Senior Security Engineer

🕒 May 7

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Federato

WebsiteLinkedInAll Job Openings

11 - 50 employees

🤖 Artificial Intelligence

💰 $15M Series A on 2022-09

Artificial Intelligence • Insurance

Federato is an innovative company that provides an AI-driven platform designed to transform underwriting processes for insurance companies. Their platform, known as RiskOps, helps insurers achieve profitable underwriting growth by automating submission triage, offering real-time decision support, and consolidating multiple systems into a single, efficient workflow. Federato's solutions are tailored for carriers, MGAs (Managing General Agents), and mutual insurance companies, offering them improved visibility, efficiency, and the ability to prioritize high-value accounts. With features like seamless rating interfaces and efficient submission portals, Federato aids insurers in streamlining their operations and enhancing their underwriting capabilities using advanced technology.

📋 Description

• Contribute to our application security program. Work with our SAST, DAST, and SCA tooling, triage and prioritize vulnerabilities, and partner with engineering teams to drive remediation. Participate in threat modeling and secure design reviews on new products and services. • Share incident response on-call. Investigate, contain, and resolve security incidents alongside the rest of the team. Help refine our runbooks, detection coverage, and post-incident process. • Help harden our cloud and Kubernetes environment. Contribute to security posture across GCP and GKE: IAM and least-privilege, secrets management, container and supply chain security, and IaC guardrails (Terraform). • Build detections and security automation. Engineer high-signal detections from cloud, identity, and application telemetry. Automate the toil of vuln triage, access reviews, SaaS posture, questionnaire workflows so the team scales. • Streamline customer security work. Help respond to customer security questionnaires and audits, and build internal tooling and a knowledge base so this scales as deal volume grows. • Strengthen business continuity and DR. Help assess threats to continuity, contribute to DR plans, and run real exercises against them. • Help drive a security culture across engineering. Pair on developer training, secure-coding guidance, and standards work to make the secure path the easy path.

🎯 Requirements

• 5+ years of hands-on experience managing cloud infrastructure and automation. • Experience in achieving SOC2 Type II, ISO 27001, or similar certifications • Experience with Node.js or Python for backend services in a microservices architecture. • 3+ years of experience with cloud providers, preferably Google Cloud Platform (GCP). • Solid experience with cloud security on GCP or AWS, including IAM, Kubernetes, and IaC. • Knowledge of asynchronous processing, message queues (e.g., Kafka, Pub/Sub), and event-driven architecture for backend applications. • Experience focused on the internal engineer team success

🏖️ Benefits

• Total compensation package includes stock options, benefits, and additional perks.