you will play a critical role in effectively maintaining and improving the security of our organization’s systems, platform and infrastructure. You will be responsible for monitoring and managing the security in our cutting edge containerized environments using Docker, Kubernetes and CoreOS. You will also work with the security team to manage traditional system and network security tools such as web application firewalls, DDoS service, IPS and more designed to protect our customers and business against malicious external attacks. You will have the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure, all in a container centric environment!

Responsibilities:


* Work across engineering teams to establish and enforce secure practices and procedures in the building of environments and deployment of code

* Implementation, configuration and management of cutting edge container security tooling of hosts and nodes

* Perform vulnerability identification and remediation including patch management for systems and networks

* Management of AWS Security including best practices, security groups, user access

* Management and configuration of security tooling including web application firewall, DDoS service, IPS, IDS, FIM, AV and more

* Remediation of reported infrastructure or platform vulnerabilities, exploits and threats

* Management of user access, roles and permissions to critical services

* System hardening according to industry best practices

* Cross-team work with infrastructure and platform teams



Preferred skills/tools:


* Containerization / Kubernetes

* CoreOS / Alpine / Ubuntu

* Patch Management

* AWS environment builds / security groups

* Github

* WAF, IDS, IPS, FIM, AV, VPN



Preferred Certifications:


* CISSP

* SSCP

* CCSP

* SANS Certs


See more jobs at Invisionapp

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Security Engineering Manager


Auth0


infosec

exec

engineer

infosec

exec

engineer

4mo

Apply


Auth0 gives companies simple, powerful and developer friendly building blocks so they can free up resources to focus on innovation. We strive to be the identity platform of choice of developers and Enterprises. We take our culture very seriously and are looking for people who are drawn to both our mission and our culture.

We are a security company and Auth0's Security Team is in the privilege position of supporting a security first culture for a company that wants to make the internet safer.

The Cloud Security team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a security engineer with a passion for solving security problems and building tools to drive automation. This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Cloud Security team.

Responsibilities:


* Provide team leadership and own the delivery of security engineering projects

* Design, build and maintain the systems that help keep Auth0 secure

* Demonstrate the effectiveness and coverage of these systems

* Develop tools to test, monitor and enforce security policy

* Automate security process to reduce as much manual process as possible

* Own and improve our security monitoring pipeline

* Participate in the on-call rotation to support the infrastructure and respond to security events




Requirements:


* Experience working as a Security Engineer and delivering engineering projects

* Experience administering and securing AWS

* Strong Linux experience

* Proficiency in at least one programming language (e.g. Python, Node, Go etc.)

* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc)

* Strong written and verbal communication skills

* Comfort working in a globally distributed environment with a remote workforce




Extra Points:


* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation

* Experience running a vulnerability management programme

* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc)

* You write readable, maintainable code and have experience managing source code with git




Examples of our Engineering Culture:


* https://auth0.engineering/

* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921




Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Twin Technologies

Contract Microservice Security Architect


Twin Technologies


infosec

architecture

infosec

architecture

4mo

Apply


Company Description


We dream, create, and deliver digital solutions that transform what’s possible for enterprises, government institutions and organizations and partner with our clients through every stage of digital transformation: from strategy, to activation, to delivery to decrease risk and increase speed-to-market.

We are Remotely Awesome! We understand that quality of life directly impacts quality of work, and we know that talent is all over the place. Our team is not limited by geography, and seeks top talent where it exists. Our remote work model encourages independent thinking, requires professional discipline, and contributes to a high quality work/life balance.

What’s does this mean for you? Many of our team members have the flexibility to work from anywhere in the United States, and is provided the tools and infrastructure to successfully collaborate across the globe. We will continue to grow and evolve with the market and provide an environment where creativity, leadership, mentoring, planning, and resources are in place to achieve our shared goals.




Job Description


The Security Architect will serve as part of a development team supporting both established projects and creating from the ground up. The ideal candidate is an experienced leader and team player with a background in security and a passion for delivering well through DevOps best practices.  They are passionate about technology and committed to lifelong learning, possessing the ability to apply their technical knowledge, skills and experience to solve complex/real-world problems.

Technologies and Disciplines:

We use several different technologies in our development stack across multiple clients and projects. We continuously evaluate new technologies to make sure we are fully aware and always using the right tool for the job. Examples of the technologies we currently use include:


* Java, JPA, Dropwizard, JBoss, Javascript

* Docker, Kubernetes, Linkerd, Consul

* SQL Server, Oracle

* Jenkins, Maven, Stash, Git

* AWS EC2, Lambda, S3




Responsibilities:


* Solving complex problems with elegant and maintainable solutions

* Designing, implementing, and evaluating microservice architecture implementations to improve delivery and support new features

* Delivering back-end and tooling solutions using modern Java frameworks

* Developing and bringing security processes in line with current best practices

* Integrating existing legacy Java enterprise system with microservice/mesh architecture based APIs

* Working with the team to continuously improve security across all areas of the software project

* Participating on an agile / scrum software delivery team







Qualifications



* A strong foundation in computer security and authz & authn best practices

* 5-10+ years software engineering experience

* 1-2+ years experience integrating with Identity and Access Management frameworks, or security policy and enforcement toolsets.

* Secured APIs and services within SOA or microservice architectures

* Experience with Kubernetes resource APIs and related CLI tools

* Experience with running and defining Docker containers

* Comfortable using and configuring software on Linux based operating systems

* Familiar with service mesh proxies like Istio/Envoy or Linkerd

* Understands best practices for JWT algorithm choice and token claim assertions

* Capable of integrating security related components into CI/CD automation pipelines using tools like Spinnaker or Jenkins

* BS in Computer Science or equivalent experience

* Applicants MUST be US Citizens, due to the nature of the work

* Applicants MUST live in the US, with a remote home office

* This is a contract position to start








Additional Information


Twin Technologies offers a competitive and comprehensive employee compensation and benefits package that includes medical, dental and vision insurance, LTD, STD, life insurance, 401k program with company match, and an unlimited PTO plan

Twin Technologies is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, or protected veteran status.

See more jobs at Twin Technologies

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Surge

Security


Surge


infosec

infosec

4mo

Apply



* Excellent verbal and written communication skills

* Strong knowledge of NIST SP 800-53 & SP 800-30

* Experience in conducting audits based on NIST Cyber Security Framework & NIST security controls

* Experience in developing technical risk management framework and managing security risk assessments

* Must have CISSP


See more jobs at Surge

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Invisionapp

Senior Security Engineer Risk Compliance


Invisionapp


infosec

senior

engineer

infosec

senior

engineer

4mo

Apply

InVision is the world's leading product design platform, powering the future of digital product design through our deep understanding of the dynamics of collaboration. We provide two million people with the power to prototype, review, refine, manage and user test web and mobile products. InVision drives the product design process at leading Fortune 100 companies, including at Disney, IBM, Walmart, Apple, Verizon and General Motors. Backed by Accel, ICONIQ Capital, FirstMark Capital, Tiger Global and others. InVision is a distributed team with over 200 employees around the world.

As a Security Specialist focused on risk and compliance, this position will provide the individual an opportunity to help shape the direction of our company’s security program by providing thought leadership, professional support and valued contributions to a range of activities.  We are looking for an experienced security professional with a strong background in audit and compliance management.  This role will work with third parties, customers and auditors to manage compliance efforts as well as performing internal audits across various departments to ensure security and customer requirements are met.  You will have the opportunity to expand beyond audit and compliance efforts as well by providing operational support for our security defenses, including the technologies deployed for protecting company and customer information assets and infrastructure.  This position plays a critical role in identifying, protecting, detecting and responding to potential security vulnerabilities, while also providing consultative support for security-related projects.  The right person will bring passion that promotes understanding and continuous education.

This role will report to the Manager of Information Security.


Key Responsibilities Include:


* Work with internal and external entities to ensure the security of our customers

* Manage third party and customer audits

* Third party risk assessments

* Internal risk assessments

* Internal compliance audits (user access reviews, firewall reviews)

* Employee / endpoint compliance efforts

* Risk assessments and risk remediation efforts

* Security audits of people, systems and processes




Preferred skills/tools:


* GRC Tools

* PCI / SOC 2 knowledge




Preferred Certifications:


* CISSP

* CISM

* CISA

* CGEIT

* CRISC


See more jobs at Invisionapp

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Oportun

Identity Access Management Security Analyst


Oportun


infosec

analyst

infosec

analyst

4mo

Apply


ABOUT TECHNOLOGY @ Oportun

The Technology team @ Oportun is dedicated to delivering and maintaining performant, elegant, and intuitive systems to our business partners and retail customers.  We provide the platform, technology services, and interfaces that have enabled Oportun to serve over 1.1M customers with over $5 billion in life-changing, responsible loans disbursed.

We work on a very unique platform, combining service-oriented platform services with sophisticated user experiences, all enabled through a best-in-class (and fun to use!) automated development infrastructure.  We prove that FinTech is more fun, more challenging, and in our case, more rewarding as we build technology that changes our customers’ lives.  At the corporate level, Oportun delivers a very supportive and welcoming service experience, with bilingual staff across channels, and operates in more than 270 locations in CA, IL, AZ, FL, NM, TX, UT & NV, with mobile services available in MO and WI.

Summary

The IaM Security Analyst reports to the VP of Security and is responsible for managing identity governance, security controls and security configuration management for critical business applications, such as Workday and others.

Responsibilities:


* Management of Workday identity governance, security controls and security configuration items such as:


* Separation of Duties (SOD) framework

* Role-based, job-based, aggregation, intersection, segmented security groups

* Authentication and password policies to control users logging into the tenant

* Security controls for business processes

* Security controls for integrations

* Tenant setup for security

* Data scrambling and data masking options for Workday

* Different types of custom reports, calculated fields and custom dashboards

* Single Sign-on configuration options for Workday

* Mobile configuration options for Workday





* Longer-term arc for this role will focus on the management of identity governance, security controls and security configuration items in other in-scope critical business applications.

* Support the deployment of an Identity Governance system by: Creating and managing Identity Governance policies and processes, developing automated continuous monitoring solutions for Identity Governance attestation processes, and developing/publishing Identity Governance reports and metrics.

* Develop and help deliver Identity Governance awareness materials, and document Identity Governance training materials.

* Collaborate with business partners to manage other in-scope critical business applications




Required Skills & Experience:


* 3+ years of experience in Identity and Access Management and Identity Governance REQUIRED.

* 3+ years’ experience in Workday Security analysis, design, and configuration REQUIRED.

* Ability to develop automated solutions.

* Experience completing at least one full Workday HCM and Financial Management implementation.

* Experience designing and configuring Workday security groups and user profiles.

* Experience working closely with technical teams to translate functional specifications into technical solutions.

* Strong understanding of Segregation of Duties (SOD) frameworks.

* Ability to work in partnership with management from other business units to assure business practices meet defined policies, standards, and key business objectives for continuous control compliance.

* Excellent presentation skills, analytical judgment, decision-making skills, functional and technical skills, business acumen, detailed, and task oriented.

* Knowledge in analyzing and resolving complex problems and providing resolutions and recommendations to control deficiencies based on practice and precedent.




Preferred:


* Sc. in Computer Science or related field

* Experience with Identity Governance solutions and automation, including SailPoint and Saviynt products/solutions.

* Experience with project management methods, process mapping, and a solid ability to establish priorities and/or multi-task.




BENEFITS:

We offer competitive salaries, bonuses, stock options, great benefits and a fully loaded laptop of your choosing.  We have strong opinions about work/life balance, and seek to create a comfortable and productive environment where we can ship apps that we’re proud of and that best serve our customers.

See more jobs at Oportun

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Defiant

Senior PHP Developer With Security Emphasis


Defiant


infosec

dev

php

senior

infosec

dev

php

senior

4mo

Apply


DESCRIPTION

Do you want to work in cyber security? How about being able to work anywhere on the Planet? On a beach in Hawaii, or taking your lunch break fly fishing a stream in Alaska.

We are one of the fastest growing cyber security companies in the World. You will be working for us remotely full-time, with full benefits including platinum level medical, dental, 401K, a generous stock options package, gym reimbursement, company paid security certifications (CISSP, Security+) and conferences.

We are a team of 33 talented and highly motivated people. We're fast moving, nimble, self managing and work in a relaxed atmosphere with a sense of humor. Rather than working for a mega-corp, you will be working in a company where your work has real impact in the fun high-growth stages of our evolution.

We use apps like Slack, Fogbugz, Github and Google Apps for our workflow. Each team member is world-class at what they do. We have flexible working hours and we are a diverse team ranging in age. Most of us are based in the USA and many are international including countries like Sweden, Bulgaria, the UK and many more.

Here are some of the core skills we look for in team members:


* A willingness to grab whatever task is required of you and run with it. This may include work outside of your core tasks. We are a small team and everyone needs to pitch in.

* A high level of productivity and self-management.

* Must be comfortable working remotely and interfacing with other team members using Slack and other remote tools.

* Excellent analytical ability and problem solving skills.

* A strong work ethic.

* Effective communication skills. This is critical for remote workers and we can't emphasize this enough. You will spend a significant amount of time interfacing with our customers and/or other team members through your keyboard and it's critically important that you can effectively convey your thoughts.







REQUIREMENTS


* PHP including object oriented PHP. Experience with Laravel is helpful. You need to write clean, high performance and maintainable code that is secure.

* Knowledge of subversion and git, including github workflow is a requirement.

* MySQL including the ability to write well performing SQL, ability to design schemas and an understanding of MySQL data types and performance.

* Experiencing with Apache, Nginx and other web platforms like Lightspeed highly desirable.

* Must be comfortable using Linux and comfortable with Linux administration.

* HTML, CSS, Javascript and jQuery a requirement.

* Understanding of common web vulnerabilities required.

* Vulnerability research – ability to identify vulnerabilities in code is a requirement.

* WordPress experience required – including ability to use the WordPress plugin API.

* A keen interest in infosec. Credentials like Security+, CISSP or other is a strong plus.

* Knowledge of other languages a strong plus.




All positions require a trial period of approximately 2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing, regular employment relationship.

All offers of employment are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of employment with the company.




BENEFITS

Full-time permanent positions include the following benefits:


* Platinum level PPO medical plan with dental and vision included. Company pays 100% of the premiums for employees and 50% for dependents.

* 21 days PTO per year

* 401k with matching contributions

* Opportunities to attend security conferences and WordCamps (conferences vary but we have attended RSA, DefCon, BSides, Shmoocon and others)

* Company paid local gym membership

* Company paid fees and study time provided for work-related educational courses and security certifications such as Security+, CEH and CISSP.

* You will receive a new laptop (MacBook Pro or equivalent) and any items needed to create a successful work environment at home.




Click here to apply for this job now.

See more jobs at Defiant

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Vividcortex

Application Security Engineer


Vividcortex


infosec

engineer

infosec

engineer

4mo

Apply


The Application Security Engineer champions security within VividCortex’ product development teams through the design and integration of security controls, and educating our teams through training and security programs. Our security team is a key part of our growth strategy! Diversity is important to us, and we welcome and encourage applicants from all walks of life and all backgrounds. Remote work within the US with regular travel to our Charlottesville, VA headquarters, is available for this position.

What you’ll get to do here:




* Provide security expertise on our systems, network, encryption, and authentication.

* Understand our AWS architecture, full engineering stack, services, and data flow and own their security controls.

* Implement and maintain technologies for security, such as vulnerability testing, logging, monitoring and incident response.

* Help define our secure development standards and ensure they are met.

* Consult with engineering on planned and current platform and code changes to ensure security is given due consideration during architectural planning and implementation.

* Perform code reviews, penetration testing, and security functional testing.

* Own security awareness training for engineering, and create engaging security programs (bug bounty, white hat testing, and more).

* Document and develop security engineering processes and procedures in support of compliance processes.

* Identify and assist in the development of  security features within our products.

* Represent Security as a resource for a great engineering culture.






You’re great at:




* Sharing your passion for security with the team and advocating for customer needs.

* Being the engineering team member that others depend on for guidance on security issues.

* Staying on top of security trends and emerging threats in a rapidly changing industry.

* Creating engaging programs for training and security awareness.

* Choosing and using vulnerability testing tools for penetration tests and compliance audits.

* Understanding complex applications, infrastructure and business processes.

* Identifying security risks in the product and SDLC and finding pragmatic ways to mitigate them.






You'll benefit from experience in:




* High-growth technology environments.

* Software as a Service products.

* Frameworks and standards such as ISO, CSA, HIPAA, PCI, GLBA, etc.

* System administration, particularly AWS.

* General development, deployment, and operation of modern API-powered web applications using continuous delivery and Git in a Unix/Linux environment.

* Coding, particularly with Go and scripting languages such as Bash.

* Coding platforms include, PHP, Golang, C+, C++, Perl, Python, and Javascript.

* Database platforms include, MySQL, PostgreSQL, MongoDB, Redis, Cassandra.

* OS platforms include Linux, Free BSD and Windows.

* Cloud SaaS Services, AWS






At VividCortex, we want to build a diverse team because it's the right thing to do, and because we believe diversity is strength. We encourage applicants from all walks of life and all backgrounds. Note to Agencies and Recruiters: VividCortex has a strict company policy against engaging with unsolicited contact from agencies or recruiters.  Unsolicited resumes and leads are property of VividCortex and VividCortex explicitly denies that any information sent to VividCortex can be construe

See more jobs at Vividcortex

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Invisionapp

Engineering Manager Security


Invisionapp


infosec

exec

engineer

infosec

exec

engineer

4mo

Apply


InVision is the Digital Product Design platform used to make the world’s best customer experiences. We provide design tools and educational resources for teams to navigate every stage of the product design process, from ideation to development.


Today, more than 3.5 million people use InVision to create a repeatable and streamlined design workflow; rapidly design and prototype products before writing code, and collaborate across their entire organization. That includes more than 80 percent of the Fortune 100, and organizations like Airbnb, Amazon, HBO, Netflix, Slack, Starbucks, and Uber, who are now able to design better products, faster.


InVision is a fully distributed company with employees in 25 countries around the world. The company has raised more than $235 million in funding from leading investors including Accel, ICONIQ, FirstMark, Tiger Global, Battery Ventures, and Spark Capital. Visit us at InVisionApp.com and InVisionApp.com/blog.


You are someone who loves building high performing teams. You believe that the foundations of a really good team are a clear vision, engaged and talented engineers, just enough process, fast and effective decision-making, and excellent communication.  You’re never satisfied and are always looking for ways to make things better and to deliver faster with higher reliability. You care deeply about the work that you do and the people who are doing it. You practice the leader-leader model. Ok, so it’s pretty clear that you’re awesome.  And awesome people like to work on awesome stuff, right?


We want you to help us establish and solidify our SecDevOps framework.  We’re fully invested in the latest security and platform technologies such as Containerization, Kubernetes, AWS services, Go, Web Application Firewalls, and much more.  You will get to work on tools and security products that will help protect our organization and customers; and critical in helping the business succeed.


Your work will directly contribute to people loving their work. You will manage the SecDevOps team and collaborate closely with our Platform’s DevOps team to maintain the security of the build, stability, and availability of our service. It’s genuinely a lot of fun working on a great product and pushing the edge in SecDevOps.


Responsibilities:


* Be accountable for your team’s delivery and execution on projects and operation of services.

* Lead and grow the engineers on your team through coaching and mentoring, regular reviews, and one-on-ones.

* Manage projects through effective planning, communication of status, and coordination of activities within your team and across teams.

* Continuously improve your team’s processes.





Requirements:


* Strong Player Coach that can develop and lead SecDevOps strategy

* Experienced in mentoring and coaching engineers.

* Experienced in delivering complex projects quickly and with a focus on quality and reliability.

* Process-oriented but hates bureaucracy. Experienced with Agile and/or Lean.

* Good at getting things done with minimal oversight while maintaining good information flow.

* Experienced hiring good engineers who add to the strengths of the team.

* Strong architectural understanding of back end systems.

* Balances good strategic vision with tactical execution.





There are a number of reasons you really want to be an Engineering Manager on this team.  You will have the opportunity to work with a super talented, engaged engineers who love what they do.  You will work with an experienced leadership team that has successfully grown and mentored managers. You’ll be part of a peer group that is supportive and always learning.  

If this sounds like you, we’d like to know more!

See more jobs at Invisionapp

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Security Roots Ltd.

Full-stack Rails Developer


Security Roots Ltd.


rails

security

dev

full stack

rails

security

dev

full stack

4mo

Apply

# Our Story
In short, Security Roots helps make the Internet safer. We work with IT security professionals and ethical hackers to help them find security holes and vulnerabilities in systems before the bad guys do.

There is a lot of creativity and innovation involved in findings those holes. Unfortunately, itโ€™s not all fun and games, in order for their โ€œfindingsโ€ to be useful, they need to document their results, track progress, notify stakeholders, review mitigations implemented, verify, re-test, etc. There is a lot of overhead involved in the process.

Surprising no one, IT Security experts like the fun and games but donโ€™t like the overhead/ back-office stuff. Thatโ€™s where we come in, we exist to make the life of IT Security professionals easier, better, more enjoyable by making all of these overhead tasks easier and more painless.

We've been in business for 5 years, completely self-funded and profitable. Today, we serve over 440 Infosecurity teams across 37 different countries.


# Whatโ€™s the opportunity?
Weโ€™re looking to hire our 6th full-time employee, a well-rounded Rails developer.
In this role, you will learn a ton and be part of a small, global, and user-centered company. Youโ€™ll even report directly to Daniel Martin, the founder.

Youโ€™ll have the opportunity to make a difference to the lives of 100s of hackers. Plus, as a small team, you will will have a lot of choice about what to work on, and there are still a lot of untapped opportunities for you to grow as the company does.

![Daniel at the BlackHat conference](https://lh5.googleusercontent.com/-F7nk_6rb8B2qCVyuyU1kASsJyz83C4CmQsgl4MzaCZcY6qyPBkK9i7Qgp_W-UHklRlO0-kOUP269JImrK5zoPvRS1dh6zoAp-wWaLgdJTW3VfTH0DGMLVqT04q1xi6kn6SWPybt)
_Thatโ€™s our founder, Daniel, presenting on the conference floor._


# What's in it for you?
- **Work anywhere** โ€“ We're 100% remote.
- **Flexible work hours** - Provided you have reasonable overlap with the team (roughly within EU/US Eastern business hours).
- **Great salary** โ€“ You will be making more than others in your region.
- **Flexible vacation** โ€“ Take time off when you need it, we trust you (no less than 4 weeks each year).
- **No external pressures** - Our users are king, we do what's best for them. We're self-funded, and don't have any investors, so we can make the right decisions for our customers without worrying about artificial deadlines or financial targets.
- **Autonomy** โ€“ You will be given a lot of freedom to do what you think is right, without needing to explain every decision.
- **Meaningful work** โ€“ You will take initiative and ownership to see things through to completion. We won't micro-manage you. And your work will be measured by your results.
- You will have great hardware and tools to work with.
- Company retreats.
# What we offer and what we are looking for
You'll be a trusted and key member of our team, and this is (some of) what you'll end up doing on a day-to-day basis:
- Improve the experience for our users, help them get the results they need.
- Detect opportunities to enhance and improve our stack.
- Extend the coverage of our API layer.
- Improve our existing products and internal systems. We want to learn from you as you learn from us.
- Prioritize and decide what features we should tackle next.
# Our stack
- Rails 5
- JS, Stimulus, CoffeeScript and Sass
- Bootstrap and jQuery
- Postgres and MySQL
- Sinatra, Resque, Middlemanapp, Chef, Vagrant, Nginx, Unicorn,...
We're looking for a solid Rubyist with ยซadequateยป experience who is comfortable in a 100% remote team and is self-driven.
This is a full-time position for the right candidate and it has an immediate start date. Work 100% remotely (although you need to have a home base - i.e. no perma-travellers this time, sorry!).
# This position might be for you if:
- You've held a remote position before, or you've held a similar position of responsibility in a traditional organisation but now are looking to **improve your work-life balance**.
- You are a well-rounded individual, work is not everything in life, you may have a family and social life. You work hard when it's work time and are **able to switch off** when it isn't.
- You're comfortable communicating with others verbally and in writing. **Our team is spread across the world**, and so are our clients.
- You are organised, like to be on top of your responsibilities and don't let things slip through the cracks. You will be sure to include the name of your favourite tv series as part of your application.
- You have a knack for design / UX will be a plus. Background in Information Security wouldn't hurt either.
- **You believe in giving back to the community**. We started with an open-source project and to this day we remain firm believers of open-source and giving back. Part of what you will be creating with the team will be released as open-source.

See more jobs at Security Roots Ltd.

Visit Security Roots Ltd.'s website

How do you apply?

1. Read more about what's like to work with us: https://dradisframework.com/careers/
2. Check out our open-source project's repo: https://github.com/dradis/dradis-ce/
3. Learn more about the team: https://dradisframework.com/story.html
4. Read more about this Full-stack Rails Developer opening: https://dradisframework.com/careers/openings/developer.html
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Senior Java Developer


Contrast Security


dev

java

senior

infosec

dev

java

senior

infosec

5mo

Apply


We are in search of someone who loves Java and wants to explore the internals of the JVM. There are a lot of people out there that can program in Java, but they moonlight in other languages. We kind of want someone who wants to be focused just on Java and JVM languages like Scala, Kotlin and Groovy.

The opportunity is to join our flagship team, which is our Java agent. It's our most widely adopted language/agent. It just happens to be our most mature and feature rich. We have so much more work to do with our technology, so let me assure you that joining this team will be a fun, wild ride. Writing an application security agent is a responsibility we take very seriously at Contrast. Our customers trust us enough to run our agents directly in their applications. We're looking for an engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence.

An ideal candidate is proficient in Java and wants to get into the internals of the JVM. He or she likely has professional Java experience, including some experience contributing to open source frameworks and/or libraries, this could be a great opportunity for you to deepen your understanding of Java. You like to reverse engineer code, making it better with each iteration.

About You


* Able to design modular and well tested java code bases.

* Experience with popular Java OSGi and ORM frameworks.

* Research and implement JVM Compiler and Runtime optimizations 

* Strong skills in developing and debugging multi-threaded code

* Hands-on experience in JVM development, configuration, and Java concurrency practices.

* Deep understanding of Java threads, locks, I/O and garbage collection.

* Experience and/or curiosity in JVM languages: Kotlin, Groovy, Scala or Clojure

* You approach problems from a product perspective, thinking through how the user will interact with what you're building.

* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.

* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.

* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally.

* You can join us in our office in Baltimore




At Contrast, our goal is the make the Internet safer day by day. We are always interested in meeting talented and creative technologists who share this goal. We’ve built some amazing technology thus far and are shaking up the way the world looks at application security. We know that our products can get better with new voices and ideas. Are you looking to make a difference? Are you a problem solver, but want to be challenged with complex and interesting problems. Do you believe the best work is the result of finding the simplest solution to complex challenges? Do you long to be an early contributor to a product and a company culture? Do you ever wish you were there in the early days of these startups everyone is talking about? Here's a little about what we offer:


* Competitive compensation

* Daily team lunches

* Meaningful stock plans

* Medical, dental, and vision benefits

* Flexible paid time off

* Choice of a MacBook Pro or Microsoft Surface Pro 




We are changing the world of software security. Do it with us.   We believe in what we do and are passionate about helping our customers secure their business. We work hard, and we have fun doing it. Solve the impossible. Easy = boring. If you’re looking for a fun work environment and like a challenge, you’ll love Contrast Security. By submitting your application, you are providing Personally Identifiable Information about yourself (cover letter, resume, references, or other employment-related information) and hereby give your consent for Contrast Security, and/ or our HR-related Service Providers, to use this information for the purpose of processing, evaluating and responding to your application for current and future career opportunities. Contrast Security is an equal opportunity employer and our team is comprised of individuals from many diverse backgrounds, lifestyles and locations. 

See more jobs at Contrast Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Security Engineer


Auth0


infosec

engineer

infosec

engineer

5mo

Apply


Auth0 gives companies simple, powerful and developer friendly building blocks so they can free up resources to focus on innovation. We strive to be the identity platform of choice of developers and Enterprises. We take our culture very seriously and are looking for people who are drawn to both our mission and our culture.

We are a security company and Auth0's Security Team is in the privilege position of supporting a security first culture for a company that wants to make the internet safer.


The Infrastructure Security team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a Senior engineers...


This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Security Operations team.

Responsibilities:


* Provide team leadership and own the delivery of security engineering projects

* Design, build and maintain the systems that help keep Auth0 secure

* Demonstrate the effectiveness and coverage of these systems

* Develop tools to test, monitor and enforce security policy

* Automate security process to reduce as much manual process as possible

* Own and improve our security monitoring pipeline

* Participate in the on-call rotation to support the infrastructure and respond to security events




Requirements:


* Experience working as a Security Engineer and delivering engineering projects

* Experience administering and securing AWS

* Strong Linux experience

* Proficiency in at least one programming language (e.g. Python, Node, Go etc.)

* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc)

* Strong written and verbal communication skills

* Comfort working in a globally distributed environment with a remote workforce




Extra Points:


* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation

* Experience running a vulnerability management programme

* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc)

* You write readable, maintainable code and have experience managing source code with git




Examples of our Engineering Culture:


* https://auth0.engineering/

* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921




Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Product Security


Auth0


infosec

product manager

exec

infosec

product manager

exec

5mo

Apply


We give companies simple, powerful and developer friendly building blocks so they can free up resources to focus on innovation. We strive to be the identity platform of choice of developers and Enterprises. We take our culture very seriously and are looking for people who are drawn to both our mission and our culture.

Auth0 is a security company and Auth0's Security Team is in the privilege position of supporting a security first culture for a company that wants to make the internet safer.


As part of the Product Security team your job will be to ensure that Auth0 products are as secure as our customers trust them to be. We are looking for a Software Engineer with a passion for solving security problems to partner with our Engineering teams and own security-critical code throughout the entire product lifecycle.


Our Engineers are encouraged to contribute back to the community and you will be supported in sharing your work by speaking at conferences and open sourcing the tools we build.

Responsibilities:


* Develop, maintain, and test security-critical code and libraries that make up Auth0 products

* Resolve security vulnerabilities identified in Auth0 products

* Perform security reviews of requirements, design specifications, and code

* Participate in Secure Software Development Lifecycle as a security subject matter expert

* Work closely with our Engineering teams to gain in-depth knowledge of our systems

* Develop a roadmap of security features




Requirements:


* Strong background in software engineering

* Solid grounding in information security principles and passion for security

* Deep understanding of Web application security




Extra points:


* Experience working as an application developer in the identity space and knowledge of OAuth 2.0, OpenID Connect, or SAML

* Experience with JavaScript and Node.js development

* Knowledge of FIDO U2F standard

* Knowledge of container security




Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Covermymeds

Application Security Engineer


Covermymeds


infosec

engineer

infosec

engineer

5mo

Apply


As the Application Security Engineer at CoverMyMeds, you’ll be responsible for building and growing our application security program.  You’ll focus on creating and improving tools and processes that contribute to highly-secure application development environments and technical operations.  You’ll partner closely with developers across the company, supporting their needs and advocating for security best practices.  You’ll work on a small team with endless opportunities to continue growing and mentor others.

What You'll Do: 


* Build and grow our application security program, including:



* Assessing and assigning risk

* Static code reviews

* Secure coding policies

* Security checkpoints

* Code review methodologies

* Security education for our development teams

* Anything else you think should be part of the program



* Document everything important you do for our application security program

* Partner closely with our development teams to understand their needs and incorporate secure code-development practices from the very beginning of our processes to disseminate security expertise and knowledge of our complex environment

* Proactively seek out opportunities to continuously learn about security best practices

* Support the assessment and implementation of application security tools and technologies 




About You:


* 3+ years of web development experience

* 2+ years of application security experience

* 2+ years of experience using dynamic web application vulnerability scanning and static code analysis tools and services

* Proven experience mitigating and addressing application threat vectors 

* Proven experience securing all major web server environments and cloud platforms based on OWASP top ten recommendations 

* A natural collaborator who seeks out new perspectives and builds trusting relationships with stakeholders and team members

* Excellent interpersonal skills to influence stakeholders to do the right thing for our products

* Devoted to learning, constantly working to stay up-to-date on security best practices


See more jobs at Covermymeds

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Accenture India

Application Security Professionals


Accenture India


infosec

infosec

5mo

Apply


We are looking for professionals (with 2-12 years  of experience) who can fulfill the following criteria:

 Job Location: Bengaluru

Must Have Skills


* Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization issues 

* Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc 

* Experience on both commercial and open source tools  Cenzic Hailstorm, Burpsuite, metasploit, CheckMarx, AppScan, WebInspect, Fortify, Nessus, nmap, sqlmap

* Hands on experience in Dynamic security testing of web based application 

* Knowledge of Secure SDLC and Security standards like OWASP, CWE, NIST, OSSTMM 

* Understanding of OWASP top 10 and mitigation techniques 

* Work with development teams to carry out Application Security Reviews

* Hands on experience in Application Code Review 

* Tool exposure in  CheckMarx, Fortify, IBM AppScan Source, Veracode  

* Application Vulnerability Assessment/ Penetration Testing Cenzic, IBM AppScan 

* Understanding of network  mobile security and tool exposure

* Experience in Dynamic Application Security Testing(DAST)/Static Application Security Testing(SAST)

* Excellent Communication Skills




Good to have:

Security Certification CSSLP, CEH, GIAC Information Security Professional GISP 

If you, or a friend, match these requirements, please send in your resumes to thushara.s.chandran@accenture.com, marking “Application Security-Stackoverflow” in the subject line

Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law

See more jobs at Accenture India

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Infrastructure Security


Auth0


infosec

infosec

5mo

Apply


Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

The Infrastructure Security team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a Security Engineering Manager who is passionate about people and can lead them to deliver world class security infrastructure.

This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Security Operations team.

Responsibilities:


* Lead a team of Security Engineers to deliver great security infrastructure

* Mentor and coach the engineers to keep them challenged and delivering their best work

* Build processes and frameworks for Security Engineering and Security Operations

* Build a diverse team - fostering a collaborative and an inclusive environment

* Develop a roadmap for future work and be accountable for it's delivery

* Build a metrics program

* Develop strong relationship with our internal

* Engineering teams; influencing their roadmaps and understand where we need to fill any gaps




Requirements:


* Several years experience in an security engineering management role or a senior engineering team lead role

* Experience working as a Security Engineer and delivering engineering projects

* Experience hiring and attracting talented Engineers

* You have enough technical expertise to drive to engineering and architecture decisions to:



* Design, build and maintain the systems that help keep Auth0 secure

* Develop tools to test, monitor and enforce security policy

* Automate security process to reduce as much manual process

* Own and improve our security monitoring pipeline







* Experience administering and securing AWS Strong Linux experience

* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc)

* Great organisational and project management skills

* Strong written and verbal communication skills Comfort managing a remote, globally distributed team




Extra Points:


* Exposure to agile release processes and supporting tools and infrastructure

* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation

* Proficiency in at least one programming language (e.g. Python, Node, Go etc.)




Examples of our Engineering Culture:


* https://auth0.engineering/

* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921




Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Gitlab

Backend Developer Security Products


Gitlab


infosec

dev

backend

digital nomad

infosec

dev

backend

digital nomad

5mo

Apply


This position is remote based. This role will focus on security features and security products for GitLab. This role will specifically focus on security.  This role will report to and collaborate directly with the Security Products Engineering Manager.

Responsibilities




* Develop security products from proposal to polished end result.

* Integrating 3rd party security tools into GitLab.

* Complete our internal Advisories Database.

* Manage metadata related to dependencies.

* Key aspects of this role are focused on security products and features.

* The complexity of this role will increase over time.

* If you are willing to stick to working on these features for at least a year, then this role is for you.






Requirements




* Strong Go and/or Ruby developer with security expertise or proven security interest.

* Passion and interest toward security (scanning, dependencies, etc.).

* Experience in using GitLab and GitLab CI.

* This is a fully remote role.




See more jobs at Gitlab

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Vmray

Security Engineer Malwareanalyse Macos


Vmray


macos

infosec

engineer

macos

macos

infosec

engineer

macos

5mo

Apply


SECURITY ENGINEER (M/F)

Malware Analysis macOS

Location:

Bochum, Germany

Remote work:

Partial

Responsibilities:

We are looking for a new Software Engineer focused on macOS. Your main task will be to research, design, and implement effective detection rules based on results from our static and dynamic analysis. You will be responsible for identifying typical malware behavior patterns by analyzing macOS malware and eventually turning your findings into detection rules. You will collaborate with the rest of the development team to provide insights that help improve the efficacy and performance of VMRay Analyzer. The job requires a strong interest in gaining an in-depth understanding of macOS internals, such as official and unofficial APIs, binary file formats, kernel internals, etc. You will have to keep yourself and the team up to date with the current macOS malware landscape.

Requirements:


* Strong interest in macOS internals and malware analysis

* Good knowledge of macOS API

* Proficient with Python programming or at least one similar high-level programming language

* Experience in malware analysis is a plus

* Fluent in English

* On-site employment at our headquarters in Bochum (partial remote work possible)


See more jobs at Vmray

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Carium

Software Engineer Application Security


Carium


infosec

dev

engineer

digital nomad

infosec

dev

engineer

digital nomad

5mo

Apply


Carium is looking for a software engineer to help build and secure the core of our healthcare application including our identity solution.  This position provides the opportunity for you to participate in a variety of disciplines as you help connect individuals to the enterprise systems where the bulk of our healthcare data is stored today.   

Qualities we admire:


* The motivation to deliver products that improve our population’s quality of life

* The ability and drive to work independently and complete projects

* Commitment to building high quality software through extensive use of test automation

* A proactive, communicative individual who is always excited to learn something new




Relevant Experience:


* Deep understanding of mobile and web application security

* Good knowledge of information security best practices

* Exposure to distributed systems architectures

* Solid coding skills in a language such as Python, Go, or Javascript

* Test Automation




Requirements:


* Bachelor's degree in computer science, engineering, math or related field or equivalent experience

* Minimum of 2 years of experience in engineering


See more jobs at Carium

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Carbon Black

Product Security Engineer


Carbon Black


infosec

product manager

engineer

exec

infosec

product manager

engineer

exec

5mo

Apply


Located either in Boulder, CO; Boston, MA; or Remote in USA.



Why Carbon Black?

At Carbon Black, you’ll have the chance to make an impact in the ever-evolving cybersecurity space. Our advanced technology tackles even the toughest challenges and stays ahead of the latest threats. If you want to join an agile company that’s building bleeding edge technology in the cloud, Carbon Black is the place for you. Driven by passionate people who are dedicated to making the world safer, it’s no wonder we’ve been named a “Top Place to Work” by the Boston Globe for four consecutive years. Join us!

Why You Matter:

Our Product Security team will coordinate our security efforts across our product, engineering and operations departments. This is an opportunity to join a security team that is supported by a strong internal security community.  You will help to build an even more secure security product by which we build trust with our customers and deliver superior protection of their endpoints.

As a Product Security Engineer, you will work with the engineering and operations teams to:


* collaborate across the organization to help solve more complex security problems

* evolve our Secure Development Lifecycle

* evolve standards for securing build processes

* evolve third party library management processes

* assist with managing our bug bounty program

* assist in planning for and participating in incident response as required

* collaborate with product teams to address application security questions and issues

* research security vulnerabilities in current architecture and communicate mitigation strategies to impacted teams

* clearly communicate the security plan – including the risks and controls in place for key stakeholders

* communicate with customers on our security posture, both on calls and with the RFP team

* support the rest of the Engineering Security team in continuous improvement of the overall Engineering Security program




What You’ll Bring:


* BS in Computer Science or equivalent work experience

* 3+ years providing security support for SaaS/SaaS-like cloud systems required

* Experience with platforms used to provide security services in SaaS environments for configuration management, authentication, automation and validation

* Understanding of code level scanning tools

* Strong communication skills preferred

* Nice to haves



* Understanding of kernel level applications

* Experience building and automating security testing

* Understanding of compliance frameworks (SOC, NIST, etc)




See more jobs at Carbon Black

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Secucloud

Senior Haskell Software Developer Genius For Network Security Solutions


Secucloud


infosec

dev

haskell

senior

infosec

dev

haskell

senior

5mo

Apply


Senior Software Developer for Network Security and Cloud Infrastructures - to start immediately.

TL;DR: Develop scalable network security products for the mass markt, worldwide!

01 - Your tasks:


* Development of our cloud based network security technologies

* Optimization of our existing solutions

* Documentation and knowledge sharing, e.g. internal code talks




02 - Your skills:


* Programming in Haskell

* Strong experience with/in



* Development of scaleable networks

* Web technologies and networks, especially network security technologies

* Cloud service providers

* Very good English skills verbal and written



* Beneficial: Erlang, JavaScript, Python or C++




03 - Your benefits:


* Full-time permanent position with flexible working hours

* Room for individual initiative and engagement as part of dynamic and international collaborative teams

* Comfortable and enjoyable working environment in city centre

* Flat hierarchies and short decision-making channels

* Competitive salary and tons of corporate benefits i.e. disability insurance for free, beverages, daily fresh smoothies, regularly company events, personal fitness coach, massages and many other Secucloud benefits.




04 - FAQ:

* What do you really do daily?



* Grab you coffee / Smoothie / Tee, etc.

* Update/Synch with Dev team and prioritize tasks

* Challenge yourself by developing features with new technologies

* Challenge your colleagues by reviewing and optimizing their code

* Try to proof your QA mates wrong

* Go home when you've left your fingerprint on the product and be happy to have done a real contribution. Not only providing estimations.



* How to improve your career?



* learn from our network and security expertise

* specialize and do brownbag sessions

* get market observations, break them down technically and come up with innovative products for the new world

* teach and manage younger hackers if you enjoy



See more jobs at Secucloud

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Railroad19

Transmit Security Mobile Integration Engineer


Railroad19


infosec

mobile

engineer

infosec

mobile

engineer

5mo

Apply


Transmit Security Mobile Integration Engineer (remote US)

At Railroad19, we develop customized software solutions and provide software development services. 
We are currently seeking a Transmit Security Mobile Integration Engineer.  The successful Engineer will work with the local Transmit field team (Field Engineer and Sales Executive) to execute against various customer implementation projects. This would include potentially POC, production environments and use cases. In addition to contributing deliverables the role is expected to work as an adviser to help identify, educate, and foster best-in-class solutions.

At Railroad19, you are part of a company that values your work and gives you the tools you need to succeed. We are headquartered in Saratoga Springs, New York, but we are a distributed team of remote developers/engineers across the US. 
This is a full-time role with vacation, full benefits, and 401k.  Railroad19 provides competitive compensation with excellent benefits and a great corporate culture.

The role is remote - U.S. located, with some travel to client.  Full time employment.

(NO- contractors, Corp-to-Corp or 1099).  


Core responsibilities:


* Strong overall mobile development skills. This includes native objective-c, Swift (iOS) and Java (Android) programming languages.

* Strong background in development platforms such as Cordova, Ionic3, Phonegap, MobileFirst/Worklight





* Experience with integrating third party mobile SDKs into both iOS and Android mobile applications

* Good fundamental understanding of best practices and security applied to mobile application development

* Strong background with all aspects of transport as applied to mobile applications (connection handling, push notifications, client-side certificates/SSL, PKI on mobile)




Skills & Experience:


* 5+ years of mobile development experience recommended





* Experience working in an Agile environment




Nice to have but not required:


* Familiarity with continuous integration practices





* Available right away

* Position based in US/remote

* Ability to travel as needed





* BS in CS, EE or equivalent experience required




No Agencies***

See more jobs at Railroad19

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Elastic

Cloud Security Engineer


Elastic


infosec

cloud

engineer

infosec

cloud

engineer

6mo

Apply


At Elastic, we have a simple goal: to solve the world's data problems with products that delight and inspire. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with their data. From stock quotes to real time Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. The Elastic family unites employees across 30+ countries into one team, while the broader community spans across over 100 countries.

Thanks to our ongoing expansion we have the opportunity to grow our Cloud Security Operations team. We're part of the Elastic Cloud team with a development, operations and security background who aren’t afraid to get our hands dirty.

We’re looking for people who are just as passionate about solving issues with distributed systems as they are to automate, code and collaborate to tackle problems with a proven focus on Security. You will be assisting the development and implementation of security controls to mitigate risks and threats but also participating in daily security operational tasks.

Responsibilities


* Build and improve security focused tooling for the Elastic Cloud product and infrastructure

* Architect and maintain a SIEM infrastructure

* Be a part of a Security Incident Response Team

* Work closely with the SRE and Development team as well as third party auditors to ensure a smooth road to security compliance and alignment to regulations (SOC2, GDPR etc)

* Demonstrate and promote Security best practices




Experience (in 2+ areas)


* You performed automated and manual testing against a large codebase. You identify and exploit an SQL injection vulnerability without using sqlmap.

* Kali Linux for PenTest, Burp or OWASP for security testing.

* Ability to exploit XSS in something more meaningful than a PoC alert?

* Deploy perimeter scanners against a large network, with knowledge of Snort, Nessus and Bro.

* Linux Systems / Containers Security: Hardened a VM with SELinux / AppArmor, tweaked cgroups, created Seccomp profiles.

* Profile an application to get the minimum syscall / kernel capabilities gamut required for it to run.

* Experience with SOC2, PCI, and HIPAA.

* Experience working in a Security Operations Center.

* Consistently dealing with security incidents that required quick mitigation and extensive root cause analysis.

* Authentication and Authorization protocols such as OIDC, OAuth and SAML. Deployed large scale LDAP / Kerberos?

* Familiar with security principles for Software Engineering. Can you help developers build security in throughout the Software Development Process?




Key Skills


* Desire to represent work in git, driven by a GitHub workflow through issues and pull requests and rigorous code reviews

* Love open source development, and have contributed to some project somewhere (doesn't have to be ours), whether it's mailing lists, patches, documentation, etc.

* Enjoy working remotely and the communication it requires

* Love a diverse environment,

* Working with men and women all over the world




Additional Information


* Competitive pay and benefits

* Stock options

* Catered lunches, snacks, and beverages in most offices

* An environment in which you can balance great work with a great life

* Passionate people building great products

* Employees with a wide variety of interests

* Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.

* Fully remote, with optional coworking from an Elastic office (Mountain View, Amsterdam, Phoenix, etc.) or in your town

* Lots of opportunities for conference travel, being in the community is encouraged, not just tolerated




Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.

See more jobs at Elastic

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Kalles Group

Security Systems Architect


Kalles Group


infosec

architecture

infosec

architecture

6mo

Apply


Kalles Group is a Seattle Security, Business, and Technology consulting firm on a mission to redefine professional services with the human workplace.  Our subject-matter expert engagement teams are built to succeed.  We align diverse career paths to bear on pressing business and technology challenges.

Kalles Group Business and Technology Consulting is a platform for you to become someone better through your work.


