As the world moves to a mobile-first economy, businesses need to modernize how they acquire, engage with and enable consumers. Prove’s phone-centric identity tokenization and passive cryptographic authentication solutions reduce friction, enhance security and privacy across all digital channels, and accelerate revenues while reducing operating expenses and fraud losses. Over 1,000 enterprise customers use Prove’s platform to process 20 billion customer requests annually across industries, including banking, lending, healthcare, gaming, crypto, e-commerce, marketplaces, and payments. For the latest updates from Prove, follow us on LinkedIn.
Prove is driving the future of digital identity. We are looking for Provers who know how to make an impact. We’re talking self-starting professionals who thrive in a fast-paced environment, process information quickly, and make intelligent decisions. The work is challenging and requires not only smart but natural curiosity and tenacity. Teamwork is also important to us – we work together and play together.
Prove has big plans, and we’re excited about the future. If this sounds like the place for you – come join our team!
Title: Security Engineer (Vulnerability Management Operations)
Department: Info Sec
Reports To: VP, Information Technology
FLSA Status: Exempt
Location: US Remote
At Prove, Security Engineers handle the digital security for our company and our products. Our Security Engineers are the first line of defense against malicious actors. Their duties include operating and maintaining our cyber security system and our IT security infrastructure, building digital security protocols, and proactively scanning our company’s digital assets for weaknesses and creating robust countermeasures to prevent future incidents.
This role will specifically focus on vulnerability management. The role will be responsible for the day to day operations of our vulnerability management program. You will be hands-on in identifying and implementing best practices, as well as support the optimization of our tools and processes.
Key Responsibilities:
As a member of the Information Security team, a Security Engineer will:
- Act as a technical lead within a rapidly growing cyber security group and develop team objectives to resolve outstanding risk and identify new areas of exposure.
- Assist in validating and remediating critical findings resulting from Audit/Vulnerability & Threat Management processes.
- Utilize industry-standard toolsets to map and reduce the attack surface of a complex and dynamic architecture.
- Collaborate with Threat Intelligence groups to overlay observations from the global threat landscape with patching and remediation strategy.
- Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.
- Triage and escalate high risk and zero day exploits and provide remediation recommendations
- Review opportunities to reduce the risk surface of Prove, ensuring a highly secure target for adversary actors.
- Develop scripts, tools, and methodologies to identify and exploit points of exposure on internal and perimeter applications.
- Implement and direct processes across the vulnerability management lifecycle, including Discovery, Prioritization of Assets, Vulnerability Assessment, Reporting, Remediation, and Verification.
- Assess a system’s ability to defend against, respond to, and recover from cyber and social engineering attacks.
- Hold teams accountable for SLA obligations, which can include escalation of issues in a timely fashion.
- Implement and manage automated security tools and processes to improve efficiency and ensure scalable security practices.
Qualifications:
- 4 - 7 years of related experience in Security Operations, Vulnerability Management, and Incident Response. This is a mid-career-level opportunity where you will be a mentor and an individual contributor.
- Bachelor’s degree in IT, information security, computer science, or a related field and/or equivalent work/military experience.
- Hands on experience with Vulnerability Management tooling, SAST, DAST, SCA, DLP, SIEM and SOAR tooling
- Strong scripting skills (PowerShell, Python, etc.)
- Understanding of a Security Development Life Cycle.
- Knowledge of Incidence Response policy, process, and execution.
- Proficiency with Cloud technologies
- Ability to communicate network, cloud and system security issues to fellow analysts and engineers
- Passion for learning about our products and markets through in-house and external training.
- Promote, maintain and enhance our cultural values of humility, passion, inclusion, and leadership.
Preferred Qualifications:
- Experience in high-growth /pre-IPO Technology companies
- Understanding of PCI DSS, HIPAA, SOC 2 Type 2 and NIST requirements and policies.
This position description should not be considered the final description of the position. The position description is not intended to be an all-inclusive list of duties and standards of the positions. It should be assumed that we would, to some extent, structure responsibilities in accordance with the successful candidate’s capabilities and changing business conditions. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.
The anticipated salary range for this role is $115,000 - $130,000 plus company bonus. Offered salary will be determined by the applicant’s education, experience, knowledge, skills, geo-location and abilities, as well as internal equity and alignment with market data.
Benefits & Perks for FTE Provers:
- Competitive salaries & Bonus Plan (for eligible roles) and Equity Plan
- Modern Health for financial, mental, and physical wellness
- 401(k) Retirement Plan & Match (US Offices) and Local Country Pension (International Offices)
- Unlimited Vacation and Flexible hours
- Comprehensive medical benefits for you and your family ❤️
- Emotional & Physical Wellness – Access to wellness services (EAP & Prove Well-Being Reimbursement)
- Bottomless snacks & beverages for certain office locations
- Daily GrubHub stipend for lunch if coming into the office (US Offices)
- A great place to work and connect with other talented Provers like yourself!
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Prove we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
Equal Opportunity Employment:
Prove is an equal opportunity employer committed to providing equal employment opportunity for all people regardless of race, color, religion, gender or sexual orientation, age, marital status, national origin, citizenship status, disability, veteran status or other personal characteristics
Privacy & Data Protection:
When you are applying for a job at Prove, we collect and use your personal information in the job application process. To understand more about how Prove uses your personal information, please see our Recruitment Privacy Policy on our website.
Top Skills
Similar Jobs
What you need to know about the Los Angeles Tech Scene
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
