Lead Security Engineer

Follow Up Boss


2 months ago

03/01/2019 15:59:16

Category: Software Dev


It's 2019 isn't it time to find a job that lets you work where you want? 
 
Who Is Follow Up Boss?
  • We’re a simple, sales-focused CRM for real estate teams (and we use our own product) 
  • We’re a self funded, profitable company started back in April of 2011
  • We’re a remote company with a mostly US-based team
  • We don’t just claim to be customer-centric - we live it: https://www.facebook.com/followupboss/reviews
  • Check out our video on how we work: https://www.followupboss.com/about/
 
Why Would You Want To Work Here?
  • We’re a young, ambitious company who only answers to our customers 
  • Opportunity to have a big impact on our growth and your career
  • No red tape or pointless meetings
  • Competitive salary, health/dental insurance and 20 days paid holiday, $1000 to outfit your home office, yearly company meetup
 
This Role Is For You If…
  • You are passionate about Information Security and have solid experience in the field.
  • You would describe yourself as patient, empathetic and having a good sense of humour
  • You’re independent, self-motivated and can stay efficient and productive without someone looking over your shoulder all day long
  • Superb written and verbal skills (with a professional yet fun demeanor).
  • You enjoy programming and creating solid, tested, reliable things over just breaking things. 
  • Reject the idea of security being a blocker, and enjoy collaborating with colleagues across teams to ship projects securely 
  • Have the ability to work with others and helping them to understand security is far more important than knowing about the latest ROP gadget finding techniques. 
  • This is a hands-on technical position where you will work with the Infrastructure and Product teams to ensure the secure release of applications. 
  • Security architecture experience and the ability to consult with engineering teams working on technology projects will be key to success.
  • You have thorough familiarity with techniques used by real world attackers and should be able to prioritize detection and attack surface reduction efforts based on this knowledge. 
 
Your qualifications:
  • Self motivated and proactive mindset.
  • Remote work experience is considered an asset.
  • Based in the USA, quiet home office with fast internet.
  • Strong experience in penetration testing or related activities, including at least network and application security experience.
  • Understand modern web application architecture, TCP/IP, HTTP, and standard network and system security technologies 
  • A strong knowledge of securing production LAMP (PHP) stacks, as well as a solid understanding of iOS and Android apps is a must. 
  • Strong knowledge of internet security issues.
  • Strong knowledge of UNIX and networking protocols.
 
Your responsibilities will include:
  • Take a leadership role in driving security and privacy initiatives at Follow Up Boss.
  • Establish, advocate and enforce security policies and best practices among our team members.
  • Lead efforts to keep our customers' data and company assets safe.
  • Review changes in internal processes and IT systems to make sure the changes being made don't have adverse effect on security.
  • Provide security guidance for our products and technologies
  • Collaborate with colleagues across a variety of teams to architect & ship projects securely
  • Discover, analyze, assess, and respond to various threats in Follow Up Boss's web stack, iOS and Android applications.
  • Investigate security-related reports from customers, internal team members or general public, assess risks and damage, plan recovery actions and lead the effort to execute the plan.
  • Review changes in software we produce to make sure we follow best security practices and the changes being made don't have a negative effect on security.
  • Evaluate and provide recommendations on third party applications and services and the security implications associated with their use.
  • Understand offensive techniques/tactics and be able to prioritize mitigation techniques or technologies accordingly.
  • Instrument and perform anomaly analysis of systems and applications
  • Ability to discover new and interesting security problems as well a fix them.
  • Mentor other team members.
 
30 Day Targets:
  • Become familiar with the product architecture, infrastructure, and existing tools.
  • Pair with engineers to gain knowledge about the system and how we work.
  • Improve the new hire onboarding process, by being a part of it.
 
60 Day Targets:
  • Take active part in the internal security related work (e.g. assessing company VPN, implementing AWS IAM security best practices, SSH + 2FA, etc)
  • Work with fellow engineers to ensure authorized access to internal tools, servers, and sensitive customer data.
 
90 Day Targets:
  • Identify top security issues and develop a solid plan to address them
  • Develop internal physical security policies.
  • Review and produce plan to comply with Google Compliance External Security Audit.
 
Our Core Engineering Values
  • Teamwork
  • Communication
  • Code Quality
  • Focus and Prioritization
  • Customer Driven
  • Leadership Qualities
 
If this sounds like a great fit we would love to hear from you.
We're not accepting applications from agencies.

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • Heroku / Salesforce (North America)
    2 days ago

    Heroku is looking for a Developer Advocate with past experience in a developer-facing role, creating demos, writing blog posts, and building communities.

    Heroku’s Developer Advocacy team is small but scrappy and distributed around the U.S. We educate, inspire, and spark community among developers and also advocate internally for them.

    Do you consider yourself a software developer, but you are also excited about developer communities and helping other developers? If that sounds interesting to you, please read on.

    Heroku is looking for a Developer Advocate with past experience in a developer-facing role, creating demos, writing blog posts, and building communities. This role can be remote or you can work from a Salesforce office, but we would like you to be in a North American timezone. Also, this role will require 10-30% travel.


    > What is Heroku?

    Heroku’s mission is to create the fastest path for application developers to turn an idea into a production app of any scale. We want to remove every obstacle that slows down creative coders and let them focus on their customers’ experience while leaving everything else to our service. Today, Heroku powers over 7 million apps ranging from personal hobby apps to Internet top 100 apps. In aggregate, we serve more than 23 billion requests per day. Yet, it only takes minutes for a new developer to get the first app up and running, ready to serve customers.

    Heroku is one of the fastest growing businesses at Salesforce.

    Heroku’s Developer Advocacy team is small but scrappy and distributed around the U.S. We educate, inspire, and spark community among developers and also advocate internally for them. Sometimes this means working individually on some code or a demo or a conference talk. Other times, this means working closely with other Heroku teams like Product, Marketing, or Engineering.

    > Some Things You Might Work On

    • Interact (virtually and in-person) with developers

    • Write blog posts

    • Organize meetups

    • Create product demos

    • Record podcasts

    • Test new product features

    • Create conference talks

    • Attend events

    • Design and build a community program

    • Collect and share developer trends, desires, and feedback internally

    • Mentor other developers (writing and speaking)

    • Maybe most importantly, decide which of these are important and define how we work on them


    > Who you are


    CODE

    You're a developer first. As a coder, you can empathize with other developers, build credibility speaking to them, and even sit down with them in a debugging session.

    You have experience with at least one of Heroku’s supported languages: Node, Ruby, Java, PHP, Python, or Go and something else. Experience meaning not just an understanding of the syntax but also the community. That “something else” could be data, Apache Kafka, API design, web performance, mobile development, continuous delivery, microservices, distributed systems design/architecture, AI/ML, etc. Share what you're excited about with us.

    But you aren't satisfied calling yourself just a developer.

    COMMUNITY

    You also like engaging deeply with developer communities. Even better, you've helped build or grow a developer community. This means you've participated in or helped to organize meetups, conferences, or hackathons. Or it could mean that you've been an integral member of a popular open source project, or you've otherwise participated in a community in a meaningful way virtually. Ideally, more than one of these things.

    CONTENT

    Content is how the Developer Advocate communicates their ideas and the meaning behind their code. Whether it's writing a technical blog post, scripting out an engaging demo, crafting a clear GitHub repo README, speaking in a podcast, or presenting an idea or project in a conference talk, content allows us to share our message with and hear feedback from a larger audience.

    You should relish the thought of composing clean, clear prose almost as much as you do writing concise, elegant code and not be averse to speaking in front of a group of your peers.


    Other Desirable Characteristics or Background

    • Infectious energy

    • Excited about Heroku’s desire to provide simple, intuitive tools to developers

    • Experience at a company with a developer-focused product

    • Comfortable (as much as one can be) with public speaking

    • Comfortable speaking with customers

  • Jatheon Technologies Inc. (Europe)
    6 days ago

    SENIOR VUE.JS DEVELOPER

    We are a growing company with an internal development team that is working on amazing new projects and looking for a Vue.js Developer to further improve our performance and help us build our Cloud Archiving solution. You will be responsible for maintaining and developing highly-intuitive user interface and will collaborate closely with Design, Application Engineering and QA to specify, build, test and deploy new features. You will not only be a great contributor to the quality of our code, but also have important input on our UX strategy, as well as the opportunity to help us build our technical landscape, participate in developing our design system and share your expertise in front-end development with the rest of the team.


    You will:

    • Define coding standards and best practices for the front end
    • Write well-documented, extensible code that is easy to maintain and that adheres to predefined coding standards
    • Own the overall quality of code including unit testing and functional testing
    • Find and address performance issues
    • Work collaboratively and consult with our development team, provide guidance to the development process and perform code reviews
    • Assist in the architecture, development and integration of software components into fully functional software systems
    • Stay up-to-date on emerging technologies and discuss potential solutions to problems

    Required Skills & Experience:

    • 3+ years of experience in front-end web development
    • Minimum 1 year of extensive experience with Vue.js, alternatively with Angular/React
    • Extensive hands-on experience with JavaScript (closures, scoping, functional concepts, OOP)
    • Knowledge of HTML5 and CSS3 including preprocessors
    • Expert knowledge of jQuery and BootStrap
    • Experience with Single Page Applications
    • Excellent verbal and written communication skills in English
    • Motivation to learn new technologies, continually improve and work with little direction by understanding business goals and performing self-directed research

    Bonus points for experience with:

    • Writing unit tests
    • Local Storage and ES6

    What we offer: 

    • Full-time remote position
    • Flexible hours ‒ it’s about getting the work done, not about when desk chairs are filled
    • High-end laptop and other equipment
    • Great working atmosphere with regular team building activities
    • A chance to be part of a casual, but highly professional international team
    • Conferences, trainings and events
    • Competitive compensation depending on experience and skills
    • Exposure to emerging technologies and practices (Cloud, AWS...)


    If you think we'd be a good fit, please send us a cover letter and resume in English.

  • Jilt (Worldwide)
    6 days ago

    Howdy 👋We’re the folks at Jilt, an email marketing platform built for eCommerce. We help thousands of stores grow sales with emails that delight their customers. Our team is 100% remote, with 21 people distributed all over the world. 

    We’re looking for a smart, detail-oriented front-end engineer to join our team and help build fast, intuitive interfaces in React.

    You should be...

    • Deeply experienced with React, JavaScript, and CSS
    • Adept at translating user stories into detailed engineering implementation tasks
    • Detail-oriented & curious, with a drive to understand and solve technical challenges
    • A self-starter, comfortable working independently and taking a high level of responsibility
    • Dedicated to constant learning and sharing your knowledge

    Bonus points if you also have…

    • Experience using React alongside Ruby on Rails, or other MVC frameworks
    • Angular/Vue experience

    You’ll be responsible for…

    • Building features, tweaks, bug fixes, and refactors based on specs in Clubhouse stories (derived from both customer feedback and our product/support teams)
    • Adhering to internal code standards and best practices while suggesting new ones for team consideration
    • Carefully user-testing your own work and implementing feedback from code review
    • Providing detailed code reviews to your teammates
    • Updating our internal wiki & documentation
    • Assisting our support team with troubleshooting challenging issues

    Why you’ll love working with us…

    • Kind, wonderful teammates that enjoy their work as much as you do
    • Competitive salary
    • Annual company retreats (read about last year's adventure in Lake Tahoe!)
    • Fantastic benefits: 27 days paid time-off, full health insurance (medical, dental, and vision), retirement contributions, paid parental leave, and more!
    • Transparent culture (check out our team wiki)

    Curious to hear more? Learn more about the position and apply here. Applications accepted through June 7th. We can’t wait to meet you!

    We support workplace diversity and do not discriminate on any protected class. We believe when we work together as a team of different views, experiences, and ideas, we can build amazing things.

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!