Principal Cloud Security Engineer

Predictive analytics and machine learning power Socure’s groundbreaking technology and fuel our mission to verify 100% of good identities in real time and completely eliminate identity fraud on the internet.

Socure is the world leader in digital identity verification and fraud prevention. Our recent awards include Forbes 2022 America’s Best Startup Employers, The Forbes Cloud 100, The Deloitte Technology Fast 500, and Inc. 5000’s fastest growing companies.

Listen to why some of the world’s top technology investors see the enormous, transformative potential in Socure’s mission and products:

https://www.youtube.com/watch?v=ifM9_jPQCv8

Overview

Socure is looking to hire a talented Cloud Security Engineer to join our team. As one of the early members of our Information Security team, you will focus on security aspects of Socure’s cloud infrastructure. This role can be based anywhere remotely in the USA.

Role and Responsibilities

• Strategic Leadership: Drive the development and implementation of our security strategy, ensuring it aligns with business objectives and incorporates best practices in security.

• Consultative Expertise: Offer expert consultancy across various projects, guiding teams on security considerations and ensuring integration of security measures into all facets of our operations.

• Operational Guidance: Provide operational guidance and oversight on the implementation of security measures, ensuring efficiency, effectiveness, and alignment with organizational goals.

• Incident Response and Risk Management: Lead efforts to refine incident response strategies and risk management practices, enhancing our readiness and response to security incidents.

• Stakeholder Engagement: Engage with stakeholders across the organization to foster a culture of security, ensuring clear communication and understanding of security policies and practices.

• Monitoring and Evaluation: Oversee the monitoring of security postures and the evaluation of security practices, ensuring they remain effective and responsive to evolving threats.

• Understand end-to-end systems architecture and identify areas and solutions for improvement

• Partner with Product and Engineering to refine Software Development Lifecycle (SDLC), incorporating security development best practices, testing and auditing.

• You will be evaluating and driving security improvements in Socure’s software infrastructure and frameworks

Required Qualifications 

• 7-9 years of experience as a security engineer in a public cloud environment (AWS, GCP, etc)

• Experience working in or collaborating with small product teams, where security is a key consideration 

• Advanced manual testing skills

• Deep understanding of SAST/DAST solutions and strategies for maximizing their value

• Leadership in Security: Demonstrated expertise in leading comprehensive security initiatives, with extensive experience in network and application security, cloud security frameworks, and cybersecurity risk management. A proven track record of strategic planning, thought leadership, and achieving operational excellence in security operations.

• Expertise in Network and Application Security: Deep knowledge of network security architectures, protocols, and application security principles. Ability to design and implement robust security measures that protect against threats at the network and application layers, including but not limited to intrusion detection systems, firewalls, and secure coding practices.

• Cloud Security Specialization: Proficient in securing cloud-based environments, particularly in AWS. Familiarity with cloud security best practices, tools, and technologies, including identity and access management, data encryption, and security monitoring. Understanding of the shared responsibility model and experience in leveraging cloud-native security features to enhance the security posture.

• Consulting Acumen: Exceptional consulting and advisory skills, with the ability to influence security practices at all levels of the organization. Demonstrated ability to work collaboratively with IT, engineering, and business teams to integrate security into various operational processes, fostering a culture of security awareness and compliance.

• Operational Expertise: Comprehensive understanding of operational processes and the integration of security measures within these to enhance organizational efficiency and effectiveness. Experience in developing and implementing security policies, procedures, and controls that align with business objectives and regulatory requirements.

• Strategic Communication: Strong communication skills, capable of articulating complex security concepts to a diverse range of stakeholders. Expertise in preparing and presenting security analysis, risk assessments, and strategic recommendations to senior management, technical teams, and non-technical audiences.

• Adaptability and Vision: Strategic thinker with a visionary outlook, able to adapt security strategies to meet the dynamic needs of the business. Skilled in anticipating future security challenges and trends, and developing innovative security solutions and practices that address these proactively.

• Cross-Domain Security Knowledge: A broad understanding of various security domains, including endpoint security, data protection, identity and access management, and threat intelligence. Ability to integrate cross-domain security strategies to provide comprehensive protection against a wide range of cybersecurity threats.

• A genuine passion for security! We seek individuals who have the curiosity and desire to learn and stay on top of emerging security threats and technologies. 

• Nice to haves: professional Java development experience, OpenStack, strong statistics background, Agile, familiarity with Mitre Att&ck framework

Preferred Qualifications

Certifications that would be nice to see:

• AWS Security Specialty

• AWS Solutions Architect - Associate or Professional

• CISSP

• CCSP

Salary Disclosure:

Base Salary range: $177,000 - $210,000

This represents the expected salary range for this job requisition. Final offers may vary from the amount listed based on factors including geography, candidate experience and expertise, and other job related factors. Socure's compensation and rewards package for full time roles includes a market competitive salary, equity,  comprehensive benefits, and, for applicable roles, commissions plans or an annual discretionary performance bonus.

Socure is all about encouraging people to push the boundaries of what’s possible through top-tier performance, innovation, ownership, and shared expertise.

We empower excellence by providing great perks and benefits to both our fully remote employees in North America and our hybrid teams in India.

To learn more, check out Socure’s Career Page: https://www.socure.com/company/careers

Socure is an equal opportunity employer and value diversity of all kinds at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

To learn more about how our work is changing the world, check out these articles and videos:

• Socure is Forbes' 2022 Best Startup Employer: https://bit.ly/3fbNw8S

• Socure Accelerates Onboarding for 50+ Crypto, Neobanks, and More: https://bit.ly/3dwN2K7

• Socure's Impact on Financial Inclusion: https://www.youtube.com/watch?v=Y6nBc6s1wsU

• Socure's Impact on Fraud Prevention: https://www.youtube.com/watch?v=M46UG8QyKe4

• Archives & Press Releases: https://learn.socure.com/about/press-release