Security Engineer (LA) at Route
Route is a one-click premium shopping experience for online ordering, and the only way to view all of your online orders, from any merchant, in one place. Online shoppers can insure and visually track everything they order online in one centralized app. E-commerce merchants from boutique brands to household names can add Route to their website empowering one-click solutions for their customers for shipping insurance, visual package tracking, and one-click claim handling. With offices in both Silicon Slopes, Utah (HQ) and Santa Monica, California, Route embodies a creative lifestyle partnered with innovative tech to build a one of a kind global brand.
About the Role:
Route is looking for a security engineer to join our platform team as a champion and expert in information security. As part of a team that seeks to empower engineers to regularly deliver customer value, this role will build solutions that ensure security is championed at all parts of the software development and operations process. This role will be a key player in the overall information security program at Route, contributing to not only not just to software engineering but also the security posture of the company at large.
This engineer will have the opportunity to grow their skills and experience in many areas while working and the chance to work with cutting edge technologies. We seek to hire the best and have a team of highly competent engineers who love to collaborate toward and creatively solve creative solutions.problems together. We need a security engineer who is passionate about championing security and finding innovative solutions. They must be willing to own projects and see solutions are fully found and implemented. We are a startup and things move quickly. This role will require the ability to understand, manage, and communicate security risks and tradeoffs as we grow and evolve.
- Develop and carry out information security plans and policies
- Develop strategies to respond to and recover from a security breach
- Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats
- Awareness training of the workforce on information security standards, policies and best practices
- Collaborate with engineers on security best practices and champion security through all phases of software development
- Work with the SRE team to build security automation into CI/CD pipeline
- Develop and implement AWS security best practices
- Implementation and use of AWS security services, firewalls, data encryption and other security products and procedures
- Conduct periodic network scans to find any vulnerability
- Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses
- Monitor networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior
- Investigate security breaches
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage
- Work with sales and customer success teams to answer security questions and address concerns from potential and current customers
- AWS and cloud platform as a service (PaaS) security
- Automating security testing tools
- Knowledge of scripting languages and basic coding ability
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies and methods
- Expertise in designing secure networks, systems and application architectures
- Disaster recovery, computer forensic tools, technologies and methods
- Planning, researching and developing security policies, standards and procedures
- System administration, supporting multiple platforms and applications
- Expertise with mobile code, malicious code, and anti-virus software
- Expertise in endpoint security solutions, including file integrity monitoring and data loss prevention
- Bachelor’s degree in computer science/information systems or equivalent
- 4+ years of experience in information security
- Certifications such as CISSP, GSEC, CEH or CISM helpful
Route offers an array of benefits including generous salaries, stock options, 100% healthcare coverage, and an unlimited PTO policy.
Route is an Equal Opportunity Employer. We embrace diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.