Staff Security Engineer
US-Remote
Careers (External)
Req #: 1373
Type: Full-Time
|
|
|||||||||
|
||||||||||
Overview: At HR Acuity, we're committed to building a secure, resilient platform that empowers our customers to manage employee relations with confidence. We're hiring a Staff Security Engineer to lead our product and production security efforts-ensuring our cloud infrastructure and applications are protected, compliant, and continuously improving. This role reports to the Director of DevOps and is 70% technical (focused on product and production security) and 30% compliance support. You'll play a central role in shaping our security practices across the organization. At HR Acuity(r), we empower our team to #BeBold-embracing innovation and new challenges. With the right tools, we help you #WorkSmarter, fostering collaboration so we can all be #BetterTogether. If you're excited about being part our growth story, we'd love to chat! About Us: HR Acuity(r) is the leading provider of employee relations case management and investigation software. We help organizations standardize how workplace issues are reported, documented, and investigated. Our data-driven approach to managing workplace issues helps our clients and partners build trusted, inclusive cultures where employees feel safe. This is an #All-in Zone. We are a fast-growing, innovative company where being #All-in is the norm. From our female founder CEO to every team member, we embrace a fully engaged mindset. We bring our best every day, fueled by passion for our mission and culture-and we expect the same from everyone who joins us. At the same time, we are deeply committed to fostering an inclusive, diverse workplace where different perspectives are valued and respected. We believe in creating an environment where everyone can show up as their authentic selves and thrive. If this sounds like you, keep reading. Click here to learn more about our values and benefits Responsibilities: What You'll Do: * * Design and implement a comprehensive application security program-including policies, standards, and procedures-that reflects industry best practices. * Conduct regular security assessments and penetration tests to identify vulnerabilities and drive remediation. * Collaborate with engineering teams to integrate security into the software development lifecycle. * Lead initiatives to embed security testing throughout the Secure Software Development Lifecycle (SSDL) using Snyk. * Perform security code reviews and application-level testing. * Lead investigations and responses to security incidents and breaches. * Partner with GTM and Revenue teams to support customer security reviews and questionnaires. * Support SOC2 and other compliance efforts, ensuring audit readiness. * Document runbooks, best practices, and team initiatives using scalable, repeatable patterns. * Stay current on emerging threats, technologies, and frameworks to continuously improve our security posture. * Recommend and implement strategic enhancements to our security architecture. Qualifications: * Minimum of 5 years of experience in security engineering, with a focus on application and infrastructure security within a B2B Enterprise SaaS product. * Strong experience with Microsoft Azure cloud environments and native tooling * Strong grasp of network and web protocols (e.g., TCP/IP, HTTP/S, IPSEC). * Familiarity with CI/CD pipelines (Github, Github Actions) * Experience with tools like Snyk (SSDL) and Wiz (CSPM). * Experience with OWASP, ASVS, MASVS, and other relevant standards. * Hands-on experience with security technologies: IDS/IPS, firewalls, antivirus, vulnerability scanners, forensic tools. * Knowledge of security frameworks like NIST and MITRE ATT&CK. * Proficiency in programming languages such as Python, PowerShell and Java. * Excellent analytical, problem-solving, and communication skills. * Security certifications such as CISSP, CISM, or OSCP are a plus.
Share this job:
