Listing Description

Job Description:

Strider is seeking a security professional with the ability to provide expertise in researching, developing, and operating security systems, and with skills for evaluating, designing, and implementing secure configurations in Strider’s systems and products. We are looking for a detail-oriented security engineering professional with a desire to improve enterprise security through hands-on system engineering for corporate technology and internally developed cloud-based products. We need a hands-on engineer looking to apply their skills and passion so that their vision of security is realized. As a member of Strider’s Security Team, you will lead the engineering and operation of technology to enhance the confidentiality, integrity, and availability of all corporate information systems and products. This is an opportunity to become a key contributor to the continuing maturity of the security program. We are building a team focused on high-impact collaboration with our partners across the corporation leveraging transparency, trust, and innovation to elevate Strider’s security through partnership and teamwork. 

 Responsibilities: 

• Leading engineering initiatives for deploying and maintaining security toolsets to maximize risk reduction for endpoints, SaaS and cloud-based environments


• Reducing vulnerabilities in products and internal tools via secure development practices   


• Supporting achievement of compliance with third party standards


• Monitoring and responding to security events


• Working across teams to enhance training and development of a security mindset


• Support identity management across multiple cloud environments


• Develop procedural documentation and policies


• Support third-party penetration testing


• Support risk management


• Automation wherever possible 

Qualifications:

• Experience researching, deploying and supporting information security systems 


• Experience with endpoint, network and SAAS security solutions 


• Experience securing cloud-native solutions in a major cloud provider 


• Hands-on Python development experience or in another language (Java, C#, etc.) 


• Knowledge of application security and the OWASP Top 10 


• Experience consulting with internal teams on the technical implementation and support of information security controls 


• Experience analyzing code and applications for security vulnerabilities and compliance  


• Hands-on experience leveraging common industry standard toolsets for development, testing and secure code analysis 


• Knowledge of application security architecture 

 Nice-to-haves: 

• Experience leading security projects and initiatives 


• Knowledge of compliance standards such as ISO 27001, SOC 2 Type 2 


• Experience developing policies and procedures 


• Experience leading incident handling 


• Scripting and automation skills 


• Vulnerability management  


• Knowledge of continuous integration/continuous delivery pipelines