About NetFoundry & This Role:
NetFoundry is a leader in the Zero Trust space, providing Zero Trust networks commercially as the originator and maintainer of OpenZiti, the world’s most widely adopted open-source zero-trust networking platform, empowering developers to embed zero-trust networking capabilities seamlessly into various applications, proxies, browsers, APIs, IoT devices, and more. NetFoundry also offers a fully hosted zero-trust Network as a Service (NaaS) called CloudZiti, enabling organizations to effortlessly harness zero-trust. We shouldn’t need to choose between security and velocity; We need both. NetFoundry provides programmable, multicloud native, Zero Trust networking. NetFoundry enables the next generation of network technology that elevates security while allowing engineers to connect systems at speed securely. We are scaling rapidly and require ambitious, driven leaders who can accelerate our growth and fundamentally change networking.
About the Role:
We are seeking a dedicated Information Security Engineer to manage our internal and product-related security challenges. As part of a medium-sized enterprise, you will play a critical role encompassing the breadth of cybersecurity. The Information Security Engineer will craft and oversee security measures, support our software development teams in security best practices, and communicate our security stance both internally and externally. This position carries the responsibility for sustaining and enhancing a mature cybersecurity program, evidenced by our SOC-2 report maintained since 2020. You’ll have the chance to further your expertise within our dynamic culture and evolving product landscape.
Key Responsibilities:
- Analyze and propose enhancements to security systems on an ongoing basis.
- Identify potential threats and report software issues promptly.
- Research security vulnerabilities and formulate strategic mitigations.
- Find and implement cost-effective cybersecurity solutions.
- Establish security best practices and standards for the company, covering internal processes and product offerings.
- Conduct thorough testing on our software for internal use and client-facing products.
- Support colleagues by addressing cybersecurity, software, or IT issues.
- Create and maintain security controls documentation to meet SOC-2 audit requirements.
- Gather and provide evidence of security control operations for monitoring and auditing purposes.
- Document software and network architectures, including security controls.
About You:
- Proven ability to prioritize projects effectively.
- Ability to operate autonomously with minimal direct supervision.
- Strong communication skills, adept in articulating security concepts.
- Knowledgeable in best practices implementation at a company-wide level, inclusive of products.
- Proficient in risk management with the ability to balance security needs and business metrics.
Minimum Qualifications:
- 4+ years of experience in the cybersecurity field.
- Demonstrated critical thinking skills and problem-solving abilities.
- Some programming experience, Python preferred.
- Experience with Cloud Service Provider operations.
- Experience with the SOC-2 audit process and requirements.
What we offer:
Base Salary + Annual Bonus Plan
We have a range of expanding and improving benefits and perks, including:
- Fully remote with flexible working hours
- Comprehensive health benefits (Medical, Dental, and Vision) with expanded well-being benefits
- Employer-paid Life, AD&D, Short-Term & Long-Term Disability
- Learning and Development Budget
- 401K with company match
- Paid Holidays
- Unlimited PTO
- Technology Stipend
This is a unique opportunity to join a rapidly growing company at the forefront of zero-trust technology and play a pivotal role in shaping its success.
If you are passionate about cybersecurity and thrive in a dynamic and innovative environment, we invite you to apply for the position of Information Security Engineer and join our globally distributed team as we revolutionize networking and the cybersecurity landscape and redefine the future of secure connectivity!