Senior Security Engineer

Sorry, this job was removed at 2:33 p.m. (CST) on Friday, March 18, 2022
Find out who’s hiring remotely Nationwide
See all Remote jobs Nationwide
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

As a Grove Senior Security Engineer, you’ll be part of our nationwide team tasked with building, maintaining, and securing the IT infrastructure and information systems that power Grove's day-to-day operations. You own securing all things hardware and software that help facilitate Grove’s daily business operations. We rely on numerous cloud technologies (AWS, Google Workplace, Jumpcloud, VMware Workspace One, Datadog, Pagerduty, and Github to name a few) to minimize our footprint, utilize automation wherever possible to minimize manual recurring activities, and practice continuous improvement techniques to build upon infrastructure and systems. 


We’re looking for action-oriented technologists who thrive in fast-paced high-growth environments, and who are looking to further develop their technology skills working with our existing nationwide team. Flexibility to support regions outside of your home office, including occasional travel, is required.


This role is remote within the following US states:

CA, ME, WA, SC, NV, NC, TX, MA, MO, VT, OR, PA, NY, IL, VA, MD


If you live in another state, feel free to apply - but we do not yet have payroll set up and will validate we can support your state before proceeding with the interview process.


And while this role is remote, you are welcome to use our offices if you are in the San Francisco, CA, Portland, ME, or Durham, NC areas! We may also ask you to travel (at most once per quarter) to meet with colleagues face-to-face in San Francisco (Grove pays for the travel).

YOUR IMPACT & RESPONSIBILITIES:

  • You’ll architect, design, implement, and improve our overall information and systems cybersecurity posture (networks, endpoints, clouds, applications, etc.).
  • You’ll analyze and develop information security governance and compliance (ISO 27001, SOX, PCI, GDPR, etc.) policies, procedures, standards, baselines, and guidelines with respect to information security and use and operation of information systems.
  • You’ll build processes that enforce compliance with authentication and access control protocols, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
  • You’ll perform vulnerability and penetration tests, risk and compliance self-assessments, coordinate third-party risk and compliance assessments, and lead remediation and continuous improvement efforts.
  • You are expected to maintain a proactive approach to identifying security risks/ threats by reviewing continuously evolving cybersecurity/industry trends. 
  • You’ll build a security and event monitoring and alerting infrastructure, develop countermeasure processes, and manage recovery, investigation, and reporting of security incidents.
  • You’ll design and implement methods for securing multi-region private and public AWS clouds and all of the associated infrastructure assets in an infrastructure as code environment.
  • You’ll review and provide guidance on secure programming practices in a CI/CD environment using technologies such as CircleCI, Github, Jira, etc. 
  • You’ll be expected to have hands-on experience on some of the industry-standard security technologies such as Vulnerability & Application Security, SIEM, DLP, Public Cloud Security, CASB, etc.
  • You’ll analyze and recommend security controls and procedures in the acquisition, development, and change management lifecycle of 1st and 3rd party information systems.
  • You’ll support the CISO and management during security incident response investigations.

ABOUT YOU:

  • 5+ years experience as a System Security Engineer, Information Security Engineer, or other relevant position
  • Proven experience in implementing security controls across public cloud environments based on some of the security/regulatory frameworks such as SOX, PCI DSS, NIST CSF.
  • Relevant industry certifications must have at least one of CISSP or CCSP and additional preferred (OSCP, GRCP, GSEC, CGEIT, etc.)

BENEFITS:

  • Core Benefits: Stock options, Medical, Dental, Vision, Pre-tax and Roth 401k options, Short term and Long Term Disability and Life Insurance, Employer contribution toward Health Savings Account (HSA)
  • Perks: Employee Assistance Program (EAP), Perkspot discount platform, Quarterly peer recognition awards, Class Pass discount, Free VIP Membership + 25% off every Grove order
  • Work/Life: WFH stipend + internet reimbursement, Flexible Paid Time Off, 16 week Paid Parental Leave + discounts on fertility services

ABOUT GROVE COLLABORATIVE:

Launched in 2016 as a Certified B Corp, Grove Collaborative creates innovative natural products and offers a curated selection of healthy home essentials like cleaning supplies and personal care products. With a flexible, monthly delivery model and access to knowledgeable Grove Guides, Grove’s platform makes it easy for people to switch to healthier, more sustainable routines. Every item Grove offers, both from their flagship Grove Co. brand and from exceptional third-party brands, has been thoroughly vetted against strict standards for sustainability, efficacy and supply chain practices. On a mission to move Beyond Plastic, Grove is the first plastic neutral retailer in the world and is committed to becoming 100% plastic-free by 2025. For more information, visit grove.co/beyondplastic.


INTERVIEW PROCESS

We strive to complete the interview process and give you a clear answer within two weeks of your first conversation with Grove. This isn’t always possible as schedules sometimes conflict, but it is our goal.


The process works as follows:

You’ll do a basic 30 minute screen with someone on our recruiting team, and a more in depth screen with the hiring manager for the position. These are conversations to understand the depth and relevance of your experience, and how you work - they are not technical assessments and don’t contain e.g. brainteasers or riddles.


At this point we need to make sure you can write good code. We have a take-home exercise (about 2-3 hours of work) that most candidates choose to complete. But we also recognize that for some candidates these hours may not be easily available during the time-frame of the interview process. In order to make the process accessible to as many candidates as possible, we are also happy to evaluate a side project, open-source contributions, or professional work product that you have permission to share.


Interview loop

The rest of the interview loop will consist of speaking with engineers and a product manager. We don’t do any algorithmic-style coding questions, but you will do a system-design collaborative exercise with one of our engineers, and spend time reviewing and discussing the code from the second step. This is designed to simulate what it’s like to work with you, and see how you think – not to press you on hashmap runtime complexities.


If there is something important we were unable to uncover in the primary interview loop, the hiring manager may ask for another 30 minutes of your time. Our goal is to get all of the information we need in the loop, but reserve the right to one extra follow-up.


References and offer.

We ask for references when we are positively inclined to give you an offer. In many cases, references tend towards formality, and in others we try to use them to gather a valuable data point that we weren’t able to gather in the interview process. We are always respectful of your references’ time. Immediately following references, you’ll speak with the recruiting team and/or the hiring manager to talk through compensation, benefits, start dates, and more. There should be no surprises during the offer stage.

You sign and we’ll welcome you to Grove!




Let’s do this


We're building a diverse and inclusive work environment where we learn from each other. We welcome people of diverse backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and a fun place to work. Come join the community at Grove. It's a heck of a lot of fun, and we'd love to tell you more about it.


If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to [email protected].

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Candidate Location Eligibility:
San Francisco, CA

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Grove CollaborativeFind similar jobs