Sr. Security Engineer, Identity & Access Management (Remote - US)

+67 more | Remote
Sorry, this job was removed at 12:08 p.m. (CST) on Friday, April 15, 2022
Find out who’s hiring remotely Nationwide
See all Remote jobs Nationwide
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

DISQO is changing the way that the world’s largest brands, agencies and consumer intelligence companies get to know their consumers. We’ve built the first identity-based platform that combines consumer attitudes and behaviors together to power the most accurate and predictive insights solutions for our customers, and we do all of that with the willing participation of our consumers and without using outdated technologies like third-party cookies. We help our customers get a cross-platform view into consumer sentiment, measure advertising effectiveness, analyze consumer purchase journeys, and ultimately grow their brands.


Our mission at DISQO is to engage people to share their opinions and behaviors openly to help our customers make the right decisions. With over one million active members sharing their attitudes and behaviors, DISQO is looking to expand, improve and create world-class applications for people to openly share their data for research.


Check out the DISQO Developer Blog for the latest from our DISQOTECH team.


In this role, you will have the opportunity to design, implement and manage our global identity, access and secrets management architecture. Using your knowledge and experience in security engineering, authentication, authorization, cryptography, and application security you will create roadmaps and enhance the existing identity ecosystem for secure integration, utilization, and maintenance. You’ll collaborate with colleagues, stakeholders and external team members supporting architecture assessment, vulnerability assessment, and security operations. In addition, research, testing and advising of new technology security requirements and future capabilities will be pursued to drive objectives, strategies and measurements of the Identity, access and secrets management ecosystem.

What you will do:

  • Work with technical and business leaders to document current identity access, secrets management, endpoint (MDM) security requirements and architecture, research best practices, conduct trend analysis, and identify gaps in developing future-state IAM designs and specs.
  • Work with product teams to provide guidance and best practices for authN, authZ and secrets management for web applications, infrastructure, SaaS, and APIs.
  • Develop technical standards and provide subject matter expert-level advisory services regarding accepted best practices for IAM and secrets management.
  • Provide security architecture and consulting services for business units and IT organizations.
  • Develop identity, access and secrets management controls for both on-premises and cloud including privilege access management (PAM), multi-factor auth (MFA), encryption key and certificate management.
  • Maintain and update IAM policies and standards on a yearly basis
  • Identify opportunities to integrate and automate tools and systems to create efficiencies and achieve scale.
  • Design and deliver policies, standards and best practices for SSH key management, Certificate management, PKI, privileged identity management Collaborate with governance, risk and external stakeholders to ensure secret standards and auto-rotation of keys/credentials are implemented and operating effectively.
  • Mentor and assist engineers and share/implement best practices.
  • Develop training and awareness materials to facilitate knowledge sharing across the company.
  • Develop RBAC & ABAC standards and review users and roles for adherence to the principle of least privilege, drive user access recertification process
  • Review and approve access requests
  • Provide coverage and periodic on-call support for the IAM services.

What you bring to the table:

  • A team player who brings innovative security knowledge, communication skills.
  • Leverages critical thinking, experimentation, data, and best practices to achieve desired business outcomes.
  • Experience communicating with technical and non-technical stakeholders across multiple business units
  • Excellent written and verbal communication skills.5+ years of Information security engineering experience
  • 2+ years experience in cloud security
  • 3+ years hands on design engineering and deployment experience using IAM technology systems
  • 2+ hands on experience with AWS cloud services including Kubernetes, IAM, KMS, Cognito, Secrets manager, Certificate manager, HSM 
  • Demonstrable knowledge of current technologies in authentication, federation, and identity management space, such as TLS, U2F/UAF/FIDO2,, JWT, Kerberos, SSO, SAML, MFA, X.509, SSH keys, API keys, PKI, WS-Federation, SOAP,WS-Security, WS-Trust, LDAP, ADFS, Open-ID, and OAuth
  • Knowledge of modern enterprise identity architectures such as ZTNA, SASE, and passwordless architecturesExperience in designing, assessing or implementing security controls, or reviewing security posture of the identity ecosystem.
  • Experience with common automation tools such as Gitlab CI/CD, Terraform.
  • Experience with threat molding techniques such as STRIDEExpert knowledge of encryption key lifecycle management, SSH keys, KMS, PKI and certificates
  • Deep knowledge with services and tools related to identity and secrets management such as, Okta, Gsuite, 1Password, HashiCorp Vault
  • Familiarity with privacy regulations and security frameworks such as; GDPR, CCPA, NIST 800-53, NIST CSF, OWASP top 10
  • Knowledge of Blockchain technology
  • Knowledge of endpoint security designs (Device AuthN, VPN, MDM, Yubikey and integrated endpoint security solutions with IAM tools) 
  • Security certification such as; Security+, CEH, CISA, CISSP, AWS Security Specialty or other similar professional designations is preferred.
  • Experience with proof of concepts (POC), feature exploration and incorporation of the assessed in the existing identity ecosystem.
  • Experience with monitoring/logging IAM services, including applications and systems, and resolve or escalation issues as and when required.
  • Ability to write and review Python, knowledge of Go is a plus
  • A foundational belief that security succeeds to the extent that it empowers -- that your mission instead saying “no, you cannot” is to say “yes, here is how”

#LI-Remote #LI-SG1


Perks & Benefits:


·100% covered Medical/Dental/Vision for employee, 80% for dependents

·Equity

·Generous PTO policy

·Flexible work hours

·Quarterly Offsites

·401K

·Life Insurance

·FSA

·Paid Maternity/Paternity leave

·Disability Insurance

·Travel Assistance Program

·24/7 Counseling Services offered to employees


DISQO is an equal opportunity employer. Discovery, innovation, and growth are possible when we open ourselves to new possibilities, perspectives, and approaches. That’s why, at DISQO, we welcome, support, and empower individuals from diverse backgrounds. Exceptional teams are rooted in extraordinary people, each with a unique story and a compelling set of skills. DISQO does not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.


*Recruiting firms that submit resumes to DISQO without first entering into a written contract will not be entitled to any compensation on candidates referred by that firm.

Read Full Job Description
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Candidate Location Eligibility:
Ann Arbor, MI
Atlanta, GA
Austin, TX
Baltimore, MD
Baton Rouge, LA
Birmingham, AL
Boise, ID
Boston, MA
Buffalo, NY
Charleston, SC
Charlotte, NC
Chicago, IL
Cincinnati, OH
Cleveland, OH
Colorado, CO
Columbus, OH
Dallas-Fort Worth, TX
Dayton, OH
Detroit, MI
Greensboro, NC
Hampton Roads, VA
Hartford, CT
Houston, TX
Huntsville, AL
Indianapolis, IN
Jacksonville, FL
Las Vegas, NV
Lexington, KY
Los Angeles, CA
Louisville, KY
Madison, WI
Miami, FL
Milwaukee, WI
Minneapolis–Saint Paul, MN
New Orleans, LA
New York City, NY
Oklahoma City, OK
Orlando, FL
Palm Bay-Melbourne-Titusville
Pensacola, FL
Peoria, IL
Philadelphia, PA
Phoenix – Mesa – Scottsdale, AZ
Pittsburgh, PA
Portland, ME
Portland, OR
Providence, RI
Provo, UT
Raleigh-Durham, NC
Reno, NV
Richmond, VA
Rochester, NY
Sacramento, CA
Salt Lake City, UT
San Antonio, TX
San Diego, CA
San Francisco, CA
San Luis Obispo, CA
Santa Cruz, CA
Seattle, WA
Spokane, WA
Tallahassee, FL
Tampa Bay, FL
Tucson, AZ
Tulsa, OK
Washington DC
Wilmington, NC

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
  • People Operations
    • C++Languages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • ReactLibraries
    • ReduxLibraries
    • LaravelFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • AWS RedshiftDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • RedshiftDatabases
    • AWS (Amazon Web Services)Services
    • GitHubServices
    • Google AnalyticsAnalytics
    • MixpanelAnalytics
    • IllustratorDesign
    • PhotoshopDesign
    • JIRAManagement
    • TrelloManagement
    • WordpressCMS
    • SalesforceCRM
    • SendGridEmail
    • OnGageEmail
    • Google HangoutsCollaboration
    • SlackCollaboration
    • ZoomCollaboration
    • AsanaProject Management

An Insider's view of DISQO

What are some social events your company does?

