The Team
The Security Engineering team at Imprint is at the forefront of democratizing access to cutting-edge technologies, empowering teams across our organization to innovate and excel. Driven by our vision to redefine the Fintech landscape, our team is committed to building a secure, highly available infrastructure and arming our engineers with a comprehensive development toolchain, empowering them to bring to life world-class products swiftly.
What You'll Do
- Develop, update, and maintain threat models and conduct application security reviews for various software projects.
- Create and implement security policies, guidance, and training programs for employees across all teams.
- Lead the development of security processes and automated tools to prevent security issues.
- Collaborate with software developers to ensure secure coding practices and establish a proactive security posture.
- Partner with engineering teams to continuously improve security processes, priorities, and decisions.
- Reproduce, triage, and address application security vulnerabilities, leading the team in these efforts.
- Ensure compliance with SOC 2 Type II, ISO27001, and PCI DSS standards.
- Support and manage the bug bounty program.
What We Look For
- 5+ years of application security, including threat modeling and security reviews.
- 5+ years of cloud security experience in AWS, Azure, or Google Cloud environments.
- Familiarity with various security tools and technologies, such as static and dynamic analysis tools, intrusion detection/prevention systems, and SIEM platforms.
- Strong understanding of network security principles and practices.
- Proficiency in developing and implementing security policies, procedures, and training programs.
- Experience in creating and managing automated security tools and processes.
- Strong understanding of secure coding practices and experience working closely with software development teams.
- Proven ability to improve security processes and prioritize security initiatives.
- Experience with vulnerability management, including reproducing, triaging, and remediating security issues.
- Familiarity with compliance standards such as SOC 2 Type II, ISO27001, and PCI DSS.
- Experience in conducting security audits and risk assessments.
- Strong analytical and problem-solving skills, with the ability to identify and resolve complex security issues.
- Excellent communication and interpersonal skills, with the ability to explain technical concepts to non-technical stakeholders.
- Strong sense of ownership, urgency, and drive
- Bachelor’s Degree in Computer Science, Computer Engineering, Computer Security, Information Systems, or related field.
Nice-to-have
- Experience in securing payments-related products
- Relevant security certifications such as CISSP and CEH.
- Track record of managing mission-critical, 24x7 production software systems
- Open-source project experience
Perks & Benefits
- Competitive compensation and equity packages
- Leading configured work computers of your choice
- Paid time off policy
- Fully covered, high-quality healthcare, including fully covered dependent coverage
- Additional health coverage includes access to One Medical and the option to enroll in an FSA
- 16 weeks of paid parental leave for the primary caregiver and 8 weeks for all new parents
- An understanding that successful remote work requires flexibility and an appreciation for asynchronous work
- Access to industry-leading technology across all of our business units — stemming from our philosophy that we should invest in resources for our team that foster innovation, optimization, and productivity
Annual salary range: $180k-$250k and competitive equity package.