Senior Security Engineer | Series B ($55m) Verification Startup (First Security Hire)

Based in NYC, my client has raised more than $55m (Series B). They have built and scaled an identity verification platform used to detect fraud and make identity management effective and simple for banks.

This is the first dedicated Security Engineer position, so it comes with a lot of autonomy and responsibility. You'll work with a large part of the engineering team to maintain and enhance their high-level security standards. I am looking for someone to join this security team and be supportive, asking the question "how can we get to 'yes'" instead of being gatekeepers.

This is an amazing opportunity to help shape the security posture of this rapidly expanding startup and bring them to the next level. If you're looking for that step up, this could be for you...

What You'll be Doing:

  • Contribute to a culture of security by helping train staff and being the go-to expert on security practices, tools, and vulnerabilities - Maintain awareness and understanding of Current Vulnerabilities & Exposures
  • Stay vigilant and monitor ongoing security threats
  • Analyze and respond to security incidents triggered by automated alerts, bug bounties, or external assessments
  • Perform ongoing log analysis and monitoring, and set up alerts to be proactively alerted or concerning activity
  • Proactively layer on security controls and update existing controls to respond to an ever-changing threat environment
  • Implement and configure tools to help us detect and respond to new types of threats
  • Make sure vulnerable applications or systems are being promptly updated and vulnerabilities remediated
  • Perform periodic security audits, penetration tests, and various tasks to ensure security policy and regulatory compliance
  • Maintain and adapt the security processes, procedures, and policies (they have strict security requirements and need to provide a lot of documentation to our customers and auditors!)

What You'll Bring:

  • 6+ years' work experience in Information Security, IT Audit, or Compliance
  • Knowledge of regulatory compliance requirements including PCI-DSS, ISO 27001/27002, SOC 2, etc. preferred
  • Strong knowledge of information systems security standards and practices (e.g., access control, system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Some experience at each level of the stack: network, system, and application security
  • Understanding of TCP/IP and network communications
  • Strong problem solving and analytical skills, exceptions written and verbal communication skills
  • Relevant information security certifications preferred (i.e. OSCP, CISM, CISSP, OSCE)
  • Ability to manage multiple projects, priorities, and deadlines

On Offer:

  • Base salary to $210k
  • Strong Series B equity
  • Awesome benefits - Premium medical, 401k, and HSA plans, gym membership, etc