Role Overview

The Security Systems Architectwill be joining a committed, talented team of passionate Kalles Group systems engineers to systematize collection of PCI evidence.  This team will be supporting the Information Security Compliance Group (ISC) collecting evidence for PCI attestation from network, endpoint, and IAM security tools in the enterprise environment.  A secondary goal will be designing solutions to enable automation of the collection of that data from the cardholder data environment (CDE).

Key Activities

In Years 1-2, the Security Systems Architectwill:

- Leverage security auditing and evidence collection tools such as Chef Inspec (Ruby) for gathering data for PCI pre-audit.

- Build automation solutions using Chef Inspec (Ruby), and other scripting solutions (PowerShell, Python, BASH) to support repeatable evidence collection processes.

- Perform API-level work within network, endpoint, and IAM security tool environments to leverage tool-specific capabilities to support evidence collection automation.  Code may be Go, Java, Scala, C#, or other.


Qualifications


* 3+ years of experience in full-stack engineering.

* Possess technical writing and communication skills.

* Show discretion when interacting with customers and vendors, as our planning and decision-making is ongoing.

* Be adept and dealing with ambiguity, thinking on one’s feet.

* Schedule and deliver on tasks in a timely manner.

* Thrive in a fast-paced, small-team atmosphere.




Knowledge of network, endpoint, or IAM security tools, Chef Inspec or other inspection and auditing frameworks, and cursory knowledge of PCI is a plus.

Tools in-scope for data collection within the cardholder data environment include:


* IAM



* CA IDM

* CA SiteMinder

* PKI

* Avatiar

* Oracle Identity OID

* Oracle Virtual Directory OVD

* AD Domain Controller



* Endpoint



* ELK

* McAffee AV

* Gemalto

* Secure File Storage

* Splunk SEC

* FireEye

* FTU (file tokenization utility) / Liaison-Protect

* Symantec MSS



* Network



* Vormetric

* FTU (File Tokenization Utility)

* Tripwire (File Integrity Monitoring)

* McAfee AV

* ELK

* Tokenization (NETS Service)



* Other – Service Now





Location

Seattle


Compensation


If relocating:

140-170k + multiple subsidized options for comprehensive health/dental/vision insurance, paid holidays and paid vacation, and 401(k)


If fly-in 1 week per month, otherwise remote:

120-160k + multiple subsidized options for comprehensive health/dental/vision insurance, paid holidays and paid vacation, and 401(k)


What's Next? 

Apply Today! 1 step application process, no hoops to jump through. 

Kalles Group is an equal opportunity employer. 

See more jobs at Kalles Group

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Godaddy

Advanced Technical Support - Sucuri


Godaddy


infosec

php

linux

customer support

infosec

php

linux

customer support

6mo

Apply

**About GoDaddy**

GoDaddy powers the world's largest cloud platform dedicated to small, independent ventures. With nearly 17 million customers worldwide and over 73 million domain names under management, GoDaddy is the place people come to name their idea, build a professional website, attract customers and manage their work. Our mission is to give our customers the tools, insights and the people to transform their ideas and personal initiative into success. To learn more about the company visit www.GoDaddy.com.

The candidate has the opportunity to work with different technologies and learn different aspects of Information Security.

They will mainly work with website cleanups but the role requires knowledge on Programming (mostly PHP), to understand how pieces of code could be used maliciously, Content Management System (CMS) to understand its structure and how attackers take advantage of that and much more. Every ticket or interaction we have with our clients is not only an opportunity to help their business prosper and succeed but also learn a different skill along the way during the cleanup process.


**Responsibilities**
* Website cleanup and troubleshooting (this role will resolve customer issues through support tickets)
* Code reading to determine if a particular file is malicious or not
- Feeding our system with new findings to improve our automation process
- Troubleshooting customers websites with WordPress, Joomla, Drupal and other CMS software
- Writing regular expressions "regexโ€

**Requirements**
- General understanding of security principles and use good security practices in general
- Linux experience
- CLI and cPanel
- Experience with Apache, Nginx and other web servers
- Experience with WordPress, Joomla, Magento, vBulletin and other CMS software
- Web Malware Experience (decoding, understanding)
- PHP and Shell scripting/automation
- Open source and community participation and contributions a plus


**Tools We Work With**
- Jira
- Bitbucket
- Trello

GoDaddy is an equal opportunity employer.

See more jobs at Godaddy

Visit Godaddy's website

How do you apply?

Click to Apply - https://careers.godaddy.com/job/arizona/advanced-technical-support-incident-response-sucuri/18045/5645557
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


New Context Services

Security Cloud Transformation Project Manager


New Context Services


infosec

exec

cloud

infosec

exec

cloud

6mo

Apply


Summary

As a Security Cloud Transformation Project Manager for New Context, you will be expected to provide technical leadership with a hands-on approach. On a daily basis you will be interfacing with our clients and other New Context team members while working from the New Context office, at client sites, or from your home. This position provides technical Project Management in order to develop and implement security policies for AWS cloud migration.  We are seeking a hands on leader with both Systems Engineering capabilities and a track record of successfully leading security policy initiatives to fruition, preferably within the context of a professional consulting engagement.


Requirements

Seasoned Project Manager


* 10+ Years experience within Software Engineering that has branched into Project Management

* Proven track record of guiding projects to successful completion, facilitating with engineering teams, core business units and other relevant stakeholders to ensure fulfillment of project milestones in a timely manner.

* Experience managing engineering teams, with a solid understanding of technical requirements and the ability to assign responsibilities to appropriate team members.

* Proactive leader who takes actions to remove blockers that may hold back Engineering efforts, in a way that is both effective, yet also respectful of client concerns and processes

* Possess solid organizational skills and ensure that detailed documentation occurs with reference to progress, resources, timeline, and changes to scope of work; communicating with proper documentation issues as they arise to our clients to prevent unnecessary delays in progress.

* Training in Agile Project Management methodology preferred




Security Expertise in the Cloud


* Experience architecting security policies within large scale enterprise environments

* Knowledgeable in compliance standards for AWS, Chef Compliance within AWS additionally

* Knowledgeable in topics such as: firewalls, scanners, OSSEC, Encryption, ID Federation

* Strong understanding of OWASP Top 10 and CWE/Sans Top 25

* Security credentials such as CISSP, CISA, CISM, GSEC etc. preferred




Excellent communication skills


* Experience working with external clients and customers

* Translate complex concepts to business customers

* Provide regular updates to relevant stakeholders on project performance

* Coordinate and enhance communication across teams

* Professional consulting experience is strongly preferred




Hands On Engineering Expertise


* In depth knowledge of Amazon Web Services cloud platform with specific knowledge of security policies for data migration.  Knowledge in other public cloud platform security policies (such as Azure or Google Cloud) is preferred but not essential.

* Competent programmer, ideally with fluency in languages like Ruby, Python, Golang etc.

* Hands on cloud automation experience with Configuration Management tools like Chef, Puppet, Ansible, Salt etc.

* Knowledgeable in Containerization Ecosystem with hands on usage of Docker and orchestration tools like Kubernetes, Docker Swarm, Mesosphere etc.

* Understands the importance of Test Driven Development in practice


See more jobs at New Context Services

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Jack Henry & Associates .ย

Application Security Engineer


Jack Henry & Associates .ย


infosec

engineer

infosec

engineer

6mo

Apply


Jack Henry & Associates is seeking an Application Security Engineer to join the Chief Information Security Officer ‘s Enterprise Information Security Group. This position is part of a small team of experienced security analysts that works with all internal development teams to assess application security threats across the organization. Must possess strong communication and interpersonal skills. This position will be responsible for testing and analyzing applications for security weaknesses and vulnerabilities. This position will be hired to work Remote and travel is up to 5% to attend meetings, conferences and or additional training.

The Application Security Engineer should possess basic knowledge of application security, including security concepts and secure coding principles such as the OWASP Top 10 and the Center for Internet Security (CIS) Top 20.  Applicant should be familiar with security/penetration testing concepts and be familiar with common testing tools like web proxies such as Rapid7 AppSpider, and or Burpsuite Pro.

Applicant should have familiarity with programming in at least one of the following languages: .NET (ASP, C#), JavaScript, HTML, and be able to read and understand basic code and programming concepts, as well as concepts related to how software is commonly deployed (ex, common web application architectures). Familiarity with SDLC, threat modeling, and other aspects of software security and architectural analysis is a plus.  If you are interested in this position please apply on or before March 19, 2018.

MINIMUM QUALIFICATIONS


* Must have a minimum of 18 months of experience in information security or web application development.

* Must have experience with application security testing tools such as:  IBM AppScan, HP Webinspect, Accunetix, Rapid7 AppSpider, and or Burpsuite Pro.

* Must have experience with OWASP tools and or methodologies in HTTP and web programming.




PREFERRED SKILLS


* Bachelor’s degree in Information Technology is preferred.

* Security certifications (e.g., CISSP, CEH, GWEB) preferred.

* Experience with web development technologies such as HTML, CSS, and JavaScript is preferred.

* Experience with web service technologies such as REST, XML, SOAP, and AJAX is preferred.

* Knowledge of common security requirements within web based applications is preferred.




ESSENTIAL FUNCTIONS


* Perform application security assessment and penetration testing.

* Perform manual and/or automated security reviews across a variety of application platforms.

* Follows up on application security assessment with development teams.

* Participates as needed in documenting software security standards, guidelines, policies and procedures.

* Acts as a resource on assigned projects.




Equal Employment Opportunity

Applicants for U.S. based positions with Jack Henry & Associates must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.

Jack Henry & Associates, Inc. is an Equal Employment Opportunity/Affirmative Action Employer and maintains a Drug-Free Workplace.

Females, minorities, veterans, and individuals with disabilities are encouraged to apply.

See more jobs at Jack Henry & Associates .ย

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Swarm Technologies

Blockchain Security Engineer


Swarm Technologies


infosec

engineer

infosec

engineer

6mo

Apply


** Blockchain experience not required! ** 

We're operating in a very new industry and we're prepared to bring candidates up to speed! Few sectors are hot as blockchain right now - talk about professional growth :)

Join the Swarm

We're developing innovative solutions to age-old information security problems - and we need your help.

At it's core, PolySwarm is market design enabled by smart contracts. We're (literally) programming a market that will produce crowdsourced threat intelligence (malware detection today, more tomorrow). 

No one has done this before. We'll get things wrong - that's okay! With your help, we'll get fewer things wrong, identify mistakes earlier and improve processes to prevent future missteps.

You're in on the ground floor - you'll have a say in what we do and how we do it. By joining Swarm Technologies, you'll be joining a dynamic team on the bleeding edge of information (computer) security and blockchain - answering questions few have thought to ask.

If you're interested in any of:

* information security

* blockchain (Ethereum smart contracts in particular)

* malware reverse engineering

* market design (a la Who Gets What and Why by Alvin Roth)

* technical challenges that cannot be solved via iteration

* unknown unknowns



... then we're interested in you.

The Ideal Candidate Is...

* independently motivated & self-directing

* introspective: able to identify weak spots / problem areas our existing processes or code and suggest / implement solutions

* interested in information security topics outside of work - huge props for capture the flag (CTF) participation!



Example Big-Picture Problem

The Ethereum block time leaves a lot to be desired for a marketplace that intends to supplant millions of malware scans a day.

How do we best reconcile millions of scans daily with a 15 second block time and today's block size limits?

Example Tactical Problem

The rust-web3 bindings don't support WebSockets. WebSocket support is necessary for subscribing to "push" notifications of Ethereum events: https://github.com/tomusdrw/rust-web3/pull/101

At Swarm Technologies, you'll tackle both big-picture and tactical problems :)

We Offer


* Competitive salaries

* Excellent health, dental, vision coverage

* Unlimited* paid vacation days

* Travel (if you like). We have offices in San Diego, Puerto Rico and Tokyo and we often find ourselves travelling elsewhere. If travel interests you, we can scratch that itch.

* Flexible work hours - outside of scheduled meetings, we don't care *when* you work, we care about your output.

* Powerful servers, laptops, desktops - whatever you need to be most productive!




*Within reason! We avoid arbitrary numbers for vacation allotments. Take what you need, don't abuse it. As a start-up, we may ask that you avoid vacation for crunch times.

See more jobs at Swarm Technologies

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Full Stack Reactjs Java Developer


Contrast Security


react

full stack

dev

javascript

react

full stack

dev

javascript

7mo

Apply


Most job descriptions fail to give you a really good sense of what it's like to work for a growing startup and a high-performing team. We've put together some notes here which will tell you and show you a little bit about our experience. Our goal with this job description is to share more and more about the Contrast experience. 

Our engineering team has a strong spirit of entrepreneurship. Every member of the team has joined us over our short 3+ year history because he/she wants to be part of a high-performing team and go through the startup experience. We look for candidates that share similar goals and beliefs about the work and the team they want to be a part of.

We are a growing group of engineers, designers and product specialists. This particular team has 8 developers and 2 UX/Designers. Anyone who applies for this position is specifically looking for an opportunity to be able to:


* Work hand-in-hand with our Product Managers, UX/Designers and Customers on each feature and improvement.

* Own the technical design, implementation and quality engineering of our full stack application and Lambda services.

* Participate in constant collaboration with teammates in the form of pair programming, group code reviews and pull requests prior to commit.

* Deploys: our engineers deploy multiple times a day to our AWS infrastructure.

* On-call rotation: every member of the team, including the VP of Engineering participates in the on-call rotation.

* Technical support: Our engineers don't just release code in the wild. When our customer have issues, we have to jump in and give them help.




Skills & Requirements


* You are a Java expert with a strong understanding of Spring, MySQL, Linux, Apache ActiveMQ and are comfortable working with Cassandra, Redis and ElasticSearch.

* You have extensive HTML5, CSS3 (Less), and JavaScript Framework (ReactJS) experience

* Experience with TypeScript, GraphQL, 

* Have an eye for quality and have an interest in using tools/frameworks like Enzyme, Prettier, ReactTestRenderer, Jest, JUnit, StoryBook, etc...

* Interest to work with newer technologies such Apache Kafka and AWS Lambda 

* Interest and experience working with Docker and Kubernetes as well as Vagrant and Ansible

* AWS Services: S3, EC2, CloudFront, Lambda

* You approach problems from a product perspective, thinking through how the user will interact with what you're building.

* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.

* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.

* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally. 


See more jobs at Contrast Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Intersection of Information Security Cryptocurrency

DevOps Engineer


Intersection of Information Security Cryptocurrency


devops

engineer

infosec

devops

devops

engineer

infosec

devops

7mo

Apply

Full Time: DevOps engineer at intersection of information security and cryptocurrency at Chorus One in Remote

See more jobs at Intersection of Information Security Cryptocurrency

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Intersection of Information Security and Cryptocurrency

DevOps Engineer Chorus One


Intersection of Information Security and Cryptocurrency


devops

engineer

infosec

devops

devops

engineer

infosec

devops

7mo

Apply


Chorus One builds and operates infrastructure for emerging cryptocurrency and blockchain networks. Our products will help token holders make returns and shape the evolution of decentralized networks.

The first product is a validator for the Proof-of-Stake Cosmos network. In the medium term, we will be operate nodes and running infrastructure on various other cryptocurrency networks.

We are hiring a DevOps engineer to implement and maintain production infrastructure.. This position is a unique opportunity to work with a very experienced team on cutting-edge blockchain networks and information security.

Responsibilities:


* Design, implement and maintain production systems for cryptocurrency validators. Systems are expected to incorporate signing servers, test networks, validating servers, relaying nodes, key security solutions, monitoring tools and administration tools.

* Implement security policies to ensure that production systems are hardened against external attack.

* Develop a continuous integration and testing pipeline to automatically test and upgrade code bases powering test networks and production validators.

* Setup and operate a Kubernetes and/or Docker Swarm cluster on production and test networks.

* Harden Linux hosts via HIDS policies (e.g., apparmor, SELinux).




