Hotel Engine

Staff Security Engineer

Hotel Engine

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $190,000 - $230,000 per year

Job Level

Lead

Tech Stack

CloudDockerFirewallsJavaJavaScriptKubernetesNode.jsPythonRubySDLC

About the role

  • Develop and manage threat detection capabilities, including configuring, tuning, and managing a SIEM solution to identify, analyze, and respond to security threats across multiple layers.
  • Perform architecture reviews, code reviews, infrastructure config reviews, and light penetration testing on web applications, mobile apps, and other software systems to identify and resolve vulnerabilities and other security risks.
  • Maintain a vulnerability management CI/CD pipeline within our existing container/application delivery infrastructure while aligning security goals with business objectives.
  • Collaborate with development and infrastructure leadership to enforce secure coding practices, security controls, and remediation strategies throughout the software development lifecycle (SDLC).
  • Strategize and implement secure architectures, frameworks, and tooling for enterprise security.
  • Develop and maintain security guidelines for managing and deploying security tools.
  • Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices, and provide guidance to development teams accordingly.
  • Participate in incident response and forensic investigations related to application security breaches or incidents.
  • Develop relevant security training and awareness programs for developers, operations teams, and other stakeholders.

Requirements

  • Proficiency in one or more programming languages (e.g., Ruby, Java, Python, C#, Node.js).
  • Expertise in implementing and managing SIEM solutions with comprehensive and efficient alerting and monitoring capabilities.
  • Knowledge of containerization technologies (e.g., Docker, Kubernetes) and experience with automated container vulnerability management.
  • Mastered static and dynamic application security testing tools (SAST, DAST, IAST, etc.) and comfortable with manual validation testing.
  • Expertise in web application security principles, browsers, OWASP Top 10, secure coding practices, and threat modeling with frameworks like the Mitre Top 25.
  • Knowledge of secure software development methodologies (e.g., DevSecOps, Secure SDLC).
  • Experience with Web Application Firewalls (WAF).
  • Experience with cloud security concepts and best practices.
  • Experience working with compliance frameworks such as SOC 2 and PCI.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work collaboratively with cross-functional engineering leadership, including developers, operations, and fraud teams.
  • A passion for mentoring others.
Versana

Security Engineer

Versana
Juniorfull-time$100k–$120k / yearNew York · 🇺🇸 United States
Posted: 10 days agoSource: jobs.lever.co
AWSAzureCloudFirewallsGoJavaJavaScriptPythonSDLCTerraformTypeScript
Deel

DevSecOps Engineer

Deel
Mid · Seniorfull-time🇺🇸 United States
Posted: 26 days agoSource: jobs.ashbyhq.com
CloudDockerJavaScriptKubernetesPythonTypeScript
Citi

Lead Information Security Officer

Citi
Seniorfull-time$141k–$212k / yearFlorida · 🇺🇸 United States
Posted: 17 days agoSource: citi.wd5.myworkdayjobs.com
AWSAzureCloudCyber SecurityGoGoogle Cloud PlatformJavaJavaScriptJenkinsPython
BeyondTrust

Senior Product Security Engineer

BeyondTrust
Seniorfull-time🇺🇸 United States
Posted: 14 days agoSource: boards.greenhouse.io
AWSCloudCyber Security
Appen

Staff Engineer, Application Security

Appen
Leadfull-time🇮🇳 India
Posted: 8 days agoSource: jobs.lever.co
AWSCloudJavaKubernetesPythonReactSpring