Security Engineer II - Design

MatchPoint Solutions is a fast-growing, young, energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber, Robinhood, Netflix, Airbnb, Google, Sephora, and more! More recently, we have expanded to working internationally in Canada, China, Ireland, UK, Brazil, and India. Through our culture of innovation, we inspire, build, and deliver business results, from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position, please send over your updated resume. We look forward to hearing from you!

This is a large impact role that demands someone who can excel in a fast paced and ever changing environment.

Security Engineer II - Design

Remote ( LATAM )

50-55/hr ( DOE)
About the Role

Our Engineering Security (EngSec) Architecture team is seeking a talented Security Engineer. In this role, you will provide security and privacy specific corrective guidance to engineers, author security-related feature requests against products, build security and privacy enhancing tools and own technical interfacing for related remediation efforts. This is a fantastic opportunity for an experienced security engineer who is knowledgeable in multiple security domains to play a central role in shifting security left, and make cross-cutting strategic impacts to the security of our next-gen systems and services!

Key Responsibilities

• Perform multi-disciplinary security and privacy design reviews of engineering design proposals while considering aspects of application security, cloud security, infrastructure security, data-layer security.
• Draw design inferences on our product designs, taking into consideration trade-off decisions to vector improvements in overall security and privacy posture of our products and services.
• Be a subject matter expert and ambassador to core Engineering in the areas of security and privacy by design
• Conduct full security assessments of products that may include architectural review, threat modeling web and mobile apps assessments.
• Train and support Engineering Security Ambassador Program
• Collaborate with cross-functional engineering teams to ensure security requirements are integrated from the outset of each project

Minimum Qualifications

• Bachelor's in Computer Science, Engineering or a related field or equivalent work experience as a software engineering or security practitioner.
• 3+ years overall of relevant engineering or security engineering or security architectural experience.
• A security-related or architect-related certification such as CISSP, OSCP, CEH, GCP/AWS/Azure/OCI Cloud Security or Architect Certifications, and/or willing to work towards ultimately obtaining one as part of your career path.
• Possess a broad knowledge of threat modeling such as STRIDE/LINDDUN and the associated design patterns to correct and/or mitigate security attacks and threats.
• Be able to apply unconventional thinking and problem-solve on the boundary of your knowledge base, learning new technologies or languages as needed to solve complex technical controls problems in our product suite.

Preferred Qualifications

• Familiarity with privacy and security compliance standards such as GDPR, HIPAA, PCI-DSS and how they guide or affect secure systems design.
• Certified Information Privacy Professional (CIPP)
• Experience with one of: Go, Java, Python, NodeJS, etc.
• Experience with RDBMS and non-RDBMS (NoSQL) data store technologies such as PostgreSQL, MySQL, Hadoop, GCP BigQuery, AWS RDS & DynamoDB, GraphQL, and more.
• Experience with Identity-aware proxy and HTTP routing technologies.
• Experience working with in-house engineering organizations, S-SDLC/CICD software lifecycle.
• Familiarity with one or more of AWS, Azure, GCP, OCI public cloud providers, plus private cloud equivalent service layers.
• Great interpersonal skills, deep technical ability, and a history of successful execution working with a broad suite of infrastructure to applications layer technologies.

MatchPoint Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.