Lead Security Engineer
The Security Engineering team is a trusted partner throughout the organization. We work hard to make Betterment the most secure place for our customers’ money. We do this by building tools for our development teams, improving the security and integrity of our systems and adding monitoring and visibility into our services. This helps us move faster and smarter, all while done within a highly regulated and secure environment.About the right team member:
You have experience as a software engineer or security professional working with various stakeholders across the organization. You use this experience to guide your decision making, ranging from communication style to software architecture. You are a highly motivated engineer who will work on tasks such as delivering new tools and systems that make engineering more impactful or working with your peers to help improve the security and reliability of our systems. You will work with our Security Operations Center (SOC) to monitor, triage, and remedy security events while also improving detection logic. You are always keeping up with what is going on within the tech industry and strive to learn and share your knowledge with colleagues. You are interested in collecting data and metrics and know how to use them to effectively drive change.At Betterment you will get to:
- Understand attacker methodology and defend against them by threat hunting, building detection mechanisms, and automating remediation procedures.
- Continuously improve security detection and audit capabilities using tools and signals that evolve with the ever changing security landscape and threats.
- Work directly in building and integrating security tooling & features, & work across engineering teams to ensure secure consumer products and employee systems
- Collaborate with other engineering teams to guide security & privacy initiatives by participating in design reviews, code reviews, & threat modeling
- Create alert logic, metrics and tooling and remedy security events
- Introduce and promote adoption of significant technologies and process innovations
- Promote high quality, secure software through software delivery pipeline automation
- Build out our Security Information and Event Management (SIEM) solution, incident response, and forensic capabilities.
- Pentest our various web and mobile applications and our networks and servers alongside our expert team
- Potential to work remotely
- Lean towards tackling large challenges by picking them apart, observing, experimenting, and gathering metrics that can help drive the team towards better observability
- Responded to security incidents and built out tooling to automate response
- Have experience with cloud providers and configuration management (e.g. AWS or GCP)
- Know the importance of architecting and building systems for High-availability, Business Continuity and Disaster Recovery
- Actively grow your own skills and have a strong technical background
- Work autonomously with minimal direction and oversight
You’ll work with a diverse set of technologies including but not limited to: Vulnerability Scanners, Web Application Firewalls, Next-Generation Endpoint Protection and EDR, OSQuery, AWS, Terraform, Kubernetes, CircleCI, Ruby, Rails, Python, Java, Docker, Ansible, Jenkins, Splunk, Nginx, Tomcat, Puma, MySQL, Postgresql, Linux, and MacOS.About Betterment:
Betterment is the largest independent online financial advisor with more than $20 billion in assets under management. The service is designed to help increase customers’ long-term returns and lower taxes for retirement planning, building wealth, and other financial goals. Betterment takes advanced investment strategies and uses technology to deliver them to more than 480,000 customers across its three business lines: direct-to-consumer, Betterment for Advisors, and Betterment for Business. Learn more.Come join us!
We’re an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, religion, creed, national origin or ancestry, ethnicity, sex, gender (including gender nonconformity and status as a transgender or transsexual individual), sexual orientation, marital status, age, physical or mental disability, citizenship, past, current or prospective service in the uniformed services, predisposing genetic characteristic, domestic violence victim status, arrest records, or any other characteristic protected under applicable federal, state or local law.