Cloud Security Engineer
- Participate as needed in documenting security standards, guidelines, policies and procedures.
- Perform SAST/DAST and penetration testing on web applications, web services, native and mobile applications using security tools
- Triage and validate security vulnerabilities found or reported, and serve as a Subject Matter Expert in AppSec to the engineering team in identifying mitigation solutions
- Conduct security tests and identify potential vulnerabilities (OWASP top 10 - XSS, CSRF, SQLi, critical/high and common issues in NVD, etc.) of improvement in security design or implementation
- Communicate issues to the application owners, provide meaningful remediation recommendations, and validate that they have been resolved
- Work closely with Engineering teams and Platform Operations team to validate security posture of new features for IDX releases
- Coordinate with WebOps, Engineering and IT teams to facilitate audit processes.
- Assist with Vendor Risk Management process.
- Assist with customer security questionnaires.
- CISSP certification is preferred.
- Bachelor’s degree in Computer Science, Engineering or equivalent
- 4+ years experience in Information Security.
- Experience with cloud platforms: AWS, Azure, GCP
- Software development experience: Python, REST APIs, SQL, Regular expressions.
- Knowledge of SOC2, NIST-800-53, NIST 800-171, HIPAA
- Ability to construct and execute database queries using SQL.
- Experience with vulnerability management tools and concepts
- Experience with IBM QRadar SIEM
- Previous IT audit experience
- Experience with programming languages such as PowerShell, Python, etc.
- Expert technical skills in: Network and Web Application security
- 4 or more years conducting security reviews, threat modeling, tracking findings, and communicating risk to engineering and management
- Extensive experience with threat modeling frameworks and techniques, particularly as applied to agile development
- Prolonged periods sitting at a desk and working on a computer
What's So Great About Working at IDX:
You mean besides our awesome employees? We're glad you asked. We have a comprehensive benefit package that includes:
- Medical, dental and vision
- 401k with matching,
- Life and Disability insurance,
- Generous PTO,
- IDX observes 10 paid holidays each year.
- 1 floating holiday.
- We offer 2 days paid off for volunteering in the community.
- We also have paid Jury Duty, Bereavement Leave and Family Leave.
- On-Site Facilities:
- We have interior bike racks, showers, lockers, and bike fix-it station.
- Great restaurants, café and bars
- Friday breakfast, beer, Kombucha and many other daily snacks and drinks
Final Candidate will be required to pass a criminal background check.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.