The ideal candidate:


* Is able to work independently

* Has prior work experience in a medium sized company or as a DevOps lead in a startup

* Knowledge of AWS, continuous integration and automated deployment

* Good knowledge of security as it relates to cloud based infrastructure

* Experience using automated monitoring tools

* Experience scaling containers both horizontally and vertically.

* Experience working with firewalls, intrusion prevention and intrusion detection systems

* Bachelor’s or advanced degree in computer science is a plus,but not strictly needed.




We offer:


* Competitive salary + equity.

* 5 weeks annual leave.

* Full-time position.

* Location: Remote, Los Angeles or Berlin.

* Work on cool technology and interesting problems at the intersection of finance, cryptocurrency, information security and blockchain networks.


See more jobs at Intersection of Information Security and Cryptocurrency

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Semanticbits

Security Engineer


Semanticbits


infosec

engineer

infosec

engineer

7mo

Apply


SemanticBits is looking for a Security Engineer to keep our business, users and data safe by assuring the security of our applications and platforms. This will be a highly collaborative position, in which the right candidate works to secure existing applications and platforms, makes platform and security enhancements and helps to scale our security program through automation, process improvement and tool creation.


The selected candidate will be required to work on multiple products and must be able to develop and present secure solutions and advice to technical teams as well as leadership. The candidate will further be required to assess risks and advise on security standards, best practices and solutions. All this must be done by maintaining security quality and customer satisfaction


Responsibilities:


* Collaborating with various teams to secure new platforms/applications

* Implementing platform security and framework improvements

* Implementing analysis and monitoring tools

* Working with engineering and QA teams to build tools and scale security in a continuous deployment environment

* Assessing the security of applications, APIs and platforms via penetration testing and code reviews




Requirements

Strong knowledge to perform below tests


* Penetration testing


* Static Analysis/Static Application Security Testing

* Vulnerability Assessment/Scanning

* Dynamic Analysis/Dynamic Application Security Test (DAST)





*


* Malicious Software Analysis





* Strong foundation in one or more of the following:


* Data management security

* Authentication

* Applied cryptography

* Linux security

* Network & Cloud security





* Strong engineering background preferred

* Application architecture experience preferred

* Advanced knowledge of Linux platforms

* Advanced knowledge of application mobile security tools

* Strong technical acumen securing software and hardware

* Understanding of software development and working experience with any one of the higher level programming languages or scripting

* A Bachelor's degree or higher in Computer Science, Electrical Engineering, Information Assurance, Network Security Computer Engineering or related field, or equivalent experience

* Familiarity and experience with security technologies such as security engineering, security architecture, cryptography, data security, risk management, identity and access management, communication and network security, security assessment and testing, software development security, security operations

* Familiarity and experience with popular open source security projects such as jptables and Snort

* Thorough understanding of issues documents in the OWASP Top Ten and CWE Top 25

* Demonstrated ability to exploit and mitigate application-level vulnerabilities

* Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation

* Experience using Linux/Unix at the command line for tasks related to web application development and deployment (DevOps)




Benefits


* Generous base salary

* Three weeks of PTO

* Excellent health benefits program (Medical, dental and vision)

* Education and conference reimbursement

* 401k retirement plan. We contribute 3% of base salary irrespective of employee's contribution

* 100% paid short-term and long-term disability

* 100% paid life insurance

* FSA

* Casual working environment

* Flexible working hours


See more jobs at Semanticbits

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Aeolus Robotics

DevOps Sysops Security Engineer Admin Lead


Aeolus Robotics


infosec

devops

admin

exec

infosec

devops

admin

exec

7mo

Apply


Job Responsibilities

Lead and/or collaborate in the design, development, and testing of our infrastructure, in one or more of these areas:

- Day-to-day cofiguration, maintenance and administration
- Planning, team management, tools evaluation, employee support
- Deploying environments, support continuous integration tools
- Develops product security requirements, participates in security design and audit
- ... and more ...

About you

You are looking for the place to stretch yourself, able to work within a senior, highly performant product team, and aren't afraid of a challenge.  You are a self-starter with the motivation and skills needed to effectively operate on your own time in your own way while being responsive to the needs of your team mates and the team as a whole. You are innvoative as are our products and you wish you have impact on the world as our products will have.

You love working on the systems and make things work efficiently and safe. You are effective at quickly understanding and operating on various platforms making other workers' lifes easier.  You are comfortable working alongside experts in these areas, or are an expert yourself. You have a proven track record of delivering ideas into working prototypes at high velocity.  You have commercial/agile development teaming experience. You've architected some serious systems and may have even been a team lead.

Skill Set / Experience

We welcome people with passion on security and integration. Keen on new technologies, especially robots! Among our whole bunch of positions (see a list here: http://aeolusbot.com/careers/) there may be one for you which reflects your dreams of perfect job so make sure you check every single one of them!

Flexible Hours & 100% Remote Work

You can work in one of our offices (South San Francisco, Taipei, Vienna or Wroclaw), but some of these roles permit 100% remote cooperation.

You will work in a scrum-based agile development cycle. You will be working alongside founders, researchers, and engineers to design and build first-generation robotic solutions for mass consumer adoption.

Whether you prefer contract work or a permanent position, we can accommodate you.

See more jobs at Aeolus Robotics

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Application Security Engineer


Wikimedia Foundation


infosec

engineer

infosec

engineer

7mo

Apply


Location: San Francisco, CA or Remote

Summary

The Wikimedia Foundation is looking for an Application Security Engineer to join the Security team working to help protect Wikipedia and our other projects. You'll be working with other developers and security engineers to create new security features, review the security of other people's code, and help find and fix security bugs before they're exploited.

YOU ARE ...a smart security practitioner with experience building and auditing security features in large scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You must have a passion for the WMF mission. We do (almost) everything publicly, and volunteers can add arbitrary JavaScript to our site. That should both frighten and thrill you.

You will be joining a team responsible for ensuring the security and integrity of applications written in PHP, Python, Ruby, Lua, Perl, JavaScript (Node.js) among others, using both relational and key-value data storage mechanisms. (Don't worry, you don't need to have had experience with all of those technologies.)

As an Application Security Engineer, we’d like you to do these things:


* Triage and remediate reported security issues

* Work with Security team members to build and maintain security features

* Review and deploy features developed by the Foundation and community members

* Work with other development teams to ensure that they make safe architectural and implementation choices

* Constantly poke and abuse our software to find bugs before attackers do




We’d like you to have these skills:

The right person is better than the right set of experiences, these are the traits we’ve identified make great additions to our team so far.


* Two or more years of application security experience, including thorough understanding of issues documented in the OWASP Top Ten and CWE Top 25

* Strong understanding of modern, object-oriented PHP development

* Demonstrated ability to exploit and mitigate application-level vulnerabilities

* Experience conducting software security reviews using a combination of source code inspection, manual testing, and automated scanning

* Patience in explaining security issues and their implications on privacy to non-technical audiences

* Sensitivity to the security challenges faced by participants in a large, international project

* Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation

* Strong knowledge of the use of a scripting language for system administration and automation

* Experience using Linux/Unix at the command line for tasks related to web application development and deployment ("DevOps")

* Ability to maintain focus when working remotely




And it would be even more awesome if you have this:

In addition to the basic skills needed for being successful these skills could set you apart from the pack!


* Experience as a contributor in the Wikipedia or Wikimedia project communities

* Experience contributing to a consensus-based open source project

* Experience developing, maintaining, or administering authentication systems

* In-depth experience developing or auditing client-side JavaScript

* Experience with both relational and NoSQL/key-value data storage mechanisms




About the Wikimedia Foundation
The Wikimedia Foundation is the non-profit organization that supports and hosts Wikipedia and several other Wikimedia free knowledge sites. Every month, the Wikimedia sites are accessed by more than a billion unique devices. Wikipedia consists of more than 40 million articles across hundreds of languages. Every month, more than 250,000 volunteer editors contribute to Wikipedia. Based in San Francisco, California, the Wikimedia Foundation is an audited, 501(c)(3) non-profit that is funded primarily through donations and grants. It currently employs over 300 staff members.


At the Foundation, we build technology to help people everywhere access Wikipedia, across devices and in nearly 300 languages. We engineer privacy for our readers and editors so they can safely and securely explore Wikipedia. We create programs and initiatives to make Wikipedia freely available to more people in more parts of the world. We build new tools for the community of editors so they can continue to improve and grow Wikipedia. Roughly a quarter of our budget goes to supporting the community that make the site possible, including through grantmaking programs that enable volunteers and enrich the information on the sites.


The Wikimedia Foundation is an equal opportunity employer, and we encourage people with a diverse range of backgrounds to apply.


Benefits & Perks * 



* Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!)

* The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more

* The 401(k) retirement plan offers matched contributions at 4% of annual salary

* Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.

* Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.

* For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program

* Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses

* Telecommuting and flexible work schedules available

* Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax

* Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people




* for benefits eligible staff, benefits may vary by location

More Information

https://wikimediafoundation.org

https://blog.wikimedia.org

See more jobs at Wikimedia Foundation

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

Software Engineer Nodejs


Contrast Security


dev

javascript

node js

engineer

dev

javascript

node js

engineer

7mo

Apply


About the Position

Contrast is looking for a talented engineer to join our team developing instrumentation agents for NodeJS, specifically supporting ExpressJS, Sails, Koa and HapiJS. You would be joining the larger “agents organization”, which includes engineers working in Ruby, Java, PHP, Perl, GoLang, .NET, and Python.

Writing instrumentation agents is a responsibility we take very seriously at Contrast. Our customers trust us enough to run our agents directly in their applications. We're looking for an engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence.

An ideal candidate has advanced experience with server side JavaScript (NodeJS). He or she likely has professional C experience, including some experience contributing to open source frameworks and/or libraries, this could be a great opportunity for you to deepen your understanding of NodeJS' unique characteristics. You like to reverse engineer code, making it better with each iteration.

Please include a link to your Github or BitBucket account, as well as any links to some of your projects if available.

More About You


* Love all things String related...specifically String Literals and String Objects

* Build, ship, curate, and iterate on Contrast Security agent features.

* Work with design, product, and support teams to build features.

* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.

* Be a team player. You love to work with others to find the right solutions.

* You must love to code and have a strong passion for making software more secure.

* You’re a true scientist and think about algorithms and regular expressions while you sleep.

* You’re a NodeJS expert with a strong understanding of JavaScript, C, Linux (Ubuntu) and Apache.

* Experience writing NodeJS services using ExpressJS, Koa, Sails, Meteor, DerbyJS and/or Hapi

* Experience with popular NodeJS ORM frameworks like Sequalize.

* Experience building NodeJS packaging via NPM.

* You have experience or desire to learn Lua.

* Have a deep understanding of NodeJS dependencies and sub-dependencies.

* You approach problems from a product perspective, thinking through how the user will interact with what you're building.

* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.

* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.

* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally. 


See more jobs at Contrast Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Stack Overflow

verified

Director Of Information Security


Stack Overflow


infosec

exec

infosec

exec

7mo

Apply


At Stack Overflow, our mission is to serve developers. Whether we’re helping developers get answers to their questions or find new jobs, we build products that make millions of developers’ lives better every day. Our newest product, Stack Overflow for Teams, allows teams to ask and answer questions on Stack Overflow in a private space. This puts security at the center of our company strategy.

As our first Director of Information Security, your job is to design, implement, and monitor a security program that keeps our customers’ information safe. You’ll work directly with the CTO to evaluate risk and make decisions that will drive the business forward. You’ll build relationships across the company and work collaboratively, combining your security expertise with our experienced teams to rapidly roll out new security mechanisms and controls. And you’ll interface with our clients, to give them absolute confidence that their data is safe with us.

What you’ll do:


* Design, implement and manage our overall information security program

* Collaborate with devs and site reliability engineers to identify threats and design technical controls

* Create and run security training programs for a variety of teams across the organization

* Maintain documentation of security controls and respond to inquiries from clients, regulators (including on GDPR), and other third-parties

* Work towards a goal of SOC 2 type II certification




What we're looking for:


* 5+ years of hands-on experience in information security

* 3+ years in a leadership role within information security, with a demonstrated ability to break down large problems and get things done

* Knowledgeable on a broad range of threats and security topics including secure software development practices, networking, encryption, cloud security, etc.

* Experience working in a technology company with fast-moving software development teams

* Experience implementing security compliance frameworks and processes such as ISO 27001/2, NIST, and SOC II

* Ability to work cross-team and communicate effectively with people from a variety of different backgrounds and different levels of security awareness

* Certifications (preferred): CISSP, CISM, CISA or CRISC




What you’ll get in return:


* Ability to work remotely, with flexible hours

* 20 days paid vacation + holidays

* Completely free health insurance - no copay, no premiums (US residents)

* Generous parental leave (10-16 weeks at 100% pay), family care leave, and unlimited sick days

* Employees will never be poked with a sharp stick




If you want to work remote…. We’ll help you set up a great home office, with an ergonomic chair, standing desk, and any other equipment you need to do your job.

If you want to work in our office… You’ll get your own private office in our headquarters in New York City, and enjoy additional benefits like free lunch every day prepared by our own in-house chefs, transportation reimbursement, and all the espresso you can drink.

See more jobs at Stack Overflow

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Zapier

Security Infrastructure Engineer


Zapier


infosec

engineer

infosec

engineer

7mo

Apply


Hi there!

We're looking for someone to join our Engineering team at Zapier as a Security Infrastructure Engineer. Are you interested in helping build and secure a powerful automation tool? Then read on…


We know applying for and taking on a new a job at any company requires a leap of faith. We want you to feel comfortable and excited to apply at Zapier. To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier. We hope you'll take the leap of faith and apply.


* Our Commitment to Applicants

* Culture and Values at Zapier

* Zapier Guide to Remote Work

* Zapier Code of Conduct

* Diversity and Inclusivity at Zapier




Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.


Even though our job description may seem like we're looking for a specific candidate, the role inevitably ends up tailored to the person who applies and joins. Regardless of how well you feel you fit our description, we encourage you to apply if you meet these criteria:

You care deeply about building secure products in secure ways that simplify the lives of millions of people through automation.

About You

You have web application and infrastructure security experience. Keeping the core Zapier web application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and managing infrastructure under a similar model is a big plus.

You love writing software and building infrastructure. Most of what you’ll do each day is guiding, building and maintaining Zapier's infrastructure and product. You'll focus on high value, high risk portions of Zapier. You'll use code to automate and improve the more mundane parts of auditing and monitoring of internal processes, as well as in the product.

You have worked with teams before on large Python, AWS, & Kubernetes projects. You’re also familiar with frameworks for several languages like Django/Flask or React/Backbone.js. You've also worked extensively in cloud providers like AWS, GCE, or Azure as well as container automation frameworks like Kubernetes.

You love doing things efficiently. At Zapier, the work you do will have a disproportionate impact on the business. We believe in systems and processes that let us scale our impact to be larger than ourselves. You'll be in a unique position to find and eliminate "insecure and painful" experiences and replace them with "secure and joyful" experiences.

You love learning. Engineering is an ever-evolving world. You enjoy playing with new tech and exploring areas that you might not have experience with yet.

You love to set your own direction. At Zapier, we have one team meeting each week and one-on-one meetings every month. Between those we chat in Slack and then go make things happen.

You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.




Things You Might Do

Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:


* Write some Python!

* Build and maintain tooling to log, monitor and audit our infrastructure. You'll do this via AWS SDKs, k8s APIs, or directly.

* Periodically embed with product teams with to help with security sensitive projects.

* Migrate tooling to SSO/SAML providers to reduce password risk and improve UX.

* Build internal tooling to ensure safe data access patterns for Zapier employees.

* Review code across Zapier's product and infrastructure.

* Locating weak points across Zapier and strengthening them.

* Ship code to millions of users every week.

