Security Engineer

ComplyAuto is a RegTech company offering cloud-based software that helps companies enhance their compliance and security capabilities while becoming more efficient and cost-effective. ComplyAuto manages and automates compliance decisions, performing tasks that would normally require manually-intensive processes and human intelligence.

ComplyAuto began as a privacy compliance company for automotive dealers, but has quickly expanded into other verticals and compliance areas including cybersecurity, EHS (environmental, health, and safety), and legal compliance.

If you're a motivated Security Engineer who is eager to contribute to a variety of projects while enjoying an array of exceptional benefits, we are excited to review your application! As a Cloud Security Engineer, you will work as a part of our security team and will collaborate with other Security, IT and Software professionals to ensure that our environment and infrastructure is protected.

Salary Range: $125,000 - 150,000 annually

Benefits:

• 401(k) 5% match (1:1)
• Medical, dental, and vision insurance; premiums we pay 100% for employee and family
• HSA contribution for qualifying plans
• Unlimited Paid time off and 10 observed holidays
• Full-time remote opportunity, equipment provided

Responsibilities:

As a SaaS provider, the Security Engineer will play a critical role in ensuring the security and integrity of our cloud applications and security technologies. You will work closely with cross-functional teams to design, implement, and maintain security measures that protect our infrastructure and customer data. This role will bring a strong background in Security Engineering, experience in startup/SaaS environments, securing cloud applications, and a solid understanding of deploying, maintaining and supporting security tooling

• Design, implement and maintain security of ComplyAuto's cloud computing environment
• Recommend software and other security related tools to protect company assets
• Coordinate and communicate with other teams and leadership about security needs and risks
• Conduct regular test and analysis of procedures and system to prepare for emergencies
• Implement and monitor security monitoring and alerting systems to detect and respond to unauthorized access and potential threats

Required Qualifications:

• Bachelor's degree in Computer Science, or a related field; or equivalent work experience.
• 3-5+ years of experience as a Security Engineer, with experience in Cloud Security
• Experience with Cloud Infrastructure (AWS, Azure, GCP) and securing SaaS / IaaS / PaaS environments
• Experience with deployment and management of, including, but not limited to; EDR/NGAV, DLP, SIEM, SASE (e.g ZTNA, CASB, etc.), MDM, Vulnerability Management, etc.
• Understanding of Cloud Firewalls, WAFs, and IAM
• Experience securing third-party SaaS applications
• Excellent communication skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical stakeholders.
• Strong problem-solving and analytical skills.
• Familiarity with industry accepted security and compliance frameworks (e.g. NIST CSF, CIS, SOC2, PCI-DSS, etc.)
• Familiarity with regulatory requirements (e.g. CCPA, GLBA, etc.).
• Familiarity with MITRE ATT&CK framework and the Kill Chain
• Responsible for threat hunting and identifying IOCs & IOAs

Preferred Qualifications:

• Experience as a Security Engineer with a focus in Cloud Security
• Ability to work in a fast-paced, high growth startup environment, with the ability to handle additional security related responsibilities as we continue to grow
• Proficient with security tools and technologies
• Experience managing daily security operations, providing response, triage, investigations, and forensics

Bonus Qualifications:

• Security Certifications are a plus, they are not required, such as CCSP, CCSK, etc.
• You Love to learn and grow, collaborate with others in a fast-paced environment where you can make a direct impact on our teams security goals
• You can multitask, are a self-starter, and have a passion for security

Applicants must be authorized to work in the United States and able to provide proof of work authorization within three days of start date. We are unable to sponsor or take over sponsorship of employment visas at this time.

This is a fully remote opportunity, however, employees must reside in the Continental United States to be eligible for employment.

Candidates must reside in the Continental United States and hiring preference is given to candidates who do not reside in California, Hawaii, or Alaska.

ComplyAuto is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, age, religion, sexual orientation, national origin, disability, gender identity, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state, or local laws.