Overview:

The ideal Security Engineer candidate should possess a combination of strong technical knowledge across multiple product security domains and solid coding skills. They should also be able to drive the building and adoption of new security tools and technologies while supporting day-to-day security activities such as vulnerability testing and remediation, incident handling and alerting and monitoring, while creating ways to automate the easy stuff. 

Responsibilities:

-Execute and maintain information security policies, standards, guidelines, and procedures to assess, balance, and minimize risk and ensure the confidentiality, integrity, and availability of systems and data.

-Ensure training for staff on relevant security best practices and procedures.

-Carry out appropriate disaster recovery strategy, and work closely with relevant teams to ensure execution of a successful DR strategy.

-Assist with information security investigations, evaluating threats and providing recommendations for necessary corrective actions.

-Execute integration of current IT systems with security strategies and policies (eg. Incorporating SAST and DAST solutions in the CI/CD pipeline.)

-Maintain current knowledge of the information security field and the changing threat landscape.

About You:

-Minimum of 3 to 5 years of experience in a combination of risk management and security enforcement in a consumer internet platform.

-Knowledge of regulatory compliance frameworks (NIST, SOX, ISO, PCI DSS, GDPR, CCPA, etc.)

-Strong knowledge of a range of security solutions (AV, EDR, IPS, IDS, SIEM, VPN, DNS, firewalls (Palo Alto), proxies, etc.)

-Strong foundation in product security, computer and network security, authentication and security protocols (TLS, SAML, Oauth, etc.)

-Hands-on experience in Threat Modeling, SAST, DAST, and Web application security including OWASP 10

-Experience in implementing technical controls.

-Knowledge of Cloud Security best practices and tools including Identity and Access Management, secure deployment models, least privilege resources access, etc.

-Knowledge of web applications and APIs.

-Strong development experience in one or more of the programming languages and platforms such as Python, Golang, Javascript, C++.

-Familiarity with distributed computing environments (including BYOD and ad-hoc managed endpoints.)

-Able to execute, collaborate, and drive projects with the highest quality in security management.

-Effective written and verbal communication.

-Experience with working in fast-paced, critical environments.

What’s in it for you?

- Competitive salary and full benefits, including Medical, Dental, Vision, and 401k

- Workstation and tools of your choice

- Paid attendance to conferences

- Daily complimentary catered lunch from some of NYC’s top restaurants, and an endless supply of snacks & drinks

- Company funded happy hours/events

- Discounted membership to some amazing NYC facilities including Chelsea Piers Gym

- Generous maternity and/or paternity leave and contributions towards fertility preservation

- A sunny office full of incredibly curious and friendly people

OkCupid is an equal opportunity employer. We celebrate diversity and are deeply committed to fostering an inclusive environment for all employees.