Employer: Array.com
Array is revolutionizing how businesses leverage and enhance consumer data. Our platform enables innovative companies and developers to seamlessly integrate credit and identity data into their apps, websites or workflows. As a remote-first company, we’re focused on providing opportunities for autonomous individuals to have high levels of impact at the forefront of the fintech space. Continuous improvement, experimentation, and a clear mission stretch us individually and together in service of delivering the best products for our clients and users.
The Cybersecurity Engineer will be responsible for proactively defending Array’s systems & networks from malicious cyber attack. This position will report to the Director of Information Security.
Responsibilities:
- Lead incident response & remediation efforts for all system and/or network security events.
- Iteratively plan, prioritize, implement, manage, monitor, and upgrade security measures for the protection of the organization’s data, systems, and networks.
- Analyze security event logs, application & network data, correlation rules and develop analytics to enhance shared situational the company’s information security risk posture.
- Manage regular checks of IT security levels.
- Protect & harden the production environment.
- Ensure that the organization’s data and infrastructure are protected by enabling the appropriate security controls.
- Passively & actively test & identify network and system vulnerabilities.
- Identify emerging information security threats and develop suitable proactive defense measures.
- Evaluate architectural changes for security implications and recommend enhancements. Contribute cyber security expertise in architecture reviews and help harden the future evolution of Array’s API platform.
- Develop information security activity monitoring reports.
- Produce assessments; communicate regularly with relevant departments in the organization.
Skills/Qualifications:
- Degree in computer science, computer engineering, IT, systems engineering, or related qualification.
- 3+ years of work experience with incident detection, incident response, and forensics.
- Proficient in Go / Python /Java / Node.
- Experience with GitLab DevSecOps features.
- Familiarity with NIST standards and OWASP protocols.
- Experience with Firewalls (functionality and maintenance), IDS/IPS, Office 365 Security, VSX, and Endpoint Security.
- Strong awareness of cybersecurity trends and hacking/exploitation techniques.
- Strong interest in securing cloud environments from cyber exploitation.
- Pristine attention to detail with an analytical mind and outstanding problem-solving skills.
Nice To Haves:
- Knowledge of Cloud Security, Google Cloud Platform Security & monitoring.
- Experience securing APIs and hosted infrastructure from cyber exploitation & attack.
- Knowledge of Security Across Multi-Vendor Platforms.
- Experience with ethical hacking.
- RE experience.
- Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler, (GCIH), Certified Information Systems Security Professional (CISSP).
