At Signifyd we’re creating a new market. We’re constantly improving and expanding the technology that has changed what fraud protection for e-commerce looks like. So we don’t have time for office politics. We understand that different people have different work styles and we thrive on variety while learning from each other. We’re all Signifyers, so we know that what needs to get done will get done.
Signifyd is a place where no one is going to tell you how to do your job. If you want help, you'll get it — from all quarters. But we pretty much figure out what needs to be done, who's in the best position to do it and then let that person roll-up her or his sleeves and have at it.
We're protecting retailers from online fraud in a way that's never been done before and we could use your help if you're someone:
- Who believes challenges are best overcome by thinking differently.
- Who knows his or her role, but isn’t confined by it.
- Who’s greatest satisfaction comes from helping customers succeed and achieve their dreams.
- Who isn’t afraid to disagree, convincingly, civilly and honestly.
- Who will stop and hold the door for a colleague, even if you’re running late.
Oh, and a few particulars for this role:
We have put in place a fairly comprehensive security monitoring system and best practices. Yet we know there is always room for improvement. You will be the subject matter expert to help us raise our security practices to the next level.
In this role, you will be both a hands-on security practitioner, and a primary driver behind maintaining a healthy security culture at Signifyd.
In collaboration with other teams and departments, you will educate on security topics and enhance security of our operations. You will introduce efficiencies and toil reduction in systems and processes through automation. You will triage and respond to security events as they arise.
As part of the Engineering Infrastructure team, your main responsibility include:
- Hands-on implement automation and integration to improve security, user management, and monitoring.
- Participate in Signifyd’s security compliance effort from engineering perspective.
- Perform vendor and partner security due-diligence investigations.
- Respond to customer inquiries regarding our security and data privacy practices.
- Conduct research on emerging products, services, and standards in support of security enhancement and development efforts.
- 3+ years hands-on experience managing secured SaaS production environments.
- Diverse security skill set, with extensive knowledge and experience in Application Security, IT Infrastructure Security, and Cloud Security.
- Well-versed in secure coding practices.
- Automation skills and experience with scripting or programming languages such as Python, Ansible.
- Hands on integration with centralized auth system such as Okta, LDAP.
- Experience performing incident response.
- Strong knowledge and understanding of:
- Web/network protocols, attack techniques, and attack behavior.
- Standard security practices, methods and frameworks.
- Implementing and monitoring secure networks and systems.
- Prior experience dealing with compliance or regulatory frameworks such as PCI, SOC 2, HIPPA, GDPR, PrivacyShield, ISO27001.