DataVisor
The most powerful fraud and AML detection platform trusted by the world's largest brands.
Consumer-Facing Online Service Protection • Big Data Security • Internet Security • Mobile App Security • Fraud Detection
51 - 200
Senior Security Engineer
May 8
🏡 Remote – New York
DataVisor
The most powerful fraud and AML detection platform trusted by the world's largest brands.
Consumer-Facing Online Service Protection • Big Data Security • Internet Security • Mobile App Security • Fraud Detection
51 - 200
Description
• Engage with internal business teams on projects to assess for security risk and help deliver secure solutions via threat modeling, code review, penetration testing, and enforcing secure development lifecycle • Assist with the implementation and execution of the application security program with the business and engineering teams • Provide guidance on security architecture related to cloud computing products and services • Test web applications for common vulnerabilities including input validation, broken access controls, session management, cross-site scripting, SQL injection and web server configuration issues • Utilize security information and event management for real-time analysis of security alerts generated by our cloud infrastructure and applications • Actively participate in Incident Management, Change Management, Security Policy Management and Security Incident Response • Perform secure code reviews and implement security in all phases of SDLC. • Perform SAST, DAST, Internal Penetration testing on the Applications and the Infrastructure. • Lead SOC2 and PCI Compliance programs
Requirements
• 3+ years of industry experience with a proven track record of end-to-end audit prep / compliance ownership in one or more of the following: SOC 2, PCI, HIPAA, ISO 2001 • 3+ years experience in Application/Product security role. • Must have knowledge / experience with security best practices within AWS (EC2, S3, IAM, VPC, Route53) and other providers • Skills in the following areas: Security Compliance, Vulnerability Scanning, Managing PEN testing • Demonstrated experience with systems auditing and monitoring to ensure compliance with security policies and standards • Understanding of key security concepts such as cryptography, authentication, authorization, security protocols, or security vulnerabilities as applied to web application security and Cloud-based services • Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls • Experience with IDS/IPS, firewalls, DDoS Prevention, and WAFs • Solid understanding of IP networking protocols: IPv4/6, TCP/UDP, DHCP, HTTPS, FTP, etc. • Experience performing network/security maintenance tasks in the Cloud and highly available 24/7 data centers • Experience performing security testing with OWASP guidelines. • Locate in the US or Canada
Benefits
• Flexible schedule • Competitive pay • Equity participation • Health benefits • Catered lunch • Company off-sites • Game nights • Opportunity to work with a world class team
Apply Now
