Senior Information Security Engineer

About Payscale As the industry leader in compensation management, Payscale is on a mission to help job seekers, employees, and businesses get pay right and to make sustainable fair pay a reality. Empowering more than 65% of the Fortune 500, Payscale provides a combination of diverse and dynamic data sources, experienced compensation services, and scalable software to enable organizations such as Angel City Football Club, Panasonