Senior Security Engineer
About the role
As a Senior Security Engineer, you will play a vital role in ensuring that Veryfi's infrastructure and applications meet high security standards and helping with meeting various compliance requirements.
Your primary goals will be ensuring that systems are patched and vulnerabilities remediated within assigned timeframes, setting up tools and defining processes to ensure high security standards and compliance requirements are met, developing automated processes to monitor and report on security posture of Veryfi's systems.
- Remediate vulnerabilities independently and in collaboration with engineering and operations teams
- Design and develop automated processes for monitoring and reporting on the security posture of systems
- Configure security scan tools (SAST, DAST, etc) and implement their use in CI/CD pipelines
- Design and configure security measures in cloud-based infrastructure
- Carry out regular internal audits and appropriateness reviews
- Help drive a security-first culture in the company
- High level of proficiency administering AWS cloud services such as IAM, AWS Inspector, CloudTrail, GuardDuty, AWS Config, EC2, WAF, VPC, network configuration, etc
- High level of proficiency identifying and remediating vulnerabilities using tools like AWS Inspector, SonarQube, OWASP ZAP
- Proficiency in Linux administration, shell/bash scripting
- Working knowledge and experience with CI/CD tools like Jenkins, GitHub/GitLab pipelines and containerization tools like Docker
- Working knowledge and hands-on experience with compliance frameworks like SOC2, ISO27001, NIST, FedRAMP, FISMA
- 5+ years administering AWS cloud services such as IAM, AWS Inspector, CloudTrail, GuardDuty, AWS Config, EC2, WAF, VPC, network configuration, etc
- 5+ years administering Linux servers, including shell/bash scripting
- 3+ years maintaining implementation of security controls outlined by compliance frameworks like SOC2, ISO27001, NIST, FedRAMP, FISMA
- 3+ years administering SAST + DAST tools like SonarQube, OWASP ZAP or similar
- 3+ years identifying and remediating vulnerabilities using tools like AWS Inspector, Clair, or similar
- 3+ years experience with Python
- CI/CD (Jenkins, GitHub/GitLab pipelines) and Docker
- CarbonBlack and VMWare UEM is highly regarded
About Veryfi, Inc.
Veryfi empowers organizations to transform their unstructured data in the form of receipts, invoices, purchase orders, checks, W2s and other business documents into structured data at scale. Their suite of data transformation APIs can be leveraged for many use cases in financial services to deliver valuable business intelligence in seconds. Trusted by enterprises and technology companies alike, Veryfi’s AI-based platform is being leveraged by companies worldwide.
Veryfi is backed by NewView Capital (NVC), Act One Ventures, TI PLatform, Y Combinator and Zillionize
Veryfi Raises $12 Million To Use AI To Tackle The Unstructured Data Entry Markethttps://www.forbes.com/sites/rebeccaszkutak/2021/04/26/veryfi-raises-12-million-to-use-ai-to-tackle-the-unstructured-data-entry-market/?sh=886fe19183f8
The Untapped Potential of Unstructured Datahttps://nvc.vc/perspectives/veryfi-the-untapped-potential-of-unstructured-data/
COME AND SAY G'DAY!
Something looks off?