Red Ventures is seeking a Senior Security Engineer to join our growing Cyber Security team. Our environment presents a unique challenge for security professionals. Our goal is to not only protect our data, but our partner and client data fiercely. Our security team is growing in both size and importance as we continue to grow.
Our Senior Security Engineer will safeguard our data management system through ensuring that all software ranging from firewalls, endpoint security, cloud security, vulnerability scanning and more are held to the strictest security standards. You'll be supporting many different engineering teams who all need to collect and secure PCI data. Our products and use cases range from internal ordering systems to public websites with transactional web carts.
Develop and maintain a balanced application security program based on a well-defined application security framework
Ensure application design and implementation best-practices
Staying current with new threats and exploits and assist in adjusting Red Ventures’ security profile accordingly.
Periodic automated and manual penetration testing of key systems and applications.
Work closely with our CISO to research, test and deploy additional security processes and products.
Serve as team lead, supporting many different engineering teams who all need to collect and secure PCI data. Our products and use cases range from internal ordering systems to public websites with transactional web carts.
The best candidate has extensive and detailed knowledge and experience in all aspects of network and system security at an engineering level.
Specific requirements include:
8+ years of recent server side development experience, in technologies such as C#, Golang, PHP, or Node
Excellent OOP and software design skills
Strong ability to develop systems that meet architectural objectives including reusable, scalable code
Ability to understand information security and network risks. Ideal if you have working experience (or strong knowledge) of Cloud environments or DevOps security compliance
Expertise working with all the standard diagnostic and security tools in Linux such as nmap, psad, tcpdump, syslog, iptables, ipvs, tripwire and similar
Experience implementing, tuning and monitoring NextGen firewalls
Experience working with, or strong familiarity with, one or more IT Standards such as SSAE SOC2, ISO 27001, PCI, HIPAA/HITECH, NIST, CSA/CCM and similar.
Expert in deploying and using scanning and penetration tools for vulnerability testing such as Nessus, nmap, AppScan and similar. Intimate knowledge of how to manually perform attacks such as SQL Injection, Cross-Site Scripting and other attacks as listed by the OWASP.
Experience supporting, implementing and enforcing PCI requirements. Must have detailed knowledge of various technologies and techniques to meet PCI requirements.
About Red Ventures:
Red Ventures is a leading digital consumer choice platform based in Charlotte, North Carolina. Through deeply integrated brand partnerships and consumer-facing assets, Red Ventures connects online customers with products and services across high-growth industries including home services, financial services, and healthcare. Founded in 2000, Red Ventures has more than 2,700 employees in offices across the Carolinas, Seattle, Washington, and Sao Paulo, Brazil.