Binary Fountain is a fast-growing SaaS product company on a mission to build the largest repository of consumer opinion content. Our current customers span healthcare and multifamily residential and include some of the largest and most prominent health systems/hospitals as well as management groups in the United States. Our platform provides with data and critical tools to better understand customer experience and enables businesses with the ability to manage their entire internet presence in one easy space.
Binary Fountain is looking for a Senior Security Engineer to join our multi-discipline agile team in Tysons Corner, VA. The Security Engineer will work closely with application development and infrastructure team to evaluate, protect and build security within our SaaS product platform. This role will help harden custom applications along with the cloud infrastructure and support our security programs with documentation and implementation.
Please email your resume for consideration to: firstname.lastname@example.org
Duties & Responsibilities:
- Work with application engineering teams to protect new and existing enhancements using secure coding principles and segmentation best practices
- Work closely with cloud infrastructure team to develop and maintain security controls for critical infrastructure (encryption at rest, SSL certificates, security groups, secure connections etc.)
- Participate in assessment and remediation of cloud infrastructure from a security perspective
- Assist in the design and implementation of best security practices including static and dynamic vulnerability scanning, code analysis toolset and penetration testing methodologies
- Investigate, recognize and remediate vulnerabilities identified by vulnerability testing tools, especially around OWASP 10 (XSS, CSRF, SQL injection, others) and/or SANS Top 25
- Investigate and analyze security alerts at both application and infrastructure/AWS level
- Assist in the performance of internal security-related audits, e.g., risk assessments, policy reviews, user entitlement reviews, others.
- Design solutions to support certification needs (SOC, ISO27001)
- 3+ years’ experience in an IT security
- BS in Computer Science or Engineering or related field is desired
- Direct experience in implementing architecture design concepts related to integrating security into all layers of the IT stack: applications, networks, endpoints, and cloud (AWS)
- Must have proficiency in web application penetration testing to identify security weakness
- Deep understanding of the AWS shared security model
- Extensive knowledge of securing AWS environments at the application, network and service layer.
- Previous startup experience is a plus
- Previous background as a security or development engineer with interest in application security is a plus
- Experience working in a healthcare environment and handling protected health information (PHI)
- Experience utilizing an agile project management tool, e.g., Jira
- One or more of the following certifications: Security+, SANS, GIAC, CISSP, CISM, CEH, CIPP, AWS Certified Security Specialty
Binary Fountain offers an excellent employee experience: people-centered culture, professional growth potential, competitive compensation and a comprehensive benefits package, including 401K plan, unlimited PTO, insurance plans with the leading provider, FSA and HSA options, tuition assistance, training opportunities, free gym on-site, fully stocked kitchen with free snacks.
Binary Fountain is an Equal Opportunity Employer.