Human InterestRemote
Security Engineer II
United States of America
Full Time
2 weeks ago
$150,000 - $200,000 USD
H1B Sponsor Likely
Key skills
Application securityCloud infrastructure securityTypeScriptJavaScriptRubyJavaPythonGolangDevSecOpsSoftware development lifecycle (SDLC) securitySecurity automationSecurity reviewsThreat modeling frameworksSTRIDEMITREAINode.jsGraphQLSDLCMentoringCommunication
About this role
Human Interest is a high-growth fintech company focused on providing accessible retirement benefits to all workers. The Security Engineer II will collaborate with technology teams to design and implement secure software practices while enhancing security controls across the organization.
Responsibilities:
- Build practical controls to improve the effectiveness and robustness of our engineering team
- Foster a DevSecOps culture through education, automation, and tooling
- Secure our SDLC process through automation
- Implement checks in pipeline
- Perform security reviews of application code
- Take part in team on call rotation for security events and monitoring alerts
- Advocate and educate security best practices
- Create tooling and automation to efficiently respond to security events
- Partner with stakeholders to respond and mitigate security threats
Requirements:
- Consistent track record of securing application services and cloud infrastructure
- Proficient coding ability in at least one modern programming language. E.g.Typescript/Javascript, Ruby, Java, Python, Golang
- Practical experience securing cloud environments
- Strong communication skills: you can easily discuss complex technical concepts with both engineers and non-engineers
- Strong ownership and bias for action: You love to roll up your sleeves. You are proactive, drive projects from start to finish, and lead cross-functional projects, while keeping stakeholders informed
- Leader and Mentor: You are a recognized leader in your areas of responsibility, and enjoy sharing knowledge and mentoring others
- Operational Excellence: you raise the bar on the quality of the software and infrastructure that you work on
- Ability to secure AI tooling in a regulated environment
- Familiarity with securing Node.js and GraphQL
- Applied knowledge of a threat modeling framework like STRIDE or MITRE
- Experience performing security testing for cloud hosted applications
- Direct experience participating in or leading threat detection and response