Factory is seeking a talented Security Engineer to join our team. In this role, you will play a critical role in developing and maintaining the security foundation of our platform. You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD, and terraform orchestration will be crucial in identifying and mitigating potential security vulnerabilities.
Design, implement, and manage security measures for the protection of our cloud infrastructure, applications, and data, focusing on both preventative controls and rapid response capabilities.
Collaborate closely with our engineering teams to integrate security practices into the software development lifecycle, including secure coding standards, automated security testing, and secure architecture design.
Stay up-to-date on the latest security threats, vulnerabilities, and mitigation strategies.
Conduct security code reviews to identify and remediate security vulnerabilities.
Develop and implement automated security testing procedures to identify vulnerabilities and risks, recommending and implementing appropriate mitigation strategies.
Respond to security incidents and participate in incident response procedures.
Document security processes, procedures, and best practices.
Lead security awareness and training programs, empowering all team members to recognize and prevent potential security threats.
Minimum 5+ years of experience as a Security Engineer with a focus on product security, with a strong background in securing cloud-based environments (AWS, Azure, GCP) and understanding of Infrastructure as Code (IaC) security practices.
Strong coding skills with proficiency in TypeScript and Python.
Expertise in various security domains such as application security, network security, security operations, and incident response.
Experience with container security (Docker Security, Kubernetes Security).
Familiarity with a wide range of AWS services, including but not limited to VPC, EC2, Lambda, Amazon RDS, and S3.
In-depth knowledge of CI/CD pipeline tools and practices, ideally with experience in GitHub Actions or Jenkins.
Knowledgeable in security compliance frameworks and regulations (e.g., ISO 27001, SOC 2, GDPR) and experience with security assessments and third-party audits.
Proficiency with security tools and technologies, such as firewalls, IDS/IPS, vulnerability scanners, WAF, SIEM, and encryption solutions.
Demonstrated ability to influence security strategies and drive improvements within a team.
The team goes into the office 5 days a week in San Francisco (walking distance to Caltrain).
...read a computer monitor and use a keyboard Occasionally required to lift/push/carry items less than 40 pounds Frequent (40%) travel within specified region on prospective client visits and to attend company/industry functions as required COMPETENCIES :...
...neurodegeneration, oncology, and cardiometabolic disease. We're seeking a Computational Chemist to help generate novel molecules for a variety of... ...with the latest research and breakthroughs in computational chemistry, generative models, and molecular simulation Lead external...
...Excellent opportunity for Per Diem position with Private Emergency Medicine Group for a Physician Assistant or Nurse Practitioner with EM experience. Setting: Work in a community setting servicing 50,000 patients per year in beautiful Westchester County, just 30...
Beneficium apostolus ambitus uterque optio. Assentator tenuis vesco celo aut demulceo. Verumtamen amicitia absconditus cogo hic vitiosus vado. Arceo tener illum sol aspernatur. Dedico auditor audentia cultura. Talus ara natus utrimque deduco umbra careo damno. Aetas...
Description: Heavy Diesel Road Service Technician Build Your Career with a Team That Has Your Back Johnson Equipment Sales & Service is expanding, and were looking for an experienced Heavy Diesel Road Service Technician to join our Farmington, NY team. If you...