Job Information
Level Access Senior Security Engineer in United States, United States
Senior Security Engineer at Level Access (View all jobs) (https://www.levelaccess.com/about/careers/)
Remote - United States
Working with the Director of Information Security, the Senior Security Engineer role at Level Access will be responsible for helping Level Access scale its goal of being the most secure company in digital accessibility. Primary responsibilities include: leading the multi-framework compliance program; designing and implementing an appropriately-sized application security program; bringing excellence and transparency to vulnerabilities within the organization to provide a crystal clear picture of technical risk; leading incident response efforts from root cause analysis through to corrective actions to prevent recurrence of security incidents; and crafting, implementing, and management of security processes, systems, and tools to ensure the confidentiality, integrity, and availability of our infrastructure, applications, and operations.
Responsibilities
Coordinate tactical projects to mitigate risk, enhance compliance, facilitate business operations, or improve efficiency (Tactical Projects)
Coordinate response for confirmed or indicative security incidents to protect the business from outside threats (Incident Response)
Develop and conduct regular compliance reporting on key security metrics to management and other stakeholders (Internal Compliance Monitoring)
Implement and lead an application security program ensuring our software applications meet best security and privacy practices, have innovative security features, and meet customer and regulatory requirements (Application Security)
Run the technical vulnerability function providing metrics and reporting to management and other stakeholders, whilst reducing risk and growing efficiency over time (Vulnerability Management)
Lead and conduct the internal audit program to validate key controls and facilitate external compliance objectives (Internal Audit)
Perform regular and ad hoc risk assessments to inform and support company strategy and mitigate risk (Risk Assessment)
Prove our critical response activities by testing our continuity and incident response capabilities to ensure we can recover from crippling incidents and meet published, regulatory and contractual requirements (Verification)
Coordinate the compliance program including SOC 2, FedRAMP LI-SaaS, ISO 27001, and strategically significant second-party audits (External Audit)
Qualifications
Bachelor's degree in Computer Science, Information Security, or related field; and five to eight years of experience in information security.
Deep technical proficiency in networking, encryption, operating systems, and cloud computing platforms (e.g., AWS, Azure, GCP)
Experience implementing or managing security tools and technologies, such as SIEM, IDS/IPS, DLP, vulnerability scanners, and security assessment tools in a cloud-first environment.
Proficiency in implementing and maintaining common information security standards or catalogues such as the AICPA SOC 2, ISO 27001, CSA STAR, CIS, or NIST SP 800-53b.
Experience with secure coding practices, application security testing, application security architecture or DevSecOps methodologies.
Analytical and problem-solving skills with a proven track record of leading security projects, implementing security controls, and driving security initiatives to completion.
Good communication and interpersonal skills, with the ability to work cross-functionally with multi-functional teams and communicate security concepts to non-technical stakeholders.
Attention to detail and a proactive approach to identifying and mitigating security risks.
Dedication to continuous learning and professional development in the field of cybersecurity.
Certified Information Systems Security Professional (CISSP), or other relevant certification(s).
Understanding of web accessibility (as a plus)
Application Process
If working on a small team of high impact developers sounds like something you'd enjoy, send us your resume and cover letter. If you seem like a good fit, we'll be in touch. Salary is commensurate with experience. This is a full-time, salaried position with a competitive benefits package. Level Access is committed to workforce diversity. Equal Opportunity Employer. Copyright 2024, Level Access. All rights reserved.