Senior Security Engineer at Zipari (Greater NYC Area, NY)
Zipari is a software technology company based in Brooklyn, NY. Our mission is to disrupt the insurance industry by introducing consumer-centric solutions powered by our unique Consumer Experience technology. We encourage all candidates to apply if shaping the future of a growing company, investing in our culture, and solving complex challenges interests you. The Zipari team members have strong work ethics, believe in what Zipari is building, and are committed to achieving company goals. Our team has foodies, talented musicians, artists, and a mix of other unique elements that make us one: The Zipari team!
Zipari is looking for a Security Engineer, responsible for understanding, identifying, automating, designing and building security components to address risks, gaps and threats in our environment. Your ability to solve complex problems and understand the “why” is more important than the tools you can use. An endless curiosity and an independent desire to find the right solution is critical. This role will be challenged with complex and simple problems to solve. You will leverage security skills, experience and communication abilities to meet security standards and expectations and develop solutions to security problems that strike the best balance between security, usability, and convenience.
What You'll Be Doing
- Evaluating and testing many different types of applications and networks.
- Identifying, exploiting and remediating vulnerabilities in applications and networks.
- Building threat intelligence program.
- Documenting technical issues identified during security assessments.
- Vulnerability Management.
- Staying current with emerging security topics, threats and new attack vectors.
- Working independently to meet product and project deadlines.
- Interacting with business stakeholder in a collaborative consultative manor to deliver results, provide feedback and remediation finds and issues.
- Supporting Zipari’s application security testing for integration into CI/CD.
- Ethical Hacking and PEN testing management.
- Building defense in depth or secure by default security patterns.
- Threat modeling and identifying attack surfaces for internal and external systems and services.
- 5+ years of experience in Security and Infrastructure
- Experience with AWS or Salesforce Cloud security features
- Experience with programming languages for development of solutions and offensive automation tooling (Python, Angular, Node/JSO
- Experience with testing web applications, natively compiled binary applications, mobile applications, web services, and testing networks
- Understanding of how data flows through an application and/or network and connected components (SMTP, LDAP, Database servers)
- Understanding of web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc)
- Experience leading or participating in penetration assessments of various companies and technology stacks
- Experience working with cross-functional teams to develop and implement solutions derived from assessments
- DevOps related technologies such as Docker, Kubernetes, and CI/CD tool environments
- Common Windows/Linux commands and scripting
- Strong communication skills and proven ability to work successfully with cross functional teams
- Competitive salary
- Excellent health, dental and vision benefits
- Generous vacation and leave policies
- Flexible working hours
- Support for remote work during COVID-19
- Maternity and paternity leave
- Advanced certification and training opportunities
- Roundout - weekly get-togethers hosted by our Founder/CEO
- Casual dress
Zipari is committed to a diverse workplace and equal opportunity. We understand that the products we build and the work that we do is better and greater when it is inclusive of varied experiences, skills, and perspectives. We encourage everyone whose experience is close to what we are looking for to apply and allow our team to get to know you.