200+ applicants

Company

Original Job Post

ActBlue · 1 week ago

Security Engineer

United States

Full-time

Remote

Senior, Mid Level

$137K/yr - $192K/yr

Wonder how qualified you are to the job?

Enterprise SoftwareNon Profit

Work & Life Balance

Insider Connection @ActBlue

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Partner closely with engineers to lead security reviews that support software and infrastructure engineers early in their engineering process.

Lead or execute vulnerability assessments and offensively-focused ad hoc security reviews to identify and prioritize potential security risks and vulnerabilities.

Lead or execute incident response activities, including investigation, containment, and recovery efforts.

Ideate, implement, iterate, and operate security automation aimed at supporting engineers during their building processes, reducing remediation time, and improving incident response capabilities.

Qualification

Security ReviewsSIEM/SOARAttacker TechniquesOn-call ResponseInformation Security AttacksSecurity OperationsOWASP PrinciplesVulnerability HuntingRubyJavaScriptPython

Required

Deep domain expertise in security reviews for software and infrastructure engineers

Experience in vulnerability assessments and security reviews

Incident response experience including investigation, containment, and recovery efforts

Knowledge of attacker tools, techniques, and processes (TTPs)

Experience in designing, implementing, and operating security automation

Understanding of OWASP principles

Experience with modern TTPs targeting B2C online business

Experience deploying tools for secure engineering

Passion for vulnerability hunting and driving remediations

Proficiency in Ruby, JavaScript, and/or Python

Preferred

Experience with AWS, CMS, and new feature development

Experience with SIEM/SOAR stack tuning and design

Experience in offensive security reviews and practical information security attacks

Familiarity with Dev stack technologies like Ruby on Rails, React, PostgreSQL, Node.js, Redis

Familiarity with Infra stack technologies like Heroku, Amazon Web Services, K8s

Familiarity with Business Systems like Gsuite, Okta, Github, Atlassian, Netsuite, Hubspot

Benefits

Flexible work schedules and an unlimited time-off policy

Fully paid and trans-inclusive health, dental, and vision insurance for employees and their families; plus fully-paid health reimbursement arrangement to use for out of pocket expenses and fully-paid short- and long-term disability

Fully paid basic and AD&D life insurance and a voluntary supplemental life insurance option

Dependent and health care flexible spending account options

Employee Assistance Program (EAP) benefits for employees

A minimum of three months paid medical, family and parental leave (for all new parents, adoptions included)

Commuter or home-office benefits, including a $1,000 home-office setup allowance for all new full-time remote employees

Additional perks including quarterly snack deliveries and digital subscriptions to the Boston Globe & New York Times