Security Engineer

March 12

Apply Now

Get a free AI resume review

Cover Genius

WebsiteLinkedInAll Job Openings

Cover Genius protects millions of customers of the world’s largest online companies. Our goal is to protect all of them.

Insurance Technology • Insurance • Warranties • Product Insurance • Contents Insurance

201 - 500

💰 $70M Series D on 2022-10

Description

• Write Risk Management Framework (RMF)-based policies and procedures, and develop comprehensive cyber security processes to contain implementation. • Assessing cloud infrastructure against security best practices and compliance requirements. • Remediating and/or coordinating with appropriate teams to ensure strategies are in place to mitigate cloud infrastructure security issues. • Assisting other engineering teams to implement a shift left security culture e.g. pipeline SAST/DAST. • Providing advice, tooling and training to allow engineering teams to secure their web applications. • Creating and rolling out MDM policies to corporate devices and ensuring corporate devices are compliant with security policies. • Provision, deprovision and track employee hardware. Or where appropriate that any BYO hardware is used in a sufficiently controlled fashion in compliance with infosec policies. • Partake in technical design reviews, integration, testing, and documentation work. • Providing information to current and prospective customers/partners regarding security. • Conducting risk assessments for current and potential Cover Genius vendors. • Assisting employees with corporate policy compliance. • Coordinating and conducting regular access reviews. • Creating security awareness training for employees. • Assisting the organization in increasing Phishing awareness by creating phishing campaigns. • Assisting the organization in meeting compliance framework requirements (e.g SOC2). • Co-ordinating scheduled external security testing (e.g. annual penetration testing).

Requirements

• Strong attention to detail with an analytical mind and outstanding problem-solving skills. • Passion for security and awareness of current best practices and trends in the security space. • Experience with AWS and/or GCP platforms and associated security best practices. • Experience in securing web applications and frameworks • Ideally some experience with Organization management tools (e.g. Google Workspace, Okta). • Comfortable scripting & developing internal tooling with at least one programming language and ideally some experience with shell scripting (e.g. bash). • Ideally some experience working with infrastructure & configuration as code tools such as Terraform. • Ideally experienced with container technology such as Docker and Kubernetes and general familiarity with cloud native approaches to infrastructure & security. • Experience working with Linux. • Basic understanding of networking and system architecture. • Bachelor Degree in Computer Science/Engineering, Information Security, or equivalent practical experience.

Benefits

• Flexible PTO. Taking time out is important for our teams to enjoy life and stay fresh. • Employee Stock Options - we want our people to share in our success, we reward them with ownership for their contribution in creating a world-class company. • Work with like-minded people who are passionate about both the work we're doing and giving back. Our CG Gives programs enables us to all become philanthropists through our peer recognition and rewards system. • Social Initiatives - pictures speak a thousand words!