Security Engineer

At Charthop our mission is to build world class software that delights our customers. As part of that mission, protecting our customers’ sensitive data is one of our core values. This means that it’s critical we go above and beyond in regards to securing our platform. We are looking for an experienced Security Engineer to come in and help take our security processes to the next level. You'll have great coding skills and a breadth of experience, as well as wanting to get your hands dirty and contribute to our systems.

As the first Security Engineer you will provide technical leadership, guidance, and mentoring to the team on security best practices. You will help to shape our standards and tooling to ensure our team remains both secure and agile.

Responsibilities

• Working in and with development teams to ensure security is designed into new features being built
• Sharing your experience and best practices with the engineering team
• Helping to instil a security culture at Charthop
• Helping Charthop shift security left
• Working together with external teams (e.g. Pen Testers) to externally validate the security health of our platform
• Contribute to our application codebases and infrastructure
• Working with the VP of Engineering and CTO to build and maintain our security roadmap

Requirements

• 3+ years as a Security Engineer, 8+ years industry experience
• You have demonstrable software security experience
• Comprehensive understanding of application-level vulnerability testing and application security (OWASP, WASC, NIST)
• You have software development and DevOps experience, and want to ship features as an Individual Contributor (i.e. write code)
• You are passionate about security and up to date on the latest threats and techniques
• You are able to articulate and prioritize security risks
• You have some experience with AWS

Nice to haves

• Experience with SOC-2 certification and audits
• Computer Science Bachelor's Degree or equivalent experience