Work in partnership with other FloQast IT teams to design, implement, and maintain corporate IT security systems, ensuring compliance
Lead third-party vendor and contractor security reviews
Audit and harden 3rd party SaaS systems for security best practices, leading remediation efforts
Ensuring security configurations across our corporate environment are documented and maintained
Regularly triage security events and ensure ongoing health of our Managed Detection & Response (MDR) partner
Own the analysis and documentation of security events & incidents, including investigating & escalating issues and participating in security event escalations
Maintaining existing compliance attestations and participating in risk assessment exercises
Lead vulnerability management efforts, ensuring issues are triaged, prioritized, and remediated according to defined SLA’s
Maintain and secure internal corporate endpoints (macOS and Windows)
Administer endpoint management platform for enterprise-wide monitoring and dash boarding
Participate in Agile scrum ceremonies for project and initiative tracking
Lead security awareness and training programs
Stay abreast of new and emerging security technologies and paradigms

Requirements

6 - 8 years as a Security Engineer, DevOps, or IT security professional
In-depth knowledge of common compliance frameworks e.g. SOC, SOX, PCI, and ISO standards
Experience using at least one high-level programming/scripting language
Ability to lead cross-functional initiatives and communicate proposals and ideas to stakeholders concisely
Experience balancing commercial objectives with security and compliance obligations
Advanced understanding of network and application fundamentals and best practices e.g. HTTP/S, DNS, VPN, Load Balancing, SAML, OAuth, and other modern protocols
Experience with cloud environments AWS, GCP, or Azure
Strong sense of ownership, urgency, and drive
Experience with zero-trust security concepts
Experience securing multi-tenant enterprise SaaS products
Experience with hardening tools and frameworks such as CIS benchmarks, NIST

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security systemsvulnerability managementprogrammingscriptingnetwork fundamentalsapplication fundamentalscloud environmentshardening toolscompliance frameworkszero-trust security

Soft Skills

leadershipcommunicationownershipurgencydrivecross-functional collaborationproblem-solvingtrainingdocumentationincident management