Whisker
Home of the Litter-Robot, Feeder-Robot, and Litterbox.com
iot • pet products • animal • robot • pet care
501 - 1000
Sr. Cyber Security Engineer
July 23
🏡 Remote – New York
Whisker
Home of the Litter-Robot, Feeder-Robot, and Litterbox.com
iot • pet products • animal • robot • pet care
501 - 1000
Description
• Responsible for architecting, developing and deploying security tools and technologies to protect the Whisker Labs platform and backend infrastructure • Perform static code analysis of the Whisker Labs code base on a regular basis and provide relevant recommendations to Whisker Labs developers • Perform dynamic application security testing using open source and commercial tools before applications are deployed in production • Perform internal penetration testing on the IoT sensor device • Perform vulnerability assessments of the Whisker Labs production platform and provide recommendations for identified vulnerabilities • Review security alerts and reports on a daily basis and work closely with the DevOps team in any follow up investigation or remediation • Triage all issues reported by external researchers via the bug bounty program at Whisker Labs and work with the developers for timely remediation of the reported issues • Tune the logging infrastructure on an ongoing basis to surface true positives • Perform security assessments on all existing and any new Whisker Labs 3rd Party Vendors • Review the current and upcoming infrastructure stack from a security perspective and provide recommendations for hardening the stack • Perform threat modeling on existing and upcoming feature set in the Whisker Labs application so that appropriate security controls can be built from the ground up • Automate security controls using scripting to the extent that it requires minimal human interaction • Perform Corporate IT and security administration tasks including firewall management, SSO implementation, IAM, endpoint security, business application administration among others
Requirements
• Bachelor's degree in Computer Science or related field • 5+ years in a security engineering or operations role • Strong knowledge of applied cryptography, web security, TLS/SSL, web authentication protocols such as OAuth • Experience in using scripting languages e.g. Perl, PHP, Python, Ruby to automate tasks and manipulate data • 3+ years experience building and administering Linux/UNIX based systems preferred • Comfortable with security tools like BurpSuite, ZAP, nmap etc. • Experience with Amazon AWS and Web Application Firewalls (WAF) highly preferred • Hands-On expertise with log management tools e.g. ELK, Splunk, SumoLogic • Experience with Vulnerability Scanning tools e.g. Qualys, Nessus etc. • Solid comprehension of packet analysis and demonstrated ability troubleshooting incidents using security tools such as Wireshark, tcpdump, nmap, SIEM (log analysis), and IDS/IPS • 3+ years working with compliance standards e.g. PCI, SOC 1, SOC 2, HIPAA, ISO 27001, FedRAMP • Certifications like OSCP, GCIH, GSEC, CISSP preferred but not required
Benefits
• Competitive salary + equity • Health, dental, and vision insurance • 401(k) with match
Apply Now
