Uncommon Goods offers a constantly evolving assortment of original, creative products. We partner with independent makers and small businesses to offer our customers a wide variety of items that they love to surprise loved ones with (and treat themselves, too)!
We are built on better business practices and committed to having a positive impact on people and the planet. Learn more here.
The best part of Uncommon Goods is us—our team. We've been around for over 20 years because of all the wonderful people who make UG the one-of-a-kind company it is.
Learn more about our products, B Corp certification, guiding principles, Better to Give program, and team members you might be working with. Listen to the story of Uncommon Goods from our Founder and CEO here and here.
EVERYONE IS WELCOME HERE
At Uncommon Goods, we believe we’re all out of the ordinary. That’s why we’re committed to making diversity, inclusion, equity, and belonging part of everything we do. In pursuit of that goal, we’ve made significant changes to our business, from how we find our products to how we build and cultivate our team. Our hope is to be everyone’s favorite place to work!
ABOUT THE ROLE
The Security Engineer will be the first member of our Security Team in the Technology Department, reporting to the Chief Technology Officer. They will be responsible for maintaining and leading all security initiatives at UncommonGoods. You will have freedom to choose the best tools to use and set best practices and policies. You will focus both on our office in Brooklyn and our production environment on AWS.
RESPONSIBILITIES & DUTIES
- Audit current environment and recommend improvements.
- Monitor, detect, and halt attacks in real-time.
- Test and secure web applications, networking, firewalls, and office desktops.
- Create and document security policies and procedures based on best practices.
- Conduct penetration testing on our environments.
- Work with the CTO to engage with a CyberSecurity agency that can assist in testing.
- Help start a bug bounty program.
SKILLS & QUALIFICATIONS
- 2+ years of experience focusing on security in a team environment.
- Experience with firewalls, intrusion detection systems, anti-virus software, authentication systems, and log management.
- Experience working in complex AWS environments.
- Familiarity with major operating systems such as Windows and Linux.
- At least one security certification, such as Security+ or CISSP.
- Experience with leading security software.
- Ability to detect and prevent intrusions.
- Experience with network security and technologies.
- Experience with privacy regulations such as GDPR, NY Shield Act, and CCPA a plus.
- Experience with PCI compliance a plus.
- Benefits package includes subsidized medical/dental insurance premiums, generous PTO, paid family leave, and 401(k) with company match.
- Casual work atmosphere, fun company events. (Thanks to our team's creativity, we've devised ways to feel connected remotely, too, and it's still fun.)
- 40% discount on our products.
- Professional development/educational reimbursement.
- Public transportation and Citi Bike subsidies.
- Safe working environment. Many of our COVID-19 protocols exceed NYC and NYS safety standards. Those who can are working remotely. In our office and warehouse, COVID-19 testing is required of all new hires and monthly for all team members; PPE, including masks and gloves, is required for all team members; and workspaces provide recommended social distancing.
This is currently a fully remote role. Fully vaccinated team members are welcome to work onsite, provided they follow the monthly resting schedule required for all onsite vaccinated team members. The health and safety of our team is of utmost importance. We are continually updating our hybrid work strategy with this in mind. COVID safety protocols: Masks are required for all team members while working onsite; Vaccinated team members must be tested monthly; Unvaccinated team members must be tested weekly.
To apply, please submit the following:
- Cover Letter