* As part of our All Hands Support initiative, help customers have the best experience with Zapier as possible.




How to Apply 


This is a security focused role. If this isn't a good fit for you, we do have an Infrastructure Engineer (Western Hemisphere) that you can apply to instead.


We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate. Please make sure to answer each question.

Complete this form with answers to the below questions. Make sure each answer stands alone as we review question-by-question instead of applicant-by-applicant.

* Tell us why you’d be a good fit for the role. Please reference any particular parts of the "About You" and "Things You Might Do" sections that fit you and why.

* Tell us about the most difficult API/library/software bug you've squashed. We love troubleshooting stories!

* Tell us about an engineering solution you've built that you're particularly proud of. Don't skimp on the technical details!

* Tell us about the largest deployment you've worked on. What was your role and what did the team look like?

* Tell us about your favorite technology to work with and why.

* Share some code (preferably Python) that you’ve written. You can include a link to a GitHub, GitLab, or other public code repository. Or provide us with a 500+ Line of Code (LOC) sample via Dropbox, gist, or other link to help us get a feeling for how you write code.

* How might you gradually introduce auditing and permissions into many disparate SaaS services and custom applications?

* What steps can you take to ensure that an average application (that might utilize AWS secret keys, database credentials, makes internal and external API calls, etc.) would have minimal negative impact on a server or the internal network if it were compromised?

* Optional: Share anonymously some demographic information about yourself to help us better track trends related to the backgrounds of candidates interested in working at Zapier in order for us to build a team that represents the users at Zapier and the broader world population.



Finally, wait for us to reply! You are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.

See more jobs at Zapier

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Application Security


Auth0


infosec

infosec

7mo

Apply


Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

We are looking for an Application Security Engineer to join us in keeping Auth0 and our customers data safe. Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.

Our App Sec Engineers work closely with our our product teams - reviewing apps and building tools to make their work as frictionless and secure as possible.

Responsibilities


* Conduct web application security testing

* Triage vulnerabilities and communicate the impact to our engineers

* Support our Engineers through our Secure Software Development Lifecycle - with guidance and tooling

* Build security controls and instrumentation around and in our code

* Automate security testing

* Threat modeling of new and existing features

* Educate and influence our engineering teams




Requirements


* Experience working as an Application Security Engineer or a developer of a security product

* Experience with application test methodologies and tooling

* Experience with at least one programming language

* Understanding of common vulnerabilities in web and mobile applications (OWASP Top 10)

* Excellent communication skills




Extra points


* Experience with popular threat modeling systems

* Experience with static analysis

* Experience with fuzzing applications and protocols

* Experience with authentication protocols (e.g. SAML, OAuth etc)




Examples of our Engineering Culture


* https://auth0.engineering/

* https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

* https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921


See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Invisionapp

Senior Security Software Engineer


Invisionapp


infosec

dev

senior

engineer

infosec

dev

senior

engineer

7mo

Apply


InVision is the Digital Product Design platform used to make the world’s best customer experiences. We provide design tools and educational resources for teams to navigate  every stage of the product design process, from ideation to development.

Today, more than 3.5 million people use InVision to create a repeatable and streamlined design workflow; rapidly design and prototype products before writing code, and collaborate across their entire organization. That includes more than 80 percent of the Fortune 100, and organizations like Airbnb, Amazon, HBO, Netflix, Slack, Starbucks and Uber, who are now able to design better products, faster.

InVision is a fully distributed company with employees in 25 countries around the world. The company has raised more than $235 million in funding from leading investors including Accel, ICONIQ, FirstMark, Tiger Global, Battery Ventures, and Spark Capital. Visit us at InVisionApp.com andInVisionApp.com/blog.

Our development flow is designed and built for maximum speed and velocity.As such, we have an engineering security team heavily focused on identifying and remediating application vulnerabilities.You will be part of a team that has an opportunity to work across a wide range of products and services, working with and communicating across all teams in technology and responding to internal and external stakeholders.You will have an opportunity to identify security enhancement and cutting edge features that are attractive and desirable to our customer base.

You will contribute to an environment that enables you to do your best engineering work, and you’ll do it with new web standards and frameworks like ES6, React, MongoDB, NodeJS, Go, and Docker. We empower engineers by being laser focused on maximum developer velocity through automation of tests, builds, deploys and tight customer feedback loop to continuously improve the product.

Building and shipping something this amazing and owning it from prototypes and specifications to release requires constant collaboration with the brightest people in the organization. Whether you’re at a beach house in Hawaii or a coffee shop on the East Coast, you’ll have the support of brilliant developers at your fingertips to get you through and keep the workday challenging and fun.
As Part of The Team:


* Secure our code.  Identify emergent vulnerabilities in our application source code.  

* Bake security into our product.  Work with InVision engineers to evolve, design, implement security measures.

* Help us be compliant.  Design and implement strategies and solution to maintain industry compliance requirements.

* Be a security advocate.  Every day offers a variety of work, exciting new challenges, opportunities to contribute new ideas (your voice will be heard and valued), and the ability to share your knowledge across the engineering organization. 

* Evolve security.   Help evolve InVision’s vulnerability remediation process and response efforts. 

* Build security stuff.  Work with product and engineering teams to build new application security features.  Interface with other Product Engineering teams and Platform Service teams to take advantage of and incorporate their services and tools into your product.




What You’ll Need to Join Us:


* Proficiency in NodeJS and Golang.  

* Advance working knowledge of application vulnerabilities. OWASP top 10 is a good place to start but understanding that there are over 600 distinctly different types of coding vulnerabilities.

* Ability to debug full-stack problems; debug a web application problem single-handedly all the way from the browser, through transport, to the application servers/databases. Not afraid of logs and core dumps.

* Use of continuous integration and delivery technologies at an expert level and ability to teach others best practices.

* Experience designing and building high volume, scalable SaaS applications from end to end.

* Curiosity to iterate and improve on solutions; you view unknowns as challenges and enjoy them.

* Motivation to understand the business and our users, their requirements, and deliver results.

* Passion for continued learning and achieving personal goals through developer community involvement and contributions.




Also Good To Have:


* Multi-lingual is your language.  You can spot vulnerabilities in code for various language (React, Java, Kotlin, Swift)

* You know mobile.  Be it iOS or Android you understand mobile development, security, testingstrategy, and interfaces.  Mobile experience is a strong, strong PLUS!!






Benefits

InVision offers an incredibly unique work environment. The company employs a diverse team all over the world. In the United States we have team members throughout 40+ states including New York, San Francisco, Austin, Portland, and Boston. Each InVision team member is given the freedom and tools to do their best work from wherever they choose. The benefits we offer in the United States include competitive health plans and a 401k plan.

Some InVision-wide benefits offered to all employees across the globe include a flexible vacation policy, monthly coffee shop stipends, annual allowances for books related to your profession, and home office setup & wellness reimbursements. InVision is an international employer so some benefit offerings will vary from country to country.  Please ask our recruiting team about the benefits and perks package available in your country.

InVision is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.

See more jobs at Invisionapp

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Proemion

Security Engineer


Proemion


infosec

engineer

infosec

engineer

7mo

Apply


We give our customers the technology they need to globally transmit and analyze CAN-based telemetry data of mobile industrial machinery and therefore boost their efficiency. Some of the world's most respected OEMs rely on Proemion and thousands of off-road vehicles use our solution daily.

Proemion is at the forefront of the IoT/Telematics revolution and is looking for a Security Engineer (f/m). We offer the position on-site in Fulda, Germany (relocation support offered) at the earliest possible date. We also offer the position as a full-time remote position.

Your Role


* comprehensively assess system properties from a security point of view

* guide technical, architectural and design decisions to ensure they will not weaken the overall system security or leave us prone to inadequate risks

* identify and document application level vulnerabilities and ensure risks are being addressed

* communicate identified vulnerabilities and develop mitigation strategies

* recommend deployment strategies and parameters

* recommend and facilitate security training for our staff

* proactively identify opportunities for improvements in application security

* conduct security testing and penetration tests.




Your Skills


* Computer Science degree or equivalent qualification

* several years of relevant work experience in security architecture and engineering

* experience in application software planning, development and integration

* experience in identifying, evaluating and managing risk in a complex and changing environment

* intimate familiarity with existing security protocols

* deep understanding of the operational implications of security hardening

* experience with networking (IP Routing, DNS, reverse Proxying)

* ability to grasp new concepts quickly, self-starting, self-managing

* you value reliability and advancement of team


See more jobs at Proemion

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Numbrs

Security Engineer


Numbrs


infosec

engineer

infosec

engineer

8mo

Apply


Responsibilities include but are not limited to reviewing designs, code, performing in-depth security assessments of mobile apps, distributed backend systems and internal IT infrastructure; developing custom security tools; documenting the infrastructure, policies, and procedures. Applicants are also expected to participate in after-hours work.

All candidates will have


* a Bachelor's or higher degree in technical field of study

* a minimum of two years security work experience

* experience with performing application code reviews, design reviews and penetration testing

* experience in penetration testing web-based apps, mobile apps and back-end infrastructure

* experience implementing modern cryptosystems

* excellent knowledge with at least one modern programming language, such as Go, Java, C++, Python and Scala

* excellent troubleshooting and creative problem-solving abilities

* excellent written and oral communication and interpersonal skills




Ideally, candidates will also have


* experience with systems for automating deployment, scaling, and management of containerised applications, such as Kubernetes or Mesos

* experience working with large scale distributed systems




Location: Remote or Zurich, Switzerland

See more jobs at Numbrs

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Contrast Security

.net Engineer


Contrast Security


engineer

infosec

engineer

infosec

8mo

Apply

At Contrast, our goal is the make the Internet safer day by day. We are always interested in meeting talented and creative technologists who share this goal. We’ve built some amazing technology thus far and are shaking up the way the world looks at application security. We know that our products can get better with new voices and ideas.

Contrast is looking for a talented .NET application developer to join our team, engineering a world-class instrumentation agent for analyzing the security of Microsoft web applications. An ideal candidate is proficient in ASP.NET, C#, and C++. Ideally, we would love for you to have an interest or experience in Azure, as well as experience or curiosity with .NET Core.

Key Responsibilities


* Build many variations of simple to complex web applications using ASP.NET and .NET Core for our instrumentation agent to analyze to detect security vulnerabilities at run-time.

* Contribute to the development of our instrumentation agent written in C# and C++.

* Support traditional ASP.NET apps and more modern .NET Core apps on Windows/Linux.

* Perform forensic investigations when the agent negatively impacts the performance of functionality of instrumented web applications.

* Own your work. Whether a nasty bug or an awesome feature, you put your name on every line of code.

* Be a team player. You love to work with others to find the right solutions.




About You


* You love to code.

* You can join us in our office in Baltimore’s historic Natty Boh Tower overlooking the Baltimore Harbor.

* Experience with at least one ASP.NET Framework (WebForms, MVC, WCF, Web API) or .NET Core web applications.

* Experience with C# and C++.

* Comfortable working with Visual Studio Team Services for continuous integration.

* Strong understanding of Microsoft IIS for configuration and deployment purposes.

* Knowledge of the .NET development ecosystem.  Experience with popular .NET libraries such as Entity Framework, Dapper and Unity.

* Experience deploying web applications to Azure services such as Azure VMs, Azure Web Apps, Service Fabric, Azure Table Storage (NoSQL), SQL Server and Azure Networking Services.

* You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.

* You're a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.

* You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally.


See more jobs at Contrast Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Distantjob

verified

Web App Developer (security / Comms)


Distantjob


php

mysql

apache

debian

php

mysql

apache

debian

8mo

Apply

How much are you into security? Do you still have nightmares about that time you saw your friend share her Gmail password on Facebook Messenger? Do you make fun of people using encrypted chat in WhatsApp? Weโ€™re looking for an experienced web app developer with a special place in his heart for security. That place should be surrounded by barbed wire and in the middle of a minefield!

Youโ€™ll be working with a team of young programmers and engineers building cutting-edge hardware and software for enterprise use, with a focus on communication and security. These are SaaS solutions to be run by on-site security infrastructure.

Weโ€™re looking for the type of person that looks around in everyday life and regularly thinks โ€œThereโ€™s a better way to do that?โ€ The kind of person who enjoys solving tricky coding problems and is passionate about helping his team grow. Someone who can take ownership of a project and coach the team into seeing through until the end and crushing deadlines.

If thatโ€™s you, know that if you apply and get in, your contribution will make the difference and you will be involved in almost all aspects of running a business.

Hereโ€™s What Else We Expect From You:
You have experience in taking the lead in a team.
Youโ€™ve finished some large projects and have results to show.
You are able to make a functional analysis, and accurately estimate work based on it.
You anticipate problems and difficulties.
You like to discuss and report regularly.
You are a very responsible person, looking for a company to identify personally with.
You are interested in all aspects of technology, ICT, and programming.
You are a fast learner and you want to keep learning.
You speak English with a degree of fluency and spontaneity that makes regular interaction with native speakers clear and without strain for either party.
You articulate clear, detailed explanations in English regarding your field of work, and can fluently explain your viewpoint on technical or work-related issues, giving the advantages and disadvantages of various options.

Hereโ€™s What We Need You To Master:
PHP5 / HTML5 / CSS3 / JS (ES6)
MVC (PHP: Laravel / codeigniter / yii , JS: AngularJS)
MySQL
Linux: Debian
Apache2 web server
C/C++ (Boost)

Weโ€™ll Be Extra Impressed If You Also Dominate:
Windows
C# .NET
MSSQL
Networking basics. (CIDR / VLAN)

See more jobs at Distantjob

Visit Distantjob's website

How do you apply?

Send cover letter and resume to vahe@distantjob.com
Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Cyberone Security

Golang Developer


Cyberone Security


golang

dev

infosec

digital nomad

golang

dev

infosec

digital nomad

9mo
Remote, United States - We are looking a contract to hire a golang/angular developer who is looking make big impact in the company everyday. The role consists of development, collaborating with other developers, devops, and providing QA support. You will be working on fixing bugs, en...

See more jobs at Cyberone Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Bromium UK

Senior Security Architect


Bromium UK


infosec

architecture

senior

infosec

architecture

senior

9mo

Apply


Job Title:   Senior Security Architect

Department:   Engineering

Location:   Cambridge, UK or Cupertino, CA or Remote

Position Summary:

You will work closely with our development and product management teams, maintaining and enhancing the security and functionality of the Bromium suite of products. You will write technical reports publishing your research and present these papers at computer security conferences as well as authoring technical reports for internal and external purposes.

Job Responsibilities:


* Keeping up to date with the latest security events and working with engineering to ensure our product stack provides protection

* Investigating known malicious activity and examining the impact

* Researching new threats and providing analysis on behavior

* Publishing research, presenting technical talks and contributing to the Bromium blog 




Job Requirements:


* Experience with or ability to understand a complex set of interactions between components of a large software solution

* Solid understanding of current security threats, exploitation techniques, mitigation and hardening technologies (particularly endpoint security products) on the Windows platform

* Knowledge of hypervisor technologies and advanced x86 platform functionality (VTx, UEFI, kernel development)

* Proven experience of C/C++ code auditing (for both language-specific and logic errors)




The following skills and attributes are a plus: 


* Knowledge of Microsoft Windows internals and the history of security vulnerabilities in Windows

* Previous experience of sandbox design and implementation

* Knowledge of browser internals

* Experience giving talks at security conferences, reporting vulnerabilities discovered to vendors and publishing papers on computer security

* Experience of Python code auditing


See more jobs at Bromium UK

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Sapien

verified

Meteor.js Security Engineer for Upcoming ICO


Sapien


meteor js

full time

infosec

javascript

meteor js

full time

infosec

javascript

San Francisco, CA9mo

Apply



Location: San Francisco, CA

See more jobs at Sapien

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Cloud Technology Partners

Security Architect


Cloud Technology Partners


infosec

architecture

infosec

architecture

9mo

Apply



* Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients.

