Senior Security Engineerat Movable Ink (View all jobs)Remote
Movable Ink is a software company that provides marketers with technology and expert services to create unique customer experiences. Founded in 2010, Movable Ink pioneered contextual experiences in email and has powered over 1.5 trillion content impressions worldwide. More than 700 of the world’s most innovative brands rely on Movable Ink to create unique, relevant, and compelling visual experiences across email and web at the moment of engagement.
The Senior Security Engineer, Information Security & Compliance will be a part of the team responsible for planning, implementing and maintaining the firm-wide privacy, security and compliance strategy to protect Movable Ink’s platform. In your role, you'll help Movable Ink identify, understand, manage, and respond to threats to our environment and data.
This includes implementing and maintaining vulnerability management tools, and supporting incident response activities. Additionally, the Senior Security Engineer, Information Security & Compliance will lead a subset of security-related projects to help protect the Movable Ink platform.
- Investigate and help manage remediation efforts for identified vulnerabilities.
- Manage third-party penetration tests throughout the engagement including remediation.
- Monitor networks and systems for security threats, through the use of software that detects intrusions and anomalous system behavior.
- Evaluate and help improve security information and event management tools.
- Play key role in first response following incident reports or security alerts, including DLP and IDS alerts.
- Conduct vulnerability scans and perform analysis of scan results
- Work closely with the Engineering and DevOps teams to remediate vulnerability findings.
- Monitor logs and help improve logging capabilities.
- Assist with quarterly security incident response tabletop exercises and related remediation.
- Advise on and ensure secure coding practices are followed throughout the SDLC process.
- Help identify and develop meaningful security learning resources and trainings for developers especially.
- Provide security guidance on new products and technologies.
- Contribute to client security assessments and advise on custom client security requirements.
- 4+ years of experience in vulnerability management or related role.
- Strong technical foundation that includes knowledge across multiple information security domains.
- Understanding of OWASP top ten vulnerabilities.
- Familiarity with SIEM, DLP, and/or IDS tools (e.g. Qualys, Threat Stack, CloudTrail etc.).
- B.S. in Computer Science or related field, or equivalent experience.
- Knowledge of risk assessment tools, technologies and methods.