Senior Software Engineer - Security (Foursquare Labs, Inc., New York, NY)

Senior Software Engineer – Security (Foursquare Labs, Inc., New York, NY)

Build security tooling and automation using Infrastructure as Code and serverless frameworks. Develop alerting and threat detection capabilities in both corporate and production environments. Respond to security events, including isolating, mitigating, and investigating active threats. Directly contribute to Foursquare revenue by helping to close customers through direct conversations or via preparing sales staff with relevant security education and information. Provide technical expertise in all areas of cybersecurity, including AWS cloud security, architectural design, corporate security and asset management, email security, encryption and other cryptographic measures, authentication and authorization, anti-malware, intrusion detection and prevention, and human factors security. Work with infrastructure and feature engineering teams to identify and mitigate risks to the business. Conduct company-wide security advisories and implement measures following national and international security standards and best practices. Implement strategic security improvements as organizational and policy initiatives. Drive adoption of security processes for both engineering and non-engineering teams. Maintain a risk assessment and reduction program by engaging in periodic testing. Use strong communication skills (written and verbal) to maintain and cultivate strong relationships with Privacy and Legal departments to maintain compliance with contractual and regulatory requirements. Provide your expert opinion to leaders and executives in order to inform strategic decision making whenever security considerations are relevant. Advocate for the security culture of the organization, including collaborating with stakeholders across Infrastructure and Engineering teams. Mentor and cultivate the growth of engineers on the team and the wider organization and support their career paths at the company. Keep up to date with global cybersecurity threats and drive company initiatives to reduce risk based on the cyber threat landscape. Participate in on-call rotation duties. Position allows telecommuting from anywhere in the U.S. Salary: $160,805-270,000 per year.

MINIMUM REQUIREMENTS: Bachelor’s degree or U.S. equivalent in Computer Science, Computer Engineering, Information Technology, or a related field plus 4 years of professional experience as Software Developer, Software Engineer, or any occupation/position/job title involving security engineering or DevSecOps, with a focus on AWS and infrastructure security.

In lieu of a Bachelor's degree plus 4 years of experience, the employer will accept a Master's degree or U.S. equivalent in Computer Science, Computer Engineering, Information Technology, or related field, plus 2 years of professional experience as Software Developer, Software Engineer, or any occupation/position/job title involving security engineering or DevSecOps, with a focus on AWS and infrastructure security.

Must also have experience in the following: 2 years of professional experience implementing and ensuring compliance with industry best  practices vulnerability management program and other enterprise-grade security controls, including regular triage of vulnerability reports, penetration testing findings, and vulnerability scanning results; 2 years of professional experience with Infrastructure as Code (Terraform); 2 years of professional experience with secure coding practices, ethical hacking, and threat modeling; 2 years of professional experience writing code in Python or JavaScript; 2 years of professional experience performing administration of AWS cloud services and performing AWS cloud infrastructure setup and configuration, automated testing and deployment; 2 years of professional experience proposing, designing, planning, and implementing strategic and tactical security improvements (including device management, identity and access management); 2 years of professional experience performing penetration testing and mitigation of real world attacks including DoS, XSS, CSRF, IDOR, dictionary attacks, and SQL injection; 2 years of professional experience monitoring email security (including DKIM, DMARC, and SPF, and phishing indicators).

CONTACT: Apply online at: https://foursquare.com/careers or email resume to recruiting@foursquare.com (specify ad code IVAP).