RECUR needs an experienced cyber security leader to define and build our software and cloud infrastructure security practices, tools, and team.  We are looking for someone that has deep and broad knowledge of how to secure and protect cloud platforms, web applications, and data.  We are at a foundational stage and it is important that we have a security first mindset in order to protect our business and our customers.

What do we at RECUR believe makes a great engineering team? 

• Build a team focused on securing our platform and protecting our customers and our business
• Define our information security program (policy, governance, controls)
• Create plans to improve our security posture and then implement them
• Identify security weaknesses in our software and platform
• Continually educate our team on how to secure our platform
• Be our security expert, be on top of the latest vulnerabilities, and manage our security backlog
• Be a key member of our incident response team
• Review software architecture and designs to identify potential security holes and suggest improvements
• Work directly with our large clients to ensure that they trust that we have a strong security program (security questionnaires, attestations, etc)
• Build a vendor management policy and ensure that we properly evaluate vendors
• Build or integrate 3rd party solutions to solve various security problems such as: monitoring, code scanning, access control, intrusion detection, ATO prevention

What you bring to RECUR

• You have 10+ years of experience architecting systems, more recently with a specialty in cyber security
• You have built and lead teams that specialize in cybersecurity
• You are on top of the latest security trends, vulnerabilities, and breaches and know how to use that knowledge to bolster your own security program
• You have defined, built and maintained an enterprise wide information security program 
• You have a strong understanding of the OWASP top ten and how to mitigate or eliminate these and other vulnerabilities
• You are a software architect and have built and maintained sophisticated platforms and applications in the cloud (preferably AWS)
• You have threat modeling experience, and ability to develop threat modeling processes and threat scenarios to inform risk mitigation and secure development and deployment controls.
• You have hands-on experience with AWS and its bevy of services including WAF, CloudFront, API Gateway, Cloudwatch/CloudTrail, Route53, IAM Service Boundary, SCP, Shield or alternative solutions provided by Cloudflare or other vendors
• You have built and maintained internet applications with millions of users in domains such as payments, trading, banking or eCommerce where keeping customer’s information and money safe is paramount
• You are familiar with designing processes with appropriate controls, governance and documentation to achieve PCI-DSS, SOC2, and ISO-27001. 
• You are legally eligible to work in the USA or Canada

Benefits & Perks

• Commitment to being a remote-first company & embracing remote work best practices
• Comprehensive insurance plans - health, dental, and vision + disability and life Insurance
• Equity in RECUR
• 401(k) with 2% company matching, no waiting period
• Flexible Spending Account and Dependent Care Accounts
• 4 weeks paid vacation, 11 company holidays, 3 floating holidays
• Parental Leave - Primary & Secondary
• $100 per month stipend for internet & cell phone
• Learning and development reimbursement (including online courses, certifications, conferences, seminars, etc.)
• Free monthly subscription to Headspace, Aaptiv, Omada