WHY DO YOU WANT THIS JOB
Does the term "compliance-based security" make your head hurt? Have you ever waited months for an operations team to implement a simple security control and then find out they did it incorrectly? The Plurilock security team knows your pain and wants to fix it with a threat-based security program implemented by a small team of empowered security experts.
WHAT IS THIS JOB
Plurilock is a start up with a one of kind behavioral biometrics solution that provides a continuous authentication signal indicating that the correct user is behind an identity without affecting the user experience. We're looking for seasoned security professionals who have always wanted to build a security team the right way from the start. If you are fresh out of bootcamp or looking to transition into security, this is not the position for you.
You will work directly for the VP of Information Security who in turn reports directly to the CEO. As the first cloud security engineer you will have short-term and long-term goals.
In the short-term we will be laying the foundations of Plurilock’s threat intelligence, threat protection, threat detection, and incident response capabilities. Our program will deliver the baseline capabilities to understand how threats are attacking us, protect our assets against the most likely and dangerous courses of action, as well as detect and respond to intrusions in real-time. Hard examples of security controls you would help design and implement as part of the team are:
In the long-term, you will own and lead a section of the security program (intelligence, app sec, infrastructure sec, threat detection, incident response). So long as your plan aligns with the overall intent of the Security team and stops hackers, you can build whatever you want.
On day to day basis you will be responsible for the following key tasks:
WHO ARE WE LOOKING FOR
The ideal candidate for this position is someone with deep experience in cloud security and incident response who is unhappy with the status quo and wants to change it. We cannot stress enough that this is a startup environment so you need to have a vision in mind for what you think an ideal security program should look like. Given that we plan to give you all the authority and resources you need to realize your vision, you should have a track record of designing solutions based on guidance and taking full ownership of execution with little oversight.
Keep in mind, you will also need to be able to translate your vision into reality by achieving buy in. While the Security team has the authority to define what security looks like and make it happen, we treat all internal stakeholders as our customers. Our customers purchase security services from us in a Full Service or Do it Yourself model. If customers want you to make security invisible so they can get on with their jobs, you will need to make it happen for them. If customers don’t want you meddling in their systems, you need to communicate exactly what they need to do to meet compliance and ensure they do on time.
It should be a rare occasion that the Security team has to pull a power move and override operational teams to get security controls put in place. Our goal is to make everyone want to be a Full Service customer so you need to be able to understand our customers’ needs, design customer friendly solutions, and sell the heck out of our services.
NOTE: This position is only open to U.S. and Canadian citizens due to the highly sensitive nature of the work
This is a startup and a partially sales role so your compensation will look like: