Senior Product Security Engineer, Data & Insights Solutions

Qualifications

Soft Skills

• Strong organization and prioritization skills. A proven ability to react positively and decisively to change
• Superior verbal and written communication skills, with the ability to communicate complex technical solutions to non-technical audiences
• Deadline-driven, team-oriented, be a self-starter, have great people skills, a strong work ethic, and be enthusiastic and ambitious
• Flexible. Able to independently manage multiple efforts simultaneously while maintaining professionalism under pressure
• A passion for improving the client experience and a track record of successful interactions with internal/external clients
• Excellent troubleshooting skills
• A technical leader with the ability to inspire and support peers

Tools and Technology

• 3-5 years of security engineering experience
• Working experience in Agile Kanban development methodologies
• Expertise in collaboration and prioritization using Confluence, Jira, and Teams
• In-depth knowledge of common web application vulnerabilities, such as OWASP Top Ten (e.g., SQL injection, XSS, CSRF)
• Proficiency with a wide range of security testing tools, including but not limited to vulnerability scanners (e.g., Nessus, Qualys), web application scanners (e.g., Burp Suite Pro, Invicti, OWASP ZAP), and penetration testing frameworks (e.g., Metasploit)
• Familiarity with implementing and managing multiple NIST 800-53 control families: Access Control, Audit and Accountability, Configuration Management, Identification and Authentication, System and Information Integrity
• Strong Python scripting skills and GitHub Enterprise experience
• Experience with static application security testing (SAST), security information and event management (SIEM) systems, and intrusion detection/prevention systems (IDS/IPS)
• Understanding of network and information security best practices
• Experience with Linux, Ubuntu, AWS, Red Hat
• Familiarity in one or more: threat analysis, security automation, penetration testing, incident response, IAM, bug bounty programs, third-party vendor management
• Working experience in cloud log management solutions (e.g., Sumo Logic)
• Experience securing cloud environments with an understanding of cloud security infrastructure and cloud security principles
• Understanding of DevOps and continuous integration/continuous delivery (CI/CD) pipelines and how to integrate security into the DevOps process
• Understanding of attack vectors for cloud environments
• Knowledge of encryption algorithms, certificate management, and cryptographic protocols
• Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.

Other

• Bachelor's degree in Computer Science, Engineering, Mathematics, Information Systems, or a related field preferred
• Valued Certifications: CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+), AWS Professional, AWS Security

Candidates with less experience directly applicable to this position will be considered. You belong here! Not everyone checks every single box, and we encourage you to apply.We aspire to be remarkable: in the culture we create, the products we build, and the services we deliver. We believe a diverse team that embodies different backgrounds and experiences is necessary for us to be the best we can be. Within the company, we pursue a culture of inclusivity by identifying and removing aspects of our culture that stop people from being able to do the best work of their lives in physical and emotional safety, while being their authentic selves. We continuously seek to strengthen our culture and values in our daily work as individuals.We are committed to making continual progress in everything that we do.