Senior Security Engineer
Customers don’t experience data, they experience content. Movable Ink activates any data into personalized content in any customer engagement. More than 700 of the world’s most innovative brands rely on Movable Ink to accelerate their marketing performance. Headquartered in New York City, Movable Ink and its 400 employees serve its global client base from operations throughout North America, Central America, Europe, Australia, and Japan.
The Senior Security Engineer, Information Security & Compliance will be a part of the team responsible for planning, implementing and maintaining the firm-wide privacy, security and compliance strategy to protect Movable Ink’s platform. In your role, you'll help Movable Ink identify, understand, manage, and respond to threats to our environment and data.
This includes implementing and maintaining vulnerability management tools, and supporting incident response activities. Additionally, the Senior Security Engineer, Information Security & Compliance will lead a subset of security-related projects to help protect the Movable Ink platform.
Responsibilities:
- Investigate and help manage remediation efforts for identified vulnerabilities.
- Manage third-party penetration tests throughout the engagement including remediation.
- Monitor networks and systems for security threats, through the use of software that detects intrusions and anomalous system behavior.
- Evaluate and help improve security information and event management tools.
- Play key role in first response following incident reports or security alerts, including DLP and IDS alerts.
- Conduct vulnerability scans and perform analysis of scan results
- Work closely with the Engineering and DevOps teams to remediate vulnerability findings.
- Monitor logs and help improve logging capabilities.
- Assist with quarterly security incident response tabletop exercises and related remediation.
- Advise on and ensure secure coding practices are followed throughout the SDLC process.
- Help identify and develop meaningful security learning resources and trainings for developers especially.
- Provide security guidance on new products and technologies.
- Contribute to client security assessments and advise on custom client security requirements.
Qualifications:
- 4+ years of experience in vulnerability management or related role.
- Strong technical foundation that includes knowledge across multiple information security domains.
- Understanding of OWASP top ten vulnerabilities.
- Familiarity with SIEM, DLP, and/or IDS tools (e.g. Qualys, Threat Stack, CloudTrail etc.).
- B.S. in Computer Science or related field, or equivalent experience.
- Knowledge of risk assessment tools, technologies and methods.
- Familiarity with Javascript and Rails vulnerabilities a plus