Sr. Security Engineer
About Spring Labs:
Spring Labs is redefining how data is exchanged for the new age of data sharing, security, and consumer privacy through decentralization. Our Spring Protocol Tech Stack, which includes the use of Blockchain and Cryptography, allows institutions to share information among themselves to verify identities and reduce fraud - all while protecting consumer data.
Working at Spring Labs is about being part of a collaborative team, comprised of some of the most talented people in the industry. You would be welcomed into a fun, inclusive environment where we care as much about our employees as we do about our product.
As part of our Information Security & DevOps Team, the Senior Security Engineer will be responsible for continuously improving and maintaining the security of our cloud platform and products. The ideal candidate will have experience working in SaaS environments and collaborating with, and advising Product, Engineering, and DevOps teams.
• Work closely with the product teams to understand our products in depth to document the product details including the security architecture, attack surface, trust boundaries and data flows.
• Assist in development of Threat Models that enumerate cyber security threats by attack surface. Document and verify the existing security mitigations and identify if additional mitigations are required for our products.
• Work with the product teams to define security mitigations, provide guidance during mitigation development.
• Build life cycle around static code analysis, internal vulnerability assessments, testing and remediation
• Work with Developers and DevOps to identify, prioritize and remediate security vulnerabilities
• Maintain security policies and drive remediation processes
• Serve as a subject matter expert on internal product security engineering questions/requests
About You
- Demonstrable experience scripting with languages like PowerShell, bash, etc.
- Ability to work in a fast-paced environment
- Ability to collaborate with other teams/functions with a positive attitude and respect.
- Can think about problems from an out-of-the box perspective, doesn't always default to industry norms
- Perform proactive research to detect new attack vectors
- Perform reactive incident response when a security event occurs
- Experience with Python a plus
Perks
- Casual Work Environment
- Fully Stocked Kitchen
- Free Gym
- Weekly Office Events
- Unlimited PTO
- Comprehensive Medical/Dental/Vision
- 401(k)
Equal Opportunity Statement:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.