As an Ethical Hacker you’ll be part of the team responsible for ensuring that our clients’ data and our platform are protected from vulnerabilities, in compliance with industry standards and applicable laws. Our mission is to help businesses succeed with their online stores and “Sell More”. We want to make sure credit card data is safe and stored and transferred in a PCI-compliant manner. We want our security team to be seen as thought leaders and innovators, not just following the letter of regulations but thinking beyond them. This role will be the technical interface between engineering and the internal requirements of security audit and compliance. The mission is “Everyday is audit day”.
Responsibilities: You will take ownership of Detection/Prevention measures, and ensure their correct operation. SNORT IDS, Nexpose Scans (Network scans), File Integrity Monitoring, Netsparker (Application scans) Assist with the development of security-related policies. You will be responsible for coordinating our response to security incidents and for internal pen testing You will develop programs to educate the engineering staff on the changing landscape of security
Requirements: Degree in Computer Science or equivalent experience. 3+ years working as a Security Engineer in high-volume, high-profile environment Currently hold or are willing to obtain GPEN, CEH or equivalent. This role would also be working towards completion of the CISSP requirements. Experience with PCI/SOX compliance and audits. Familiarity with Safe Harbor requirements Deep understanding of web application architecture and how to detect vulnerabilities and fix them. Experience with common monitoring tools such as Nagios, New Relic, Graphite and statsd. Expert in shell scripting and at least one of the following : Perl, PHP, Python, or Ruby Experience in tracking common vulnerabilities and security fixes A team player, fast learner, with a focus on getting stuff done.
Salary and compensation
$100,000 — $150,000/year
Equity
0.025 – 0.09
