• Senior Security Engineer

    Justworks (New York, NY)


    Senior Security Engineer

     

    New York, New York

     

    Apply

    Who We Are

    At Justworks, you’ll enjoy a welcoming and casual environment, great benefits, wellness program offerings, company retreats, and the ability to interact with and learn from leaders in the startup community. We work hard and care about our most prized asset - our people.

     

    We’re helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues. We’re data-driven and never stop iterating. If you’d like to work in a supportive, entrepreneurial environment, are interested in building something meaningful and having fun while doing it, we’d love to hear from you.

     

    We're united by shared goals and shared motivations at Justworks. These are best summed up in our company values, which are reflected in our product and in our team.

     

    Our Values (https://www.justworks.com/careers#values)

     

    If this sounds like you, you’ll fit right in.

    Who You Are

    Justworks is looking for an experienced, hands-on Senior Security Engineer who can help drive and execute the company’s Security Architecture & Engineering function. As a successful candidate, you have demonstrated experience building security solutions to enhance security and defend against threats. You have a deep understanding of the fundamentals of computing and development/coding with Ruby on Rails, JavaScript and/or other languages. The candidate should also have experience in *Nix environment and the use of common cybersecurity tools.

     

    Depending on the experiences and skillsets, this role can cover a few security domains such as network and infrastructure, application security, identity and access management, data protection as well as capabilities to support Security Operations and GRC (Governance, Risks and Compliance)

    Your Success Profile What You Will Work On

    + Work with other security engineers on technical design reviews to evaluate existing security controls and identify opportunities to enhance the security posture of Justworks

    + Work with other security engineers to bring adequate security capabilities to Justworks.

    + Provide technical and architectural guidance to product managers, product engineers, and corporate IT on digital security

    + Bring and implement security capabilities in AWS and for corporate. Work with the team to execute and deliver the roadmap.

    + Develop security architecture, design, and coding standards across the Justworks applications and infrastructure to promote a standardized set of security requirements, aligning with internal policies and meeting external compliance requirements.

    + Work collaboratively with the current product managers and staff engineers or future Enterprise Architecture team to design and implement enterprise security capabilities into solution architecture

    + Participates in major new product development projects to ensure that appropriate security controls are built into systems prior to production cutover.

    + Drive process improvement and control implementation projects in coordination with the larger Digital Technology team at Justworks.

    + Act as a cross-functional tools and services expert, working with engineering and risk teams to build security control requirements

    + Help Cyber Defense Operations triage incidents as need especially related to product security, application security and AWS security

    + Perform other related duties as assigned.

    How You Will Do Your Work

    As a Senior Security Engineer, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:

     

    + Good judgement - the exercise of critical thinking, analyzing and assessing problems and implications, identifying patterns, making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership of the outcome.

    + Resourcefulness - taking a can-do approach, even in the face of obstacles and constraints by assessing what’s in front of you and effectively and efficiently optimizing what you have, whether it's working on something new or thinking about how to do something better.

    + Teamwork and communication - putting our collective best together through documentation, collaboration, relationship-building, listening, empathy, recruiting, and evangelism.

    + Influence and leadership - fostering a community of knowledge-sharing, collaboration, mentorship, and forward-thinking.

    + Skills and knowledge - the capacity to actively learn and apply specific domain knowledge, know-how, and best practices to continually enhance and improve.

     

    In addition, all Justworkers focus on aligning their behaviors to our core values known as COGIS. It stands for:

     

    + Camaraderie - Day to day you can be seen working together toward a higher purpose. You like to have fun. You’re an active listener, treat people respectfully, and have a strong desire to know and help others.

    + Openness - Your default is to be open. You're willing to share information, understand other perspectives, and consider new possibilities. You’re curious, ask open questions, and are receptive to thoughts and feedback from others.

    + Grit - You demonstrate grit by having the courage to commit and persevere. You’re committed, earnest, and dive in to get the job done well with a positive attitude.

    + Integrity - Simply put, do what you say and say what you'll do. You’re honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example.

    + Simplicity - Be like Einstein: “Everything should be made as simple as possible, but no simpler.”

    Qualifications

    + At least 5+ years experience in information security concepts, common technical security controls, and security architecture design principles, ideally in a SaaS environment

    + Solid experience with Secure-SDLC processes and DevSecOps, including secure design, threat modeling, vulnerability management, etc.

    + Familiar with secure coding practices and security scanning technologies

    + Extensive experience in security architecture, system design, and engineering scalable security solutions in a cloud-native (AWS) environment

    + Background as a software engineer, security architect, or security engineer with experience implementing DevSecOps

    + Hands-on technical expertise with depth in modern cloud-based security architecture and engineering in an AWS environment

    + Proven track record as a strong communicator

    + Strong analytical skills

    + Exceptional organizational skills

    Technologies used

    + Technical experience with DevOps, Jira, and other agile automation tools

    + Ruby on Rails & Javascript

    + (Preferred) Security Certifications: CISSP, CISM, CRISC, GIAC, CCSP or CEH

     

    The base wage range for this position based in our New York City Office is targeted at $167,500.00 to $205,000.00 per year.

     

    Actual compensation is based on multiple factors that are unique to each candidate, including and not limited to skill set, level of relevant experience, and specific work location. Salary ranges for positions based in other locations may differ based on the cost of labor in that location.

     

    For more information about Justworks’ Total Reward Philosophy, including all of the perks and benefits we are proud to offer our team members, please visit Total Rewards @ Justworks (https://www.justworks.com/careers#total-reward-philosophy) .

    Diversity At Justworks

    Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and respected consistently. Diversity in our work, our people, and our product drives creativity and innovation, entrepreneurial leadership and integrity, competitiveness, and collaboration throughout our business and in the market. We depend on our differences to make our team stronger, our workplace more dynamic, and our product accessible to all of our customers.

     

    We’re proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or familial status, disability, pregnancy, gender identity or expression, veteran status, genetic information, or any other legally protected status. Justworks is fully dedicated to providing necessary support to candidates with disabilities who may require reasonable accommodations. We also provide reasonable accommodations to employees based on their sincerely held religious beliefs, as well as for other covered reasons consistent with applicable federal, state, and local laws. If you're in need of a reasonable accommodation, please reach out to us at [email protected]. Your comfort and success matter to us, and we're here to ensure an inclusive experience.

     

    Our DEIB Report and Our DEI Commitment (https://justworks.com/blog/black-lives-matter-90-days-later)