About the Role
Title: Staff Security Engineer – US Remote
Location: Remote United States
JobDescription:
Hi there! Were PAR and our purpose is:
To deliver solutions that connect people to the restaurants, meals and moments they love.
We take that responsibility very seriously. As a leading provider of technology to the top restaurant brands in the world were calling all rebels, instigators, idealists and builders to join our constantly growing team!
PAR invented the first standalone point of sale terminal over 40 years ago, yet we operate much like a start-up at the forefront of restaurant technology. Today, our solutions span Customer loyalty, engagement, restaurant management, payment services, drive-thru, and full POS integrations. These solutions are used to serve tens of millions of guests every day in over 120 countries.
Our mission is to build the number one restaurant technology company in the world and were off to great start.
We believe that our ambition is only limited by our ability to attract and retain great people; people who are up for the challenge to change the game with us! If it sounds like you belong here, we should meet!
Position Description
Reporting to the Sr. Director of Cyber Security, the Staff Security Engineer will partner with the Cyber Security team and across PAR Information Technology and Product organizations to implement solutions to protect PAR network and infrastructure assets, intellectual property, customer, and employee data.
Position Location: US Remote – PAR is headquartered in New York. This is a work remote role. We want the best people no matter where you are. The team stays well connected and cohesive while remote.
Pay Band
The base salary range for this position is $160,000 to $210,000 USD per year commensurate with work location, experience, skills, certifications, education, and prior accomplishments. The position may be eligible for additional compensation, including a bonus, commission and/or equity, as applicable.
What Were Looking For
If youre someone who wants to learn, grow, build a career in a high-tech environment, and meet the below requirements, then were looking for you.
What youll do
- Lead in the development and implementation of technical security requirements defined by PARs Cyber Security Program.
- Define security hardening standards and continuous assessment criteria for PARs IT and Product infrastructure stack.
- Perform security reviews on PAR products and services to assess in the adoption and implementation of secure design principles. (Mobile, Web, APIs)
- Lead internal technology teams through threat modeling to define approaches to operationalizing and automating security controls throughout the system and software development lifecycle.
- Develop and implement build and runtime security measures for Microsoft Azure and AWS cloud environments.
- Evaluate, design, and implement security tooling to prevent or detect system/software vulnerabilities and common security misconfigurations.
- Partner with cross-functional teams to assess and address security risks for PAR Hardware, critical infrastructure services and enterprise business applications.
- Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities via SIEM implementation.
- Assist the team in developing a library of automated security validation checks and integrations to inspect machine and image configurations, IAM and storage policies, firewall configurations etc.
- Provide support for internal and third-party security penetration testing as a Security subject matter expert. Conducting PoC, validation and identifying remediation strategies as required.
- Participate in Cyber Security on-call rotation as a technical incident manager or incident commander as required.
Experience you need to perform this role:
- 8+ years of experience as a security engineer or a mix of security engineering, software development and operations in a lead or staff role.
- Bachelors degree in computer science, Information Systems or related field or equivalent work experience.
- Strong experience with security tools and services within AWS and Azure cloud.
- Deep expertise in Cloud Computing, Windows, Linux security.
- Strong knowledge of networking and internet protocols (TCP/IP, DNS, SMTP, HTTP etc.)
- Strong knowledge of secure authentication protocols (OAuth, SAML 2.0)
- Knowledge of cryptographic key management best practices.
- Scripting & Programming experience required (Python, bash, Java, PowerShell)
- Experience with supporting security incident response and investigations.
- Hands on experience with implementing security in the software development lifecycle including execution of threat modeling, penetration testing and/or secure code review.
- Experience with assessing or implementing controls to comply with security and compliance frameworks and standards such as SOC2, ISO27001, PCI DSS, NIST CSF.
What soft skills matter to us:
- Excellent time-management skills
- Critical thinking and problem-solving skills
- Working with a sense of urgency, ownership and pride in your performance and its impact on the company’s success.
- Interpersonal and communication skills