Staff Security Engineer

🕒 vor 3 Monaten

🇺🇸 Vereinigte Staaten – Remote

💵 $220.000 - $240.000 / Jahr

⏰ Vollzeit

🔴 Experte

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Assured

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

☁️ SaaS

🤖 Künstliche Intelligenz

Insurance • SaaS • Artificial Intelligence

Assured ist ein Unternehmen, das Sach- und Unfallversicherern innovative Lösungen für die Schadenbearbeitung bietet. Ihre Plattform bietet eine Reihe modularer Lösungen, die darauf abzielen, das Kundenerlebnis zu verbessern, Schäden schnell abzuschließen und Schadenquoten durch strukturierte Datenerhebung und -verarbeitung zu optimieren. Die Assured-Plattform unterstützt den gesamten Lebenszyklus eines Schadens, einschließlich der ersten Schadenmeldung (FNOL), Messaging, Betrugserkennung und Katastrophenmanagement (CAT). Ihre Lösungen sind als White-Label-SaaS-Angebote verfügbar, erfordern keine Integration und können schnell implementiert werden. Mit einem Fokus auf datengesteuerte Ansätze zielen sie darauf ab, das Schadensmanagement in der Versicherungsbranche durch die Nutzung künstlicher Intelligenz und die Bereitstellung schlanker, automatisierter Prozesse zu transformieren.

Beschreibung

• Lead security architecture and design reviews across applications, infrastructure, and integrations to ensure secure patterns are embedded early in the development lifecycle. • Conduct and coordinate penetration testing, threat modeling, and security reviews for critical services, new features, and third-party integrations. • Design and implement security automation within CI/CD pipelines to ensure secure coding practices and infrastructure policies are enforced at scale. • Partner with infrastructure and DevOps teams to secure cloud platforms (AWS) and improve identity, network, and workload security. • Build security observability and detection capabilities, including security data pipelines, SIEM integrations, and threat intelligence signals. • Think like an attacker—identify systemic weaknesses and design controls that protect against entire classes of attacks, not just individual vulnerabilities. • Work closely with developers to improve security practices through secure architecture guidance, code review support, and developer enablement. • Lead incident response investigations and help build processes for identifying, analyzing, and mitigating security incidents. • Own and evolve the bug bounty program, including triage, response processes, and improvements to vulnerability management workflows. • Develop security standards, playbooks, and training programs that make security practices easier for engineering teams to adopt. • Help define the security roadmap, identifying initiatives that improve both risk posture and operational efficiency.

🎯 Anforderungen

• Deep understanding of application security, cloud security, and modern threat landscapes, including common vulnerabilities and attack techniques (OWASP Top 10, MITRE ATT&CK, etc.) • Strong software engineering background with experience writing production-grade code or automation (Python, Typescript, or similar) • Hands-on experience securing cloud-native infrastructure, especially AWS, including IAM, networking, and containerized workloads. • Experience building or integrating DevSecOps pipelines, including SAST, DAST, IaC scanning, and container security tooling. • Experience designing security telemetry pipelines using tools such as SIEM platforms, observability systems, or data lakes. • Experience running or participating in penetration testing, threat modeling, or architectural security reviews. • Proven ability to collaborate effectively with engineering, DevOps, and product teams to drive secure design decisions. • Excellent communication skills and the ability to clearly explain complex security risks and trade-offs to both technical and non-technical stakeholders. • Strong understanding of SaaS architectures, distributed systems, and internet-facing platforms. • Experience developing security frameworks aligned with CIS benchmarks, NIST, or SOC2 / PCI / HIPAA compliance requirements. • Experience building security detections, threat intelligence pipelines, or runtime protection mechanisms. • Hands-on experience with Kubernetes, container security, and infrastructure-as-code (Terraform, Ansible).

🏖️ Vorteile

• Competitive Compensation: Competitive salary and equity packages for all employees • Healthcare Plan: Platinum medical, dental, and vision • Free life insurance: Including long-term disability & short-term disability • Unlimited PTO: Uncapped vacation days & paid holidays • Family Leave: Maternity & paternity • 401(k) Contribution: Assured contributes 3% of your income, even if you don't contribute • WFH Benefits: Lunch on us 2x/week, monthly phone stipend & other home office perks • Health FSAs & HSAs: Pre-tax accounts for out-of-pocket medical expenses • Team events & Offsites: We're remote, but we regularly get together