Senior Security Engineer
Ellevation Education
Job Location
Job Type
Full TimeVisa Sponsorship
Not AvailableHires remotely
Relocation
AllowedThe Role
Over the last 11 years, Ellevation Education has built a thriving business serving the administrators, teachers, and specialists who support English Learners at public schools across the US. Today, over 1,200 school districts use our software to manage their EL programs. We are a successful, rapidly growing business with a real mission -- helping English Learners achieve all they possibly can.
As a dedicated security engineer on the Cloud Operations team at Ellevation, you will play a key role in driving a focused investment in improving our security posture and ensuring our business and our customers are protected. You will be closely aligned with our other platform teams, defining secure development and operational practices and implementing them across the Engineering organization. You will also be hands-on in developing and maintaining the systems and tooling that enable security at Ellevation.
You are extremely comfortable weighing tradeoffs, generating options, and assessing risks. You excel in finding development paths that incrementally deliver value along the way to broader goals. And you are comfortable in any part of the stack, going deep where necessary.
We look for engineers who are excited to use their technical skills and experience in support of a mission-driven company. We work in small, product-centric teams empowered to make a difference in a particular product or aspect of a product. Our teams are remote-friendly and highly collaborative. To accomplish this we set core hours of 10AM - 4PM (Eastern) and expect to meet in person (often in Boston) about 4 times per year.
Some of the things you will accomplish:
- Own the organization’s Secure Software Development Lifecycle and champion a shift security left approach
- Develop and improve our capabilities for detecting vulnerabilities in our applications
- Coordinate penetration tests and the prioritization and remediation of vulnerabilities found
- Empower development teams to track, prioritize, and remediate security vulnerabilities in our applications
- Build and implement tools to assist secure application development with an emphasis on automation and quality
About you:
- 5+ years of experience working in cyber security or information security in a software development organization
- Experience with SDLC/operational maturity models such as BSIMM & CMMI
- Strong skills in Application Security and secure software development
- Experience working on Threat Modelling and Security architecture reviews