Software Engineer (Security) at Fortmatic

Fortmatic

Software Engineer (Security)

Full-Time in San Francisco, CA - Remote OK - Engineering

Fortmatic is seeking to work with a highly talented and self-motivated Software Engineer/Security who is passionate about solving security problems at scale. As a Software Engineer/Security on the team, you will help to ensure the security of our products and systems throughout the development and the development life cycle (from both internal and external threats).

You will

  • Implement tools and automation to proactively detect security risks and threats for internal systems
  • Collaborate with other engineers to identify security gaps and integrate security into software development process
  • Perform scheduled technical security exercises, security assessments, and code audits
  • Ensure best security practices and procedures are maintained and carried out by all engineering teams through system design input and code reviews
  • Create internal frameworks and tools for engineers to use and to improve security
  • Develop automated technical solutions to help mitigate security vulnerabilities and integrity
  • Be the go-to expert for security concerns on the team

What you bring to the team

  • 3+ years of work experience in any security engineering domain using SDL, threat modeling, SIEM, vulnerability scanning, pentesting and etc.
  • Proficient in shell scripting and scripting languages in Python/Ruby
  • In-depth knowledge in secure coding practices and strong passion in helping other engineers to adopt them
  • Relevant knowledge in modern web app and mobile app security landscape, real-world attacks and mitigations
  • Strong foundation in applied cryptography, network and computer security, authentication and security protocols
  • Have hands-on experience in the public cloud environment leveraging best security practices

Bonus

  • Experience in implementing an intrusion detection system with automated mitigation steps
  • Have DevOps experience in public cloud environments
  • Have participated in SOC2 Type 2 audit
  • Have a startup personality and mentality: smart, hardworking, productive, team player, ethical, can execute under pressure

Technologies that we are currently using include React, Python, Docker, AWS, HashiCorp, etc. We are deeply driven by the agile development principles. We are looking for people who share the same philosophy, perform under pressure and are comfortable with frequent change requests.