EverCommerce

Senior Security Engineer

EverCommerce

full-time

Posted on:

Location Type: Remote

Location: Remote • Colorado • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $130,000 - $160,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityMicroservices

About the role

  • Create and maintain security architecture and engineering processes and procedures
  • Design system architectures which meet established cybersecurity requirements and align with customer needs, including security requirements definition, documentation, and communication
  • Develop security architecture requirements and implementation guidance based on analysis of NIST 800-53 and/or other security control frameworks
  • Architect, design, implement, maintain, and operate information system security controls and countermeasures
  • Provide techniques and patterns for securing integration with external security system vendors and/or cloud providers
  • Lead regular architecture and design reviews to ensure requirements implementation
  • Evaluate and play an active role in life-cycle management of multiple security technologies
  • Identify security risks and control gaps within systems, designs, products, data flows, and processes; recommend corrective architecture, integrations, controls, and operations
  • Participate in development of security requirements, architectures, and documentation to ensure security controls are integrated into new technology deployments
  • Perform secure architecture and design reviews of new technology and security systems deployments and collaborate with business teams to integrate secure-by-design principles into CI/CD pipelines and Agile development processes
  • Maintain a clear view of the overall security architecture roadmap and strategic plan
  • Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for solution groups and customers
  • Build, maintain and mature security architecture metrics and reporting
  • Serve as a subject matter expert/contributor measurably improving the overall security framework and program
  • Mentor junior security engineers and analysts
  • Additional duties as required and assigned

Requirements

  • At least 7 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration)
  • Bachelor's Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience
  • Have at least one current Industry recognized security certifications; CISSP, CISM, CISA, GIAC or commensurate experience
  • Excellent communication and interpersonal skills, with the ability to communicate and collaborate effectively with cross-functional teams, matrixed organizations, and technical / and non-technical stakeholders
  • Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks
  • Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such AWS and Azure
  • Knowledge of Information Security risk assessment methodologies and standards
  • Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security
  • Excellent verbal and written English communication skills
  • Must be eligible to work without sponsorship in the United States
  • May require travel to Corporate Headquarters in Denver, Colorado, or to other office locations around North America
  • Preferred:
  • Advanced knowledge regarding common attacks, attack methods, and defense architectures
  • Experience in securing multi-tenant compute services, microservices and modern APIs
  • Working knowledge of common web and container-based vulnerabilities
  • Experience with Information Security policies and procedure development and implementation
  • Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers
Benefits
  • Continued investment in your professional development
  • Day 1 access to a robust health and wellness benefits package, including an annual wellness stipend
  • 401k with up to a 4% match and immediate vesting
  • Flexible and generous (FTO) time-off
  • Employee Stock Purchase Program
  • Annual bonus opportunity in most US locations

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security architecturecybersecurityNIST 800-53cloud technologiesCI/CD pipelinesAgile developmentrisk assessment methodologiestechnical documentationsecurity controlscountermeasures
Soft skills
communication skillsinterpersonal skillscollaborationmentoringflexibilityself-motivationeagerness to learnpassion for cybersecurityleadershipproblem-solving
Certifications
CISSPCISMCISAGIAC