IT Security Engineer

Our mission is simple: we want to set people free to do meaningful work. People love our software—and it\'s clear that people love working here too. We\'ve been recognized as a "Best Company to Work For," and we\'re proud of our team for receiving awards for workplace effectiveness and flexibility.

As our Security Engineer, you\'ll be responsible for managing our security posture as well as keeping our application safe from external threats. Our ideal Security Engineer will be able to manage IT-related security issues, such as firewall management, HIDS/HIPS configuration, log monitoring, and audit compliance (SOC II). You will ensure that our software application is both manually and automatically pentested for security vulnerabilities (Red Team and Blue Team exercises) and be a decision maker in all things security management — able to "pull the plug" on a feature, application, or other business function if it represents a significant risk to the company.

• Conduct penetration tests against web applications and infrastructure


• Validate security on new hardware and software infrastructure


• Assist front-line company representatives with security questions


• Manage firewall rules and internal pentesting


• Manage SOC II controls and external pentesting


• Manage priorities through backlog management system (Jira)


• Come to work, do great things, then go home!

• 3+ years experience performing penetration testing (against web applications)


• Experience securing cloud-based infrastructures and solutions


• Previous experience working on an information security team


• Advanced knowledge of common security vulnerabilities (OWASP) and best practices


• Familiarity with SOC II controls and how to review them


• Experience in other technical roles (SysAdmin, Helpdesk, etc.)


• Strong understanding of Linux server environments


• Experience with Kanban and Agile DevOps workflows


• A good attitude and willingness to learn — you\'ll be with great people. You\'re welcome.

• You have a degree in CS, IT, or a similar field


• CISSP, Security+, or other security-related or Linux or cloud-related certifications


• Previous scripting experience (Python, Perl, Ruby, or PHP)


• You possess strong time prioritization skills


• You are proactive and look for ways to continuously increase efficiency


• We can see that you have a measured demeanor that assumes the best of people and respects co-workers.


• Real-world examples of demonstrated technical leadership

• Great Company Culture. Utah Business Best Companies to Work For (2020 & 2021) and the Sloan Award for Business Excellence in Workplace Effectiveness and Flexibility (2020 & 2021)


• Work that Stays at Work. Genuine work/life balance served here!


• Rest and Relaxation. 3 weeks paid time off, 11 paid holidays, and we pay you to go on vacation (ask us about this!)


• Health Benefits. Medical with HSA and FSA options, dental, and vision


• Prepare for the Future. 401(k) with company match


• Financial Peace University. Take the class, get reimbursed, get a bonus

Equal Opportunity Employer--M/F/D/V

Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.