Senior Security Engineer

Role:

As a Senior Security Engineer at SentiLink, you will develop, implement, and manage security operations, platform security, application and product security, threat planning and research, corporate security, security strategy, and compliance for SentiLink. You will work cross functionally to advocate for security and privacy across the company with the goal of instilling trust in SentiLink from our employees, partners, customers, and auditors.

Responsibilities:

• Architects, designs, implements, maintains and operates information system security controls and countermeasures.
• Designs, develops, deploys, and operates cloud infrastructure using infrastructure as code and related GitOps tooling.
• Performs assessments and improvements to security configurations of various cloud-based Linux servers.
• Collaborate with the Infrastructure team to ensure cloud security for promoting DevSecOps and Shift Left.
• Monitors information systems for security incidents and vulnerabilities, develops monitoring and visibility capabilities.
• Safeguard sensitive information by working with business units and vendors/third parties to determine and enforce appropriate access levels.
• Participate various white hat efforts against SentiLink’s product and corporate infrastructure - including phishing tests, penetration tests, and simulations for disaster recovery and business continuity.
• Researches and assesses new threats and security alerts and recommends remedial actions.
• Assists with management responses to audit findings, directing remediation, tracking progress and providing status reporting.

Requirements:

• 5+ Years in a InfoSec role or related Software Engineering role.
• Experience with software development (Python, Golang, Javascript, etc).
• Experience Engineering cloud-based infrastructure in the AWS environment using Infrastructure as Code (IaC). Terraform experience is a plus.
• Proficient in many cybersecurity technologies, IT concepts, strategies and methodologies, as well as security aspects of multiple platforms, operating systems, software, communications and network protocols.
• Experience implementing security controls aligned to organizational policies and standards.
• Excellent communication skills, including the ability to convey complex security related concepts to technical and non-technical audiences alike.
• Knowledge of industry standard frameworks - NIST, ISO, PCI, SOC2.
• Experience working in a highly regulated environment is a plus (NIST 800-53, ISO 27001, etc).
• Familiarity working in financial services is a big plus.
• Candidates must be legally authorized to work in the United States and must live in the United States.

Salary Range:

• $140,000/year - $185,000/year