Security Analyst

TaxJar


1 month ago

08/21/2019 14:36:52

Job type: Full-time

Hiring from: USA

Category: Software Dev


DESCRIPTION

TaxJar is the leading technology solution for busy eCommerce sellers to manage sales tax and is trusted by more than 15,000 businesses.

Our core values

  • We do the right thing for our customers.

  • We're a team, built on trust.

  • We're proud to be remote.

  • We're in control of our own destiny.

TaxJar’s remote-only team of 100+ people is growing quickly. We have an immediate opening for a Security Analyst who wants to help us make eCommerce easier for everyone.

We're looking for a detailed oriented and experienced Security Analyst that has a passion for information security and is eager to make an impact in a growing company.

On our team you will have the opportunity to help build, grow, and maintain our Information Security Program. This position reports to the Director of Information Security.

*This is a full-time remote position available to folks located in the US.

As a Security Analyst for TaxJar you will:

  • Develop a comprehensive understanding of our Security Policies, SOC2 and GDPR controls in order to manage and track commitments from partners and vendors

  • Own the Access Control management process for all employees

  • Analyze, track, and monitor alerts from our Cloud SIEM (security analytics tool)

  • Deploy, manage, and help secure employees workstations using Jamf - MDM tool

  • Perform security reviews of vendors to ensure compliance with policies and customer requirements

  • Assist with ongoing and annual Security and Privacy Awareness training for employees

  • Ongoing auditing and testing of security controls to ensure adherence with SOC2 and GDPR compliance frameworks

  • Perform regularly-scheduled vulnerability scans to support regulatory compliance and identification of new vulnerabilities

  • Assist with annual risk assessments, incident response, and business continuity planning

  • Responsible for monitoring and analyzing of all Data Loss Prevention events using Amazon Macie and CloudTrail

REQUIREMENTS

  • 3 - 5 years of experience in a technology and information security related role

  • Experience supporting SOC2 compliance, GDPR experience is a plus

  • Knowledge and expertise of Mobile Device Management (MDM) tools, preferably with Jamf

  • Superior attention to detail, with strong process and documentation skills

  • Fast learner and someone who is always eager to learn and adapt (growth mindset)

  • Self-directed, self-motivated

  • Agile, humble, trustworthy, and a team player

  • Excel at communicating with the team remotely (chat, video, email, etc)

You’ll be a great fit on our team if you

  • Only want to work remotely

  • Are a PRO at communicating and collaboration

  • Highly value working with people you like and respect

  • Are accountable

  • Are confident in your skills and a solid team player (We’re peers here, no egos please) but also comfortable working asynchronously

  • Hungry to play an impactful role and not afraid to fail

We’re a happy team and we all really love what we do. We've created a space where high-achievers can succeed but are also safe to fail. We're profitable and focused on growing TaxJar sustainably. We're always learning how to make TaxJar the best place to work for all of us, and not just another tech startup. We’re always looking for an amazing new teammate to come share in the excitement of solving real-world problems with technology.

BENEFITS

  • Excellent health, vision and dental benefits

  • Flexible vacation policy

  • 401k Plan

  • $1,000 in professional development credit

  • Home office stipend

  • Equity in a profitable company

  • 2x year all-company in person retreats (fully paid for by us of course)

  • Mandatory Birthday holiday!

  • 12 week paid maternity/ 6 week paid paternity leave

  • Monthly perks reimbursement for things like Netflix, Amazon Prime, your gym membership, home internet and more.

We offer all of our employees amazing benefits. Visit www.TaxJar.com/jobs for a full list of our benefits and to learn more about how we work and what we stand for.

If you're not the perfect fit for this position, but you know someone who is, we'll pay you $1,000 if you refer us to the person we hire.

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • Netdata Inc. (TZ: UTC -3 to UTC +5)
    Yesterday

    Netdata is looking for talented Software Engineers in Test (SET) to join our distributed (remote) engineering team. As a SET at Netdata, you will need to be passionate about Software Quality Assurance, capable of both exploratory manual testing and authoring of test suites for automated testing. Our products include both modern microservices-based backends, reactive web applications and monolithic, statically linked linux binaries. Your knowledge and experience in test automation across the 'test pyramid', in various platforms combined with your excellent communication and teamwork skills will actively contribute to the quality of the Netdata platform.

    Responsibilities

    • Collaborate with software and DevOps engineers across the company to understand, develop and automate test and deployment processes.
    • Author, optimize and maintain comprehensive integration and end-to-end (system) test suites for the Netdata platform, including our open-source offering.Your work will entail significant scripting work in order to automate processes and setup testing environments.
    • Perform manual exploratory end-to-end (system) and integration testing for newly created features — and then create the respective test automation scenarios for those manual tests.
    • Be an advocate for Test Driven Development (TDD) and software development best practices across Netdata, through the introduction and observance of 'shift left' principles.
    • Educate software engineers on how to author efficient unit and component tests for their code, by demonstrating proper techniques, frameworks and tools.
    • Communicate Code Quality metrics to all stakeholders.
    • Understand and review complex systems already in existence.
    • Actively participate in the planning phases of new systems under development.

    Why join Netdata

    • We are a team of industry veterans and senior engineers that prioritize performance and ease of use over anything else.
    • We embrace remote work and great work-life balance.
    • We are solving hard problems that affect thousands of organizations worldwide.
    • We are deeply committed to Open Source and love our community.
    • We deeply care about system performance.
    When you join Netdata, you can expect

    • A competitive salary.
    • A generous stock plan.
    • To join a venture-backed startup working with some of the most sophisticated investors of Silicon Valley.
    • To be part of our world-class team and interact with an amazing community.
    • To see first-hand how to grow and succeed in an engineering-first, open source-based company.
    • To find a culture that rewards doers.

    Requirements

    • Required experience
    • Minimum 3 years experience as a software engineer .
    • Familiarity with UNIX-like systems and environments.
    • Familiarity with scripting languages.
    • Familiarity with modern CI/CD pipelines, including open source platforms (Jenkins, Gitlab.)
    • Strong experience in Test Automation. We expect all candidates to have proven experience with the implementation, maintenance, optimization and extension of large test suites in Cucumber, Selenium, TestNG, REST-assured, or equivalent frameworks.
    • An ability to perform well in a fast-paced environment.
    • Excellent analytical and multitasking skills.
    • Excellent command of spoken and written English.

    Preferred experience

    • Familiarity with microservice-based integration and systems testing is a significant plus.
    • Familiarity with contract testing
    • Experience with the Google Cloud Platform
    • ISTQB Advanced certifications are considered a plus
    • BSc degree in Computer Science or relevant field

    Netdata is an Equal Opportunity Employer. We are committed to providing an inclusive work environment free of discrimination and harassment for everyone, regardless of race, color, religion, national or ethnic origin, sex, age, sexual orientation, gender identity, disability, sexual orientation, marital status, military service or other non-merit factor.

  • This position is remote based.

    GitLab is building a research team that will focus on improving GitLab’s security detection capabilities, including SAST/DAST and future products. For more information about our security products, please review:  https://about.gitlab.com/direction/secure/ and https://about.gitlab.com/direction/defend/

    This team will work directly with the GitLab Security, Development, and Product teams to build, tune and improve the efficacy of GitLab’s stand-alone detection products. 

    Managers in the Security Department at GitLab see the team as their product. While they are technically credible and know the details of what vulnerability research engineers work on, their time is spent hiring a world-class team and putting them in the best position to succeed. They own the delivery of security commitments and are always looking to improve productivity. They must also coordinate across departments to accomplish collaborative goals.

    As a member of the security team at GitLab, you will be working towards raising the bar on security. We will achieve that by working and collaborating with cross-functional teams to provide guidance on security best practices.

    The Security Team is responsible for leading and implementing the various initiatives that relate to improving GitLab's security.

    Responsibilities

    • Hire a world class team of vulnerability research engineers to work on their team

    • Help vulnerability research engineers grow their skills and experience

    • Provide input on vulnerabilities, issues, and security features

    • Hold regular 1:1's with all members their team

    • Create a sense of psychological safety on your team

    • Recommend security-related technical and process improvements

    • Author project plans for security initiatives

    • Draft quarterly OKRs

    • Train engineers to screen candidates and conduct managerial interviews

    • Strong sense of ownership, urgency, and drive

    • Excellent written and verbal communication skills, especially experience with executive-level communications

    • Ability to make concrete progress in the face of ambiguity and imperfect knowledge

    Requirements

    • You have a passion for security and open source

    • You are a team player, and enjoy collaborating with cross-functional teams

    • You are a great communicator

    • You employ a flexible and constructive approach when solving problems

    • You share our values, and work in accordance with those values

    Compensation

    Please view the compensation range for this role at the bottom of the position description.


  • 3 weeks ago

    We're looking for a community-centric human to join our remote team to protect our systems and foster a culture of privacy and security in order to protect our community of users.

    At Feeld we are on a mission to normalise sexuality. We are building an inclusive, human-centred product welcoming people in relationships or not to meet like-minded others. Most of the humans in our app look up to us as a safe space where they can explore safely.

    We're looking for a security engineer who likes to wear hats of many colours to help us preserve the privacy and safety of our users, and who understands the importance of this fact.

    As a security engineer, you will be in charge of all things security in the company. You will be the first point of contact for everyone technical and non technical to ensure Feeld's systems are kept safe from threats.

    If you're a list person, here are some of our expectations, listed:

    You:

    • Can help us automating security on our Continuous Integration Pipeline.

    • Protect our infrastructure from Intrusions.

    • Collaborate with Devops to make sure that Developer velocity is maintained.

    • You will create processes to perform security reviews of our architecture.

    • You will be in charge of maintaining and updating our architecture documentation.

    • You have experience managing and evaluating third-party services.

    • You will build and maintain a security incident response plan.

    • You will perform and enforce security code reviews.

    • Establish and enforce security practices across the whole company .

    • Educate developers and provide tools to handle a SDLC.

    • Create a solid onboarding/offboarding process for employees.

    • Assess, list and prioritise security issues.

    • Prepare and evaluate third parties for external security tests.

    • Set up and facilitate our own bug bounty program, internal or external.

    • Create a security policy and expose it on our website.

    • Regularly audit our applications, DNS settings and dependencies.

    Bonus points:

    • interest in working remotely

    • experience with consumer based products

    • Be humble and respectful - no security shaming

    • Create and maintain strong relationships with our Circle Leads

    • Willingness to develop a security + privacy culture

    • Experience training engineers and non-engineers in security skills

    • Attend meetups with other security engineers

    Us:

    Feeld is an independent, experimental and fully remote organisation reshaping the dialogue on dating and sexuality. The company was founded 5 years ago and has evolved since to become the transparent, flat structure it is now. We don't believe in standard management, so we have a naturally agile and fluid culture. The whole team is fully remote, which means you work where and when helps you perform at your best. We're self-managed and treat our organisation as a product – we iterate, improve and test things internally to see what works best for everyone. Some things we provide are:

    • flexible working hours

    • unlimited holidays

    • fully remote

    • annual retreats

    • equity options

    • expense account

    • training budget

    • computer and home office equipment

    • transparency - open data, open salaries, open equity

    • access to the Feeld Flat in Porto, Portugal

    • friendly humans

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!