Senior Platform Security Engineer
Payfactors is changing the way companies attract and retain top talent through innovative compensation based tools and analytics.
Payfactors is looking for a Senior Platform Security Engineer to join our Engineering Team. You will play a key role in platform security working with Infrastructure, DevOps, and Development Teams. The right individual for this role will be experienced with cloud architectures, infrastructure security, application security including static and dynamic scanning tools, and DevOps principles. If you thrive by working in a fast paced start-up environment and working with securing web applications and platforms, consider this opportunity as the next level in your professional development.
REQUIREMENTS/SKILLS:
Bachelor’s degree required
5-7 years of work experience, preferably in a technology-based company (SaaS experience a plus)
Experience working with multiple teams including Application Development, DevOps, and Infrastructure
Experience with various types of scanning tools for applications, networks, and systems
Experience implementing and tuning cloud-based SIEM solutions such as Azure Sentinel, Splunk, or Elastic
Experience with hardening systems, networks, and applications (ex. CIS)
Experience with secrets management processes and systems
Experience with IaC principles to build alerting mechanisms, system integrations, and monitoring
Experience working in a regulated and audited environment including SOC2, ISO, PCI, and HIPAA
Strong understanding of secure web application design principles and frameworks such as OWASP
Experience with Web Application Firewall implementation and configuration
Strong communication and writing skills
Ability to collaborate with peers, managers, and clients
Awareness and pride in 100% client satisfaction
Boston-area based - No sponsorship or relocation available at this time
PRIMARY RESPONSIBILITIES:
Work with Infrastructure and DevOps teams to harden systems, networks, and engineering processes
Expand application security testing automation to include dynamic and static scanning functions
Work with Application Development teams on reproducing as well as verifying application level vulnerability remediation
Manage WAF tuning and monitoring
Tune and enhance automation of SIEM platform including updating of correlation rules and new data sources
Expand vulnerability management processes and automation
Expand Intrusion Detection and Prevention capabilities within the platform
Implement automated SOC2 and ISO functions within security engineering to facilitate audits
Respond and investigate platform anomalies related to security
Assist in customer responses regarding platform security including questionnaires and calls
LIFE AT PAYFACTORS:
“Take it as you need it” Paid Time Off
Half Day Summer Fridays
Office socials, sports/concert tickets, swag + more
PLEASE NOTE THIS JOB DESCRIPTION IS NOT DESIGNED TO COVER OR CONTAIN A COMPREHENSIVE LISTING OF ACTIVITIES, DUTIES OR RESPONSIBILITIES THAT ARE REQUIRED OF THE EMPLOYEE FOR THIS JOB. DUTIES, RESPONSIBILITIES AND ACTIVITIES MAY CHANGE AT ANY TIME WITH OR WITHOUT NOTICE.
We are an Equal Opportunity Employer (Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets) and are committed to building a team that reflects a broad range of experience and thought. We actively encourage applications from underrepresented groups in technology and business.