Staff Security Engineer – PSIRT

Vaga não está no LinkedIn

🕒 Ontem

🇺🇸 Estados Unidos – Remoto (EUA)

💵 $185.000 - $230.000 / ano

⏰ Tempo Integral

🔴 Especialista

👮‍♂️ Cibersegurança / Engenheiro de Segurança

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Flock Safety

SiteLinkedInTodas as Vagas

501 - 1000 funcionários

Fundada em 2017

🔐 Segurança

💰 $150.000.000 Series E em 2022-02

Security • Public Safety • Technology

Flock Safety é uma empresa que se concentra em fornecer soluções tecnológicas avançadas para a segurança pública e privada. Eles utilizam ferramentas como reconhecimento de placas de veículos (LPR), câmeras de vídeo, detecção de áudio e drones automatizados para melhorar a segurança em bairros, empresas, escolas e organizações governamentais. Seus produtos são projetados para dissuadir o crime e auxiliar as forças de segurança na geração de pistas através da coleta de evidências. A Flock Safety opera em um modelo de serviço por assinatura, oferecendo uma infraestrutura sem necessidade de manutenção e fácil de implementar para melhorar a segurança comunitária. Confiada por mais de 5. 000 comunidades, a Flock Safety visa criar ambientes mais seguros, mantendo a transparência e a privacidade.

Descrição

• Stand up and run Flock's Security Incident Response Team (PSIRT) as the single point of accountability for every externally-reported and internally-discovered vulnerability that touches a Flock product. • Coordinate with teams about fixes as much as coordinating with your security counterparts for security validation. • Be the operational owner of our newly established CNA and the technical owner of our Coordinated Vulnerability Disclosure (CVD) program. • Drive fixes to closure across Hardware, Firmware, Device SRE, Cloud SRE, Mobile, ML, Legal, Comms, and Customer Support. • Lead by influence across engineering, legal, communications, and support, setting the SLAs, the metrics, the playbooks, and the public security advisories that the rest of the company executes against. • Partner closely with our Detection & Response team and Corporate Security, focusing on reducing risk for the devices in the field and the customers who depend on them.

🎯 Requisitos

• 7+ years in security engineering with at least 4 years directly running or leading a PSIRT, product security, or coordinated vulnerability disclosure function. • Demonstrated end-to-end ownership of the FIRST PSIRT Services Framework v1.1 service areas (Stakeholder Ecosystem, Discovery, Triage, Remediation, Disclosure). • Hands-on operational experience acting as a CVE Numbering Authority (CNA) or leading the technical onboarding of one. • Deep knowledge of CNA Operational Rules v4.x, CVE scope definition, and root coordination (CISA ICS-CERT, MITRE). • Deep familiarity with ISO/IEC 29147 (disclosure), ISO/IEC 30111 (handling), the CERT/CC Guide to CVD, and CISA Binding Operational Directive 20-01. • Strong technical understanding across product security, with deep operational experience in at least three of the following (areas 1 and 2 are highly prioritized): • - Embedded/Firmware Security (Secure boot, hardware root of trust, UART/JTAG/USB attack surfaces, OTA integrity). • - Linux/Android Device Security. • - Cloud Security on AWS (IAM, EKS, federation, secrets management). • - Mobile/Web App Security (OWASP Top 10, GraphQL, authn/authz). • - ML/CV Model Security (Adversarial inputs, data poisoning, extraction). • Fluent with CVSS v3.1/v4.0, CWE classification, EPSS, and SSVC frameworks. • Exceptional written skills. • Ability to obtain and maintain CJIS certification as a condition of employment.

🏖️ Benefícios

• Flexible PTO: We offer non-accrual PTO, plus 11 company holidays. • Fully-paid health benefits plan for employees: including Medical, Dental, and Vision and an HSA match. • Family Leave: All employees receive 12 weeks of 100% paid parental leave. Birthing parents are eligible for an additional 6-8 weeks of physical recovery time. • Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses. • Spring Health: Spring Health offers a variety of mental health benefits, including therapy, coaching, medication management, and digital tools, all tailored to each individual's needs. • Caregiver Support: We have partnered with Cariloop to provide our employees with caregiver support. • Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors who can address individual grants, model tax scenarios, and answer general questions. • ERGs: We want all employees to thrive and feel like they belong at Flock. We offer four ERGs today - Women of Flock, Flock Proud, LEOs and Melanin Motion. • WFH Stipend: $150 per month to cover the costs of working from home. • Productivity Stipend: $300 per year to use on Audible, Calm, Masterclass, Duolingo and so much more. • Home Office Stipend: A one-time $750 to help you create your dream office.