Senior Security Software Engineer

Who You Are:

Are you a skilled Senior Security Software Engineer with a strong focus on safeguarding cloud infrastructure? Join Hyperproof and play a key role in ensuring the security, reliability, and scalability of our platform. Your expertise in security best practices and methodologies will be essential in driving continuous improvement and contributing to our mission of shaping the future of compliance management and security

What You'll Do:

As a Senior Security Software Engineer at Hyperproof, you will be instrumental in leading the security management and optimization of our cloud-based infrastructure. This hands-on technical role involves a comprehensive approach to security, from strategic development to implementation and oversight.

Your core responsibilities will include:

• Security Strategy & Implementation: Developing and executing a comprehensive security strategy, designing and implementing automated vulnerability scanning and static analysis for source code, and protecting running services with multi-level threat detection services.
• Threat & Vulnerability Management: Leading and reviewing threat models for the Hyperproof application, and reviewing engineering designs, source code, and system configuration changes to ensure adherence to standards such as SOC 2, FedRAMP, GDPR, NIST, and CIS.
• Cross-Functional Collaboration: Working closely with IT and the Director of Compliance to uphold the highest security standards across the company. You will also collaborate with customer support, sales, and implementation teams to address customer security questionnaires and inquiries.
• Security Awareness & Risk Management: Maintaining security awareness training for the engineering team, participating in company-wide risk management, assisting with third-party vendor assessments, and representing the engineering team on the cross-company Infosec response team.

What You'll Bring:

• Extensive experience in security-focused engineering roles, with a focus on managing cloud-based infrastructure in Azure, GCP, or AWS.
• Strong understanding of security principles, secure coding practices, vulnerability management, and threat modeling.
• Proficiency in cloud security services and tools, such as Azure Security Center, AWS Security Hub, or Google Cloud Security Command Center.
• Experience with security automation tools and technologies, including scripting languages like Python, NodeJS, and Bash
• Knowledge of security compliance standards and regulations, including FedRAMP, CMMC, NIST, CIS, GDPR, and other data protection requirements.
• Experience with Okta, Auth0, SAML, and other federated identity systems.
• Experience working with auditors and penetration testers.
• Proven track record of driving innovation, optimizing security performance, and maintaining high-security standards in a production environment.
• Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
• A positive attitude and a willingness to learn, adapt, and grow in a dynamic environment.
• Bachelor's degree in Computer Science, Engineering, or a related field (or equivalent experience).
• CISSP/CISM, CCSP, or related security certification.
• US citizenship required*
• Due to the nature of the work and participation in Federal security and compliance programs, U.S. citizenship is required as a bona fide occupational qualification in accordance with federal government security and compliance regulations.

Join Hyperproof and help shape the future of compliance management and security! Apply now to become a key member of our dynamic team.

Candidate Experience:

We respect your time and aim for transparency throughout the interview process. Expect:

• A 30-minute initial chat with our Principal People & Talent Partner.
• A Take-Home Assessment
• Three 60-minute 1:1 interviews with senior members of our engineering team, and one interview with our VP of Engineering