RECUR needs an experienced cyber security leader to define and build our software and cloud infrastructure security practices, tools, and team. We are looking for someone that has deep and broad knowledge of how to secure and protect cloud platforms, web applications, and data. We are at a foundational stage and it is important that we have a security first mindset in order to protect our business and our customers.
What do we at RECUR believe makes a great engineering team?
Here are our core beliefs:
- It’s important to have team members that care about the team’s results more than their own individual achievements
- It’s important for leadership to be tolerant of making mistakes
- It’s important that the team members help, teach, and mentor one another
- It’s important not to place blame on individuals when things go bad but instead to evaluate as a team how we do it better the next time
- It’s important to be clear on what that mission is and minimize the distractions on the teams executing on that mission
- Small teams execute better than big ones, empower small teams with ownership and minimize the dependencies between them
- It’s important to encourage self-directed innovation
What you will do at RECUR
- Build a team focused on securing our platform and protecting our customers and our business
- Define our information security program (policy, governance, controls)
- Create plans to improve our security posture and then implement them
- Identify security weaknesses in our software and platform
- Continually educate our team on how to secure our platform
- Be our security expert, be on top of the latest vulnerabilities, and manage our security backlog
- Be a key member of our incident response team
- Review software architecture and designs to identify potential security holes and suggest improvements
- Work directly with our large clients to ensure that they trust that we have a strong security program (security questionnaires, attestations, etc)
- Build a vendor management policy and ensure that we properly evaluate vendors
- Build or integrate 3rd party solutions to solve various security problems such as: monitoring, code scanning, access control, intrusion detection, ATO prevention
What you bring to RECUR
- You have 10+ years of experience architecting systems, more recently with a specialty in cyber security
- You have built and lead teams that specialize in cybersecurity
- You are on top of the latest security trends, vulnerabilities, and breaches and know how to use that knowledge to bolster your own security program
- You have defined, built and maintained an enterprise wide information security program
- You have a strong understanding of the OWASP top ten and how to mitigate or eliminate these and other vulnerabilities
- You are a software architect and have built and maintained sophisticated platforms and applications in the cloud (preferably AWS)
- You have threat modeling experience, and ability to develop threat modeling processes and threat scenarios to inform risk mitigation and secure development and deployment controls.
- You have hands-on experience with AWS and its bevy of services including WAF, CloudFront, API Gateway, Cloudwatch/CloudTrail, Route53, IAM Service Boundary, SCP, Shield or alternative solutions provided by Cloudflare or other vendors
- You have built and maintained internet applications with millions of users in domains such as payments, trading, banking or eCommerce where keeping customer’s information and money safe is paramount
- You are familiar with designing processes with appropriate controls, governance and documentation to achieve PCI-DSS, SOC2, and ISO-27001.
- You are legally eligible to work in the USA or Canada
Benefits & Perks
- Commitment to being a remote-first company
- Company sponsored Health, Dental and Vision Benefits
- 401k with no waiting period for vesting
- 3 weeks paid vacation and 10 paid company holidays
- Industry focused lunch and learns
- Company swag
- Flexibility to get the tooling you need to do your best work
- The chance to work with incredibly passionate people on a mission to shape an industry!
This is a completely remote role and can work anywhere in the US.