Follow Up Boss
Lead Security Engineer
JOB FUNCTION Lead Security Engineer
COMPANY Follow Up Boss
- We’re a simple, sales-focused CRM for real estate teams (and we use our own product)
- We’re a self funded, profitable company started back in April of 2011
- We’re a remote company with a mostly US-based team
- We don’t just claim to be customer-centric – we live it: https://www.facebook.com/followupboss/reviews
- Check out our video on how we work: https://www.followupboss.com/about/
- We’re a young, ambitious company who only answers to our customers
- Opportunity to have a big impact on our growth and your career
- No red tape or pointless meetings
- Competitive salary, health/dental insurance and 20 days paid holiday, $1000 to outfit your home office, yearly company meetup
- You are passionate about Information Security and have solid experience in the field.
- You would describe yourself as patient, empathetic and having a good sense of humour
- You’re independent, self-motivated and can stay efficient and productive without someone looking over your shoulder all day long
- Superb written and verbal skills (with a professional yet fun demeanor).
- You enjoy programming and creating solid, tested, reliable things over just breaking things.
- Reject the idea of security being a blocker, and enjoy collaborating with colleagues across teams to ship projects securely
- Have the ability to work with others and helping them to understand security is far more important than knowing about the latest ROP gadget finding techniques.
- This is a hands-on technical position where you will work with the Infrastructure and Product teams to ensure the secure release of applications.
- Security architecture experience and the ability to consult with engineering teams working on technology projects will be key to success.
- You have thorough familiarity with techniques used by real world attackers and should be able to prioritize detection and attack surface reduction efforts based on this knowledge.
- Self motivated and proactive mindset.
- Remote work experience is considered an asset.
- Based in the USA, quiet home office with fast internet.
- Strong experience in penetration testing or related activities, including at least network and application security experience.
- Understand modern web application architecture, TCP/IP, HTTP, and standard network and system security technologies
- A strong knowledge of securing production LAMP (PHP) stacks, as well as a solid understanding of iOS and Android apps is a must.
- Strong knowledge of internet security issues.
- Strong knowledge of UNIX and networking protocols.
- Take a leadership role in driving security and privacy initiatives at Follow Up Boss.
- Establish, advocate and enforce security policies and best practices among our team members.
- Lead efforts to keep our customers’ data and company assets safe.
- Review changes in internal processes and IT systems to make sure the changes being made don’t have adverse effect on security.
- Provide security guidance for our products and technologies
- Collaborate with colleagues across a variety of teams to architect & ship projects securely
- Discover, analyze, assess, and respond to various threats in Follow Up Boss’s web stack, iOS and Android applications.
- Investigate security-related reports from customers, internal team members or general public, assess risks and damage, plan recovery actions and lead the effort to execute the plan.
- Review changes in software we produce to make sure we follow best security practices and the changes being made don’t have a negative effect on security.
- Evaluate and provide recommendations on third party applications and services and the security implications associated with their use.
- Understand offensive techniques/tactics and be able to prioritize mitigation techniques or technologies accordingly.
- Instrument and perform anomaly analysis of systems and applications
- Ability to discover new and interesting security problems as well a fix them.
- Mentor other team members.
- Become familiar with the product architecture, infrastructure, and existing tools.
- Pair with engineers to gain knowledge about the system and how we work.
- Improve the new hire onboarding process, by being a part of it.
- Take active part in the internal security related work (e.g. assessing company VPN, implementing AWS IAM security best practices, SSH + 2FA, etc)
- Work with fellow engineers to ensure authorized access to internal tools, servers, and sensitive customer data.
- Identify top security issues and develop a solid plan to address them
- Develop internal physical security policies.
- Review and produce plan to comply with Google Compliance External Security Audit.
- Code Quality
- Focus and Prioritization
- Customer Driven
- Leadership Qualities
Apply for this Position
If you can see yourself in this remote role and feel you can add to the ongoing success of In Marketing We Trust, then apply via https://grnh.se/795355f81
You may also be interested in these jobs below