* Identify and document information security risks and propose mitigating controls

* Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security requirements.

* Research, design, and develop new information security controls for clients

* Assess current IT environments and make recommendations to increase security

* Assist clients in troubleshooting and resolving information security issues

* Author project and support documentation and diagrams

* Implement security solutions.




Skills & Requirements


* Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes.

* Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS, PaaS, and other cloud environments.

* Architected solutions within Amazon Web Services (AWS) and other cloud providers and SOA for cloud-based services.

* Worked with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.

* Performed security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks.

* Worked on large scale cloud based services (including SaaS, PaaS, IaaS) and understand security challenges involve in deploying Cloud Applications.

* Created and maintained security policies and procedures, managing the protection of information systems and assets.

* Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies.

* Hand-on experience with multiple security technologies such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.

* Solid understanding of a range of compliance, regulatory and legal requirements and relevant principles, best practices and standards across multiple industries. Preferred industries: financial services, telecommunications. Examples would include: PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA and TCG.

* Have working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML, Ping, Okta, etc) and key management (Safenet, Vormetric, other).




Added Bonus:


* Cloud security and/or architecture related certifications - AWS Certified Solutions Architect or Certified DevOps Engineer





* Sense of humor


See more jobs at Cloud Technology Partners

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Mindbody

Senior Software Security Engineer


Mindbody


infosec

dev

senior

engineer

infosec

dev

senior

engineer

9mo

Apply


JOB SUMMARY:

MINDBODY’s Security Engineering team is seeking an experienced software engineer to help keep our users safe from real world threats. You will build large, distributed security solutions that harden the MINDBODY SaaS platform and enable us to protect against and surface malicious activity. We are looking for a candidate with a passion for security and innovation, who will research and develop new solutions to protect our users but also help us share the goodness to make the internet a safer place for all.


PRINCIPAL DUTIES AND RESPONSIBILITIES:


* Take a leadership role in driving internal security and privacy initiatives

* Design core, backend software security components

* Code using primarily .Net, C#, and Classic ASP

* Implement abuse detection and logging systems to surface threats

* Interface with Product Development teams to incorporate their innovations and vice versa

* Conduct design and code reviews

* Performs Mobile Risk Assessments, Vulnerability Assessments, and Penetration Tests.

* Recommends countermeasures and safeguards that would mitigate mobile risk.

* Establish mobile policies and procedures and advise Product Owners as to the most optimum deployment of integrated mobile security solutions.

* Perform investigations for evidence of intrusion or policy violations

* Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines.

* Designs, produces, and delivers compelling OWASP training content.

* Implements and improves software tools to gather system configuration information and proactively identify vulnerabilities.

* Maintains awareness regarding OWASP and application security trends.





MINIMUM QUALIFICATIONS AND REQUIREMENTS:


* Extensive knowledge of web technologies with an emphasis on the .NET framework, MVC, and Web API

* Extensive knowledge of Security principles: confidentiality and integrity of data, authentication and authorization, security protocols (HMAC, SSL, JKS, AES, OAuth)

* Extensive knowledge of web application security principles

* Extensive experience building secure large-scale, server applications

* Extensive experience with service-oriented architecture principles to implement tools like WCF

* Expert knowledge of VB, C#, and the .NET Framework

* Experience with operating system internals, programming language design, compilers

* Experience in building authentication or authorization services

* Experience with scalable rules engines

* Experience or bent in thinking about operability, monitoring, performance, testability and scalability while building large-scale systems.

* Experience with designing and implementing secure web based payments systems

* Ability to influence design and architectural decisions.

* B.S. or M.S. in Computer Science or related field, or equivalent experience

* 7+ years working on complex web applications

* Full software development lifecycle experience; must be comfortable working using Agile methodology as well as iterative methodologies.

* Must have prior experience of being a developer of a REST interface


See more jobs at Mindbody

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Clevertech

Security Engineer


Clevertech


infosec

engineer

infosec

engineer

10mo

Apply


DESCRIPTION

Clevertech is looking for a Security Engineer to join our global team. We are looking for team members to help us develop world-class software products for the most exclusive organizations in the world. We have been at this since 2000, and continue to grow off our best asset, our people.

You are comfortable with security protocols and DevOps development. You have worked extensively with the Zed Attack Proxy Protocol and understand vulnerabilities and engage in proactive problem-solving.

REQUIREMENTS

Clevertech looks for craftsmen developers who take ownership of their code. You can deliver quickly while being clever to avoid missteps. You have an effective positive attitude that shines as you show your care about client and colleague concerns. You are always learning and are a transparent communicator even when it is challenging. You thrive on challenging yourself daily and seek to surround yourself with like-minded individuals.

Technically, you have an excellent background with AWS, Docker, Kubernetes, logging, monitoring, and build tools. Well qualified applicants will have deep experience in the latest libraries and programming techniques. You enjoy being on the bleeding edge of technology and are well versed in modern programming languages.

BENEFITS

Own Your Time

We are a completely remote team. That means we have a large amount of trust and a lot of flexibility. World travellers, young parents, nature lovers, and commute avoiders love working here. We are a collective of like minded people in over ten countries, and our global perspective shapes our every move.

Focused Work

You will work together on a dedicated team with your eye on one finish line at a time. Our teams are nimble and agile, and cover the technical range you would expect in world class product delivery teams. And keep your eye on the mail - we send out swag everywhere in the world and there are celebratory pictures of Clevertech socks, hoodies, and mugs all over slack.

Learn at your edges

We believe in learning and provide unique programs that improve your tech skills, leadership skills and even challenge you in personal development. CleverFridays, guest speakers, mentorship opportunities and in-depth industry exposure are all on offer here.

And of course, if you speak at a tech conference, we cover all expenses.

Recharge Time

We insist that you take recharge time. We are closed for major holidays and then require that you take at least two weeks a year to refresh.

Want to learn more about Clevertech and the team? Check out why.clevertech.biz.

See more jobs at Clevertech

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Cloud Technology Partners

Security Architect MCC


Cloud Technology Partners


infosec

architecture

infosec

architecture

10mo

Apply


WHAT YOU’LL DO


* Analyze and design security and compliance solutions for applications and infrastructure, and provide expertise and consulting to clients

* Identify and document information security risks and propose mitigating controls

* Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security and compliance requirements

* Understand and provide guidance on the architectures and solutions to assist clients with addressing regulatory governance and compliance requirements

* Research, identify, design, and develop new information security or compliance controls for clients

* Provide input regarding best practices for the creation of next-generation services focused on addressing and improving client’s governance and compliance requirements

* Assess current IT environments and make recommendations to increase security and compliance capabilities

* Assist clients in troubleshooting and resolving information security and compliance issues

* Author, project, and support documentation and diagrams

* Implement security and compliance solutions

* Must have the ability to travel and work onsite at client locations (typically 50%)




WHAT YOU’VE DONE


* 5+ years of hands-on experience with:


* Identity and Access Management solutions (Ping, Okta, OneLogin)

* Roles Based Access Control (RBAC)

* Identity Federation (oAUTH, SAML 2.0, WS-FED)

* Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store)

* Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and

* Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)





* Knowledge of Cloud Security Alliance (CSA) best practices and guidelines

* Working experience with ISO 27001, CoBIT, SOX and/or other Information Security Management frameworks.

* Demonstrated security platform design and implementation experience

* Proven experience with application security, firewalls, IPS, vulnerability assessment and mitigation, event collection and correlation, auditing, crypto, data loss prevention

* Excellent verbal communication, organizational, presentation and planning skills

* Experience translating business direction into required security and or compliance controls and collaborating from SME to C-Level.

* Bachelor's Degree in Computer Science, other technical fields

* Experience as a hands-on technical practitioner/specialist in client facing roles in mid-size or large enterprises and demonstrated client facing consulting skills, including building strong client relationships

* Ability to design and implement reliable, scalable, high performing web-based solutions that meet the service levels associated with mission-critical Identity and Access Management based solutions

* Understanding of identity and IAM processes, technologies, standards and industry best practices

* Proven ability to thrive and succeed in a dynamic, fast growing, startup environment

* Strong consultative selling, presentation and negotiation skills

* Ability to thrive in ambiguous/pressure situations




ADDED BONUS



* Sense of Humor!

* Experience with security architecture frameworks in cloud-based environments (e.g., AWS, OpenStack, VMware, etc) is strongly preferred.

* Experience with PCI compliance, PCI Qualified Security Assessor (QSA) is a plus.

* Obtaining Security certifications (CISSP, CISM, CISA etc)


See more jobs at Cloud Technology Partners

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Center for Internet Security

Senior Application Developer


Center for Internet Security


dev

senior

infosec

digital nomad

dev

senior

infosec

digital nomad

11mo

Apply


About the Center for Internet Security (CIS)

CIS (Center for Internet Security) is the trusted guide to confidence in the connected world. CIS collaborates with the global security community to lead both government and private-sector entities to security solutions and resources. CIS is an independent, not-for-profit organization. 

CIS promotes a culture that is centered around the CIS Leadership Principles. These core values embody our mission, ethics, standards and expectations.

About the Job

The Senior Application Developer is assigned to the Operations Team at the Center for Internet Security.  Reporting to the Senior Manager of Application Development, the Senior Application Developer will partner with other cybersecurity team members to promote the CIS mission and help support our growth. The primary purpose of this position is to assist with the maintenance and development of applications to support operations for a fully functional 24x7 Security Operations Center. This position involves critical duties and responsibilities that must continue to be performed during crisis and emergency operations, which may necessitate extended hours of work.

This position has a partial telecommute work option with the ability to work a combination of on-site and remote. A typical work week would consist of 2-3 days on-site and the remainder 2-3 days remote work. 

Here’s a Snapshot of your Tasks and Responsibilities


* Develop and maintain new and existing software applications.

* Create and maintain documentation of all applications.

* Maintain code in an appropriate repository.

* Lead Software Quality Assurance (SQA) efforts through the use of unit testing and integration testing and scheduled rollout of new/updated applications.

* Perform other duties as assigned.




What are we looking for in you?


* Bachelor’s Degree in Computer Science or equivalent work experience.

* 5+ years of application development experience.

* Expert level proficiency in PHP.

* Expert level proficiency in relational databases and SQL.

* Expert level proficiency in HTML, CSS, and JavaScript.

* Thorough documentation skills for both code and end user.

* Must be authorized to work in the United States.




Even Better if You Have


* Experience with Laravel and Symfony frameworks.

* Proficiency in one or more scripting languages (Python or Perl preferred).




 The CIS Offer


* A culture that is engaging, fun and energetic

* An organization that supports Work/Life balance

* Competitive compensation

* Comprehensive benefits package including:



* Medical, dental, vision and life insurance

* 401K plan with company match

* Maternity, paternity and military leave

* Paid time off upon date of hire and more!



* Tuition and certification reimbursement

* On-site wellness programs

* Community involvement opportunities

* An environment that promotes growth and professional development including our award-winning training opportunities




If you think you’d be a good fit for the Sr. Application Developer and would be a great addition to our Team, then we want to hear from you!

See more jobs at Center for Internet Security

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Northwestern Mutual

Senior Cloud Security Engineer


Northwestern Mutual


infosec

cloud

senior

engineer

infosec

cloud

senior

engineer

11mo

Apply


What's the role?

The AWS Cloud Security Team is seeking highly skilled Cloud Native Security Engineers that have a passion for delivering security solutions as code. Your role is to architect, develop, test and operate the security solutions as well as provide support to the engineering, infrastructure, security and IT teams to continuously improve and protect our production architecture.

Our current tech stack includes AWS, Terraform, Linux, Ansible, Docker, Kubernetes, Spring, Node.js, Java8, iOS, and Python.

Responsibilities


* Codify traditional security processes to take humans out of the equation making security consumable as a service

* Work across multiple Security Epics such as IAM, Logging and Monitoring, Infrastructure Security, Data Protection, and Incident Response

* Build security guardrails into the CI/CD pipeline to stop security misconfigurations and vulnerabilities before they happen, creating a tight feedback loop between security and development teams

* Build Cloud Native Detective and Responsive controls that enforce the security baseline at scale

* Build AMI and Docker Image life cycle management systems to integrate with the vulnerability scanning solutions to provide image rehydration based on vulnerability scanning assessments 

* Build automation to actively audit the infrastructure for security misconfigurations

* Provide security expertise on system, network, encryption, authentication, and governance

* Developing secure design patterns for cloud architectures developed in public or private cloud environments.

* Research emerging trends and technologies to assess the threats they may face

* Support vendor and partner security assessments




Bring Your Best! What this role needs:


* Experience with engineering best practices to include analyzing, designing, developing, deploying, and supporting software solutions, and/or infrastructure implementations/upgrades.

* Hands on experience with AWS services such as VPC, EC2, RDS, IAM, KMS, WAF, Lambda, CloudTrail, CloudWatch, Dynamodb, SQS, CloudFront, S3, and Config

* Knowledge of Infrastructure as Code, Immutable Infrastructure, and continuous integration/deployment practices

* Proficient in at least one programming language (Python, Javascript)

* Experience in version control systems such as Git, GitLab, etc.

* Experience administering and hardening Linux and Windows systems

* Familiarity with security issues associated with containers, distributed systems, and large scale web application

* Willingness to continuously learn and share learnings with others

* Ability to work in a fast-paced, rapidly changing environment

* Very strong verbal and written communication skills

* Minimum 3 years working with web-scale environments

* Minimum 2 years working in a security capacity

* Strong problem solving skills

* Strong sense of ownership and the ability to work with a limited set of requirements.

* Ability to explain technical solutions to technical and non-technical teams.

* 4-8 years of experience.


See more jobs at Northwestern Mutual

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Senior Security Engineer


Auth0


infosec

senior

engineer

infosec

senior

engineer

11mo

Apply


Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

Auth0 allows anyone to authenticate and authorize users, applications, and APIs with any identity provider running on any stack and any device. Security is at the core of our product and the security of our customers and their data is paramount. We are looking for a Senior Security Engineer to join us in keeping Auth0 and our customers data safe.

The Security Operations team builds, owns and maintains the critical security infrastructure that provides visibility into Auth0’s production operations. We are looking for a Senior engineer who is passionate about making reliable and scalable infrastructure. You will build tools and drive automation - removing any manual process that will prevent the security team maintaining coverage as Auth0 grows.

This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Security Operations team.

Responsibilities:


* Provide team leadership and own the delivery of security engineering projects

* Design, build and maintain the systems that help keep Auth0 secure

* Demonstrate the effectiveness and coverage of these systems

* Develop tools to test, monitor and enforce security policy

* Automate security process to reduce as much manual process as possible

* Own and improve our security monitoring pipeline

* Participate in the on-call rotation to support the infrastructure and respond to security events




Requirements:


* Significant experience working as a Security Engineer and delivering engineering projects

* Experience administering and securing AWS

* Strong Linux experience

* Proficiency in at least one programming language (e.g. Python, Node, Go etc.)

* Experience with log collection and storage (e.g. ELK/EFK stacks, Sumo Logic etc)

* Strong written and verbal communication skills

* Comfort working in a globally distributed environment with a remote workforce




Extra Points:


* Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications

* A passion for infrastructure as code and have used tools such as Terraform and CloudFormation

* Experience running a vulnerability management programme

* You have used configuration management tools (e.g. Salt Stack, Ansible, Puppet, etc)

* You write readable, maintainable code and have experience managing source code with git




Examples of our Engineering Culture:

https://auth0.engineering/

https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921

Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Senior Security Architect


Auth0


infosec

architecture

senior

infosec

architecture

senior

11mo

Apply


Auth0 provides an enterprise-grade platform that secures billions of logins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

The Auth0 Security team are looking for a Senior Security Architect to join us in keeping Auth0 and our customers data safe. You will own the Auth0 Enterprise Security Architecture and take a holistic company wide view of security. The work you do will drive the adoption of good security practice across all of our business and engineering teams.

This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to make real change to a growing Enterprise.

Responsibilities


* Own, develop and drive the implementation of our Enterprise Security Architecture

* Champion industry security methodologies and standards

* Partner with Engineering, Operations, IT and Compliance to drive good security practice

* Develop standards and best practices for information security

* Provide security consultations for teams developing new infrastructure




Requirements


* A strong background in security engineering with proven delivery experience

* Extensive experience securing large scale cloud environments and in particular a deep knowledge of AWS security controls

* Significant experience securing Linux environments

* Proven ability to influence teams to build secure products and infrastructure

* Knowledge of security standards and frameworks (e.g ISO 27001, PCI DSS, NIST etc)

* Strong written and verbal communication skills

* Comfort working in a globally distributed environment with a remote workforce




Extra Points:


* Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications

* Experience working in a global, distributed environment with a remote workforce

* Experience with authentication protocols (e.g. SAML, OAuth etc)




Examples of our Engineering Culture:

https://auth0.engineering/

https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921

Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Auth0

Senior Application Security Engineer


Auth0


infosec

senior

engineer

infosec

senior

engineer

11mo

Apply


Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

Auth0 allows anyone to authenticate and authorize users, applications, and APIs with any identity provider running on any stack and any device. Security is at the core of our product and the security of our customers and their data is paramount. We are looking for a Senior Application Security Engineer to join us in keeping Auth0 and our customers data safe

Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.

The individual filling this role will work closely with our product teams, and should feel comfortable shipping bug fixes into production. We love to build tools and automate security whenever it makes sense, enabling others and reducing repetitive tasks.

This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our App Sec team.

Responsibilities:


* Provide team leadership and own the delivery of application security projects

* Be a subject matter expert for application security - supporting our product teams

* Own our Secure Software Development Lifecycle  - both the process and tools

* Conduct security reviews and provide internal consulting

* Build, deploy and maintain security controls and instrumentation around and in our code

* Threat modeling of new and existing features

* Educate and influence our product teams




Requirements:


* Significant experience working as an Application Security Engineer or developer

* Development experience with at least one programming language

* Deep understanding of modern web technologies, mobile and web security

* Deep understanding of common vulnerabilities in web and mobile applications and how to prevent them

* Proven ability to influence development teams to deliver secure code

* Experience with threat modeling methodologies

* Strong written and verbal communication skills

* Comfort working in a globally distributed environment with a remote workforce




Extra points:


* Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications

* Development experience with Node.js / Javascript

* Experience with authentication protocols (e.g. SAML, OAuth etc)

* Experience running a bug bounty programmer




Examples of our Engineering Culture:

https://auth0.engineering/

https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921

Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

See more jobs at Auth0

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Critical Mix

Senior Information Security Architect


Critical Mix


infosec

architecture

senior

infosec

architecture

senior

11mo

Apply


Summary

Security is a core value of the technical team at Critical Mix, from protecting our customers to our members.  Critical Mix is seeking someone who is passionate about security and risk management.  We are seeking someone that sees security as an enabler and differentiator to enable the business through innovation, not a just a step in the compliance process. We seek an individual capable of working with the business to understand their goals and objectives and help them meet those goals and objectives in a secure manner. At Critical Mix, you will work closely with the CTO, infrastructure and development leads to increase our overall security posture.

Key Responsibilities


* Assisting in the development of a strategic security architecture vision, including standards and frameworks that are aligned with overall business strategy using the current technology roadmap

* Review existing architecture, identify design gaps, and recommend security enhancements

* Participate in solution architecture design; lead security efforts assisting with the integration and initial implementation of solutions

* Meet with development teams to help develop application designs and procedures that include the appropriate security controls and meet security standards

* Serve as information security subject matter expert, trusted advisor; provide advisory and consulting services as needed.

* Understand current as well as emerging security threats and design security architecture to mitigate threats where possible

* Stay abreast of new security technologies and integrate into security architecture design when appropriate.

* Maintain existing InfoSec policies and create new policy as needed.




Job Requirements


* Bachelor’s degree, preferred in Computer Science. Software development background is a plus.

* Industry security designations preferred

* 7 years of industry experience with a broad technical understanding and experience with current technologies utilized in the industry is a must

* Ability to meet established deadlines; must be a self-starter and be able to work independently as well as being a team player

* Understanding of emerging technologies in IT such as Amazon Web Services, server containerization, and server less computing.

* Ability to write both technical and business documents

* Must have a firm grasp of concepts and technology across all IT areas to be able to spot gaps and develop appropriate controls

* Ability to translate complex technical information across all levels of the organization

* Understanding of technologies involved in developing enterprise and web application in php, javascript and/or other modern frameworks is desired

* Experience with Secure Software Development Lifecycle focusing on software architecture and design is a plus

* Experience with static code analysis tools for vulnerability testing desired.

* Experience with penetration testing, threat modeling, identity management, authentication, authorization, cryptography is required.


See more jobs at Critical Mix

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Wikimedia Foundation

Traffic Security Engineer


Wikimedia Foundation


infosec

engineer

infosec

engineer

11mo

Apply

Location: San Francisco, CA or Remote



Summary

We are looking for an Operations Engineer to join our Technical Operations team. Would you like to join the highly dynamic team that is responsible for the reliability and performance of a global top-10 website, Wikipedia?

The Technical Operations team has a very broad range of shared responsibilities.  The team is globally distributed, working remotely with each other in a highly collaborative and consensus-oriented fashion.  We only write and only use Open Source code wherever possible and we do the vast majority of our work in public view.

This Traffic Security position focuses more-specifically on the Security and Privacy responsibilities of our Traffic team within Operations.  The Traffic team runs a private and privacy-protecting global CDN for Wikipedia and related sister projects.  One of the key responsibilities of this position will be technical stewardship of our TLS termination for users at the edges of our network.  We’re passionate about protecting the privacy of our users against mass surveillance and manipulation, and we expect you to share that passion.  If the word “ChaCha” doesn’t make you think of dancing first, you might be the person we’re looking for!

We’d like you to do these things:


* Protect our users’ reading and editing habits from mass surveillance

* Keep our TLS infrastructure up to date in the face of evolving threats

* Keep track of the ever-changing landscape of browsers and other UAs

* Analyze and optimize our edge software infrastructure to enhance our users’ experiences

* Assess and deploy newer protocols, technologies, and software as their time becomes ripe

* Deprecate older ones in a timely manner while balancing the needs of legacy clients

* Reactively respond to, and proactively engineer against, DDoS and other attacks

* Analyze and advise on application-layer security issues exposed over HTTPS

* Other related Traffic and Security/Privacy work as required




Experience we’d like you to bring to the table:


* A deep and current understanding of TLS, HTTP[S], TCP/IP, DNS, and other related protocols

* Hands-on experience working with TLS libraries and HTTP server software configuration

* A working knowledge of modern cryptography from a systems engineering point of view

* Experience working on general infrastructure and application-layer security issues

* Experience with Open Source operations tooling for configuration management, orchestration, and monitoring.

* Experience working on Open Source operations infrastructure in general

* Bachelor’s degree or the equivalent in related work experience




And it would be even more awesome if you have any any of these:


* Experience operating TLS-terminating reverse proxy servers at global scale

* Experience operating large web properties at a global scale

* Programmer experience writing and/or modifying network daemons and/or libraries in languages such as C, C++, Go, Python, and/or Rust

* Some knowledge of Linux IPVS load-balancing

* Some knowledge of global IP routing

* Some knowledge of HTTP caching and related CDN technologies




Some public links on the current state of our TLS termination you might be interested in:


* https://grafana.wikimedia.org/dashboard/db/tls-ciphers

* https://www.ssllabs.com/ssltest/analyze.html?d=en.wikipedia.org

* https://wikitech.wikimedia.org/wiki/HTTPS




About the Wikimedia Foundation

The Wikimedia Foundation is the non-profit organization that supports and hosts Wikipedia and several other Wikimedia free knowledge sites. Every month, the Wikimedia sites are accessed by more than a billion unique devices. Wikipedia consists of more than 40 million articles across hundreds of languages. Every month, more than 250,000 volunteer editors contribute to Wikipedia. Based in San Francisco, California, the Wikimedia Foundation is an audited, 501(c)(3) non-profit that is funded primarily through donations and grants. It currently employs over 300 staff members.


At the Foundation, we build technology to help people everywhere access Wikipedia, across devices and in nearly 300 languages. We engineer privacy for our readers and editors so they can safely and securely explore Wikipedia. We create programs and initiatives to make Wikipedia freely available to more people in more parts of the world. We build new tools for the community of editors so they can continue to improve and grow Wikipedia. Roughly a quarter of our budget goes to supporting the community that make the site possible, including through grantmaking programs that enable volunteers and enrich the information on the sites.

The Wikimedia Foundation is an equal opportunity employer, and we encourage people with a diverse range of backgrounds to apply.



Benefits & Perks *


* Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!)

* The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more

* The 401(k) retirement plan offers matched contributions at 4% of annual salary

* Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.

* Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.

* For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program

* Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses

* Telecommuting and flexible work schedules available

* Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax

* Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people




* for benefits eligible staff, benefits may vary by location

More Information

https://wikimediafoundation.org

https://blog.wikimedia.org

See more jobs at Wikimedia Foundation

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


EMS Software

Director Of Cloud Operations Security


EMS Software


infosec

exec

cloud

ops

infosec

exec

cloud

ops

11mo

Apply


EMS Software is looking for a Director of Cloud Ops & Security who will aid us in the ongoing transformation of our product offering from an on-premise solution to one having a hybrid offering with a pure SaaS presence.

You will be at the center of a vital growth initiative.

You’ll join a company that serves 2,500 great organizations like Accenture, Deloitte, Goldman Sachs, Harvard and Yale University. Our customers have millions of people using our software to manage events, reserve spaces to meet, work and study; and to analyze and optimize their use of real estate.

Your role combines the operational responsibility for cloud ops and security, plus the strategic responsibility for enabling and encouraging our product and sales teams to promote our offering to existing and new customers alike. This is the perfect role for a technical leader who wants the high visibility of driving adoption

So, where will you focus your energy?

Delivery


* Drive customer satisfaction (DevOps + external) by providing world-class application availability and protection of customer data

* Direct the team to perform system setup, system administration, incident resolution, problem management, configuration management, change management, security monitoring, security management, capacity planning, availability management and disaster recovery

* Establish performance monitoring and response processes

* Ensure efficiency and predictability of deployments and upgrades

* Roll out and enforce best-in-class security practices for greater customer success




Process


* Assess and refine our Agile/SCRUM process by collaborating with Product Management, Sales and Support

* Understand and improve our existing operations and planning processes to elevate the output and quality of our operations team




Direction


* Direct and develop our operational resources by prioritizing and delegating across multiple projects and initiatives

* Optimize resource efficiency and help technical leads and team leads continuously make better tradeoffs

* Create a security roadmap for an organization with enterprise grade customers




Leadership

Technical


* Understand the technical decisions that are being made by your operations team and synthesize  their decisions into  your decision-making process

* Leverage your technical leadership to refine Product Management’s 6-month roadmap into tangible, and technically practical deliverables

* Seek out meaningful certifications and security measures to increase our customers confidence in the delivery of our SaaS solution

* Adopt a CI/CD mindset that is more advanced (and more beneficial) than our current DevOps mentality to accelerate deployments, reduce cost of ownership, and maintain quality

* Understand and simplify the complexities of maintaining both on-premise installations as well as SaaS installation of the same technology stack




Team


* Understand the skills and capacity of your team and how to best utilize them to achieve our goals

* Identify and employ data to empower your team’s continuous improvement

* Develop career paths for your engineers and provide opportunities and feedback that will help them pursue those paths




Organizational


* Analyze departmental spending and collaborate with Product Management to capture ROI; evangelize findings to senior leadership

* Coordinate cross-functional dependencies with a 360° leader mentality (i.e., an ability to influence up, down and laterally across the organization)  

* Understand the tradeoffs and impact of decisions at the resource, technical and product level




Required Experience


* 5+ years of experience managing cloud operations experience with and strong knowledge of Microsoft Azure, Amazon Web Services, Google Cloud Platform, or other cloud platforms

* 2+ years of experience managing a team of at least 5 engineers

* 2+ years as an operations engineer yourself

* 3+ years of CI/CD experience

* 1+ years of experience working in an agile development environment

* Expertise in cloud security compliance, including experience with security audits

* Experience hosting 300+ customers in the cloud; enterprise customers highly preferred

* Ability to communicate verbally and in writing with both technical and business people in terms that they understand




EMS Software is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status. We are committed to hiring a diverse and talented workforce, supporting integrity in the workplace and an entrepreneurial atmosphere.

See more jobs at EMS Software

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Drfirst

Information Security Engineer Web Applications


Drfirst


infosec

web dev

engineer

infosec

web dev

engineer

11mo

Apply


Purpose: 
The Information Security Engineer will be on the Information Security team and focus on handling Web Application Vulnerability Management, Issue Management, and Incident Response. The position objective is to support the operations of the Information Security department. With a primary focus on finding, analyzing, and tracking vulnerabilities and security issues to remediation.

The successful candidate must have in-depth knowledge of information security, web application vulnerability management, web applications testing, and static code analysis. High level communication skills are essential to successfully translate technology and requirements into business terms.

This role lies within the Information Security function, reporting to the Information Security Manager, but is closely aligned with other corporate functions such as Human Resources, Compliance and Information Technology, and may involve liaison with third party suppliers of awareness and training materials and services.



Key Responsibilities


* Operate and improve the end-to-end vulnerability management process, including aspects of asset inventory, contextual approach to scanning, conducting risk and vulnerability assessment, and providing reporting and remediation guidance.

* Operate Web Application security testing, and Static Code vulnerability analysis

* Provide in-depth analysis of vulnerabilities and related impact to stakeholders.

* Lead regular meetings with stakeholders to coordinate remediation efforts and clarify ownership.

* Influence stakeholders to prioritize risk treatment for identified vulnerabilities.

* Provide security reviews of change management tickets submitted by the organization to ensure remediation efforts are acted upon in a timely manner.

* Serve as the subject matter expert for threat and vulnerability processes.

* Assist with associated incident response, security administration, and security monitoring initiatives as requested.





Education and Skill Set:


* Bachelor’s degree in related field

* A minimum of 5 years of experience in IT and information security, 2 of which must be in information security

* Must be a self-motivated, detail-oriented professional

* Excellent communication, facilitation, and writing skills

* Strong knowledge in a scripting language such as perl or python

* Strong knowledge of Java or an equivalent programming language

* Experience using JIRA is preferred but not required

* Experience with security tools, including: vulnerability management tools such as Nessus, or Qualys, Symantec Endpoint Protection, Veracode or IBM Appscan, nmap, metasploit, core impact.

* Expert understanding of operating systems (Windows, Linux, Mac, iOS/Android)

* Experience with, and understanding of, the healthcare industry is preferred

* Demonstrated ability to develop and report on metrics

* Excellent communication, facilitation, and writing skills

* Understanding of networks and network architecture






See more jobs at Drfirst

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Social Data Sciences

verified

Ops Security Consultant for Meteor App on iOS Android


Social Data Sciences


meteor js

ios

infosec

consulting

meteor js

ios

infosec

consulting

1yr

Apply

See more jobs at Social Data Sciences

Apply for this Job

๐Ÿ‘‰ Please reference you found the job on Remote OK as thank you to us, this helps us get more companies to post here!

When applying for jobs, you should NEVER have to pay to apply. That is a scam! Always verify you're actually talking to the company in the job post and not an imposter. Scams in remote work are rampant, be careful! When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.


Parsons Cyber

Automotive Security Software Engineer


Parsons Cyber


infosec

dev

engineer