We have weekly happy hours, lunches and after hours activities. They include Nerf gun fights, karaoke, bowling, weekly basketball games, ping pong, puppy day, trivia games and a lot more!

Siran

Controller

What is your vision for the company?

We want to build a trusted world where all brand decisions result in ultimate consumer satisfaction, a world where brands and consumers connect to create the best products & experiences together.

It's quite an ambitious & technically challenging goal, with an impact so massive, it will benefit all of humanity.

Drew

CTO

What’s the vibe like in the office?

The office vibe at DISQO can simply be described as fun. Whether it’s making watermelon slushee’s in the kitchen or playing a random game of UNO, there’s always something going on. Even when the work gets intense, you can always hear laughter throughout the office.

Marina

Manager, Talent Operations

What are DISQO Perks + Benefits

DISQO Benefits Overview

Fully subsidized medical, dental and vision PPO plan
Flexible work schedule
Fully stocked kitchen and catered lunches
Fun culture - happy hours, games, off-site team building activities
Smart passionate coworkers

Culture
Volunteer in local community
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Employee resource groups
Employee-led culture committees
Quarterly engagement surveys
Hybrid work model
In-person all-hands meetings
President's club
Employee awards
Flexible work schedule
DISQO provides employees with a flexible work schedule that includes Core hours, Flexible start and end times.
Remote work program
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
Mandated unconscious bias training
Diversity manifesto
Mean gender pay gap below 10%
Diversity employee resource groups
Hiring practices that promote diversity
Diversity recruitment program
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Team workouts
Mental health benefits
Financial & Retirement
401(K)
Company equity
Employee stock purchase plan
Performance bonus
Pay transparency
Child Care & Parental Leave Benefits
Generous parental leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
Paid volunteer time
Paid holidays
Paid sick days
Flexible time off
Bereavement leave benefits
Company-wide vacation
End of year holiday shut down.
Office Perks
Commuter benefits
Commuter FSA
Company-sponsored outings
DISQO hosts company outings Quarterly. Our previous quarterly events include bowling, a scavenger hunt in Santa Monica and a pool party in Malibu.
Free daily meals
Free snacks and drinks
DISQO has a fully stocked kitchen including unlimited snacks and all kinds of beverages.
Some meals provided
Company-sponsored happy hours
Onsite office parking
Relocation assistance
Home-office stipend for remote employees
Mother's room
Professional Development Benefits
Job training & conferences
Lunch and learns
Every few weeks, we host Taco Talks, where representatives from different departments share recent wins, ongoing projects, and more.
Promote from within
Continuing education available during work hours
Online course subscriptions available
Customized development tracks
Paid industry certifications
Personal development training

Additional Perks + Benefits

The last several years have placed a newfound emphasis on trust, transparency and innovation at DISQO. Employees have always been at the forefront of everything we do, but we now keep an even closer pulse on employee experience to remain agile as the world continues to evolve. Every quarter, we conduct an employee experience survey to better understand what we should keep doing and what we need to do differently at DISQO. After analyzing the results, we evaluate and implement changes that will benefit our workforce as a whole. Additionally, we measure the employee Net Promoter Score to understand overall employee satisfaction, always striving to improve our numbers based on feedback.

DISQO has also implemented a number of new ways to support and celebrate employees outside of their day-to-day work. Our People Operations team has created Employee Resource Groups (ERGs) – including committees for social impact, diversity, and workplace inclusion – to inform the organization about cultural events and provide opportunities for community involvement. For example, our DEI employee resource group drives discussions around cultural awareness, educates the organization about historical events and holidays, and shares valuable resources. DISQO has also put DE&I at the forefront of hiring, including relationships with diversity recruiting events like HackerX and WomenHack, more inclusive job descriptions, unconscious bias training, and DE&I education for new hires.

More Jobs at DISQO

Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about DISQOFind similar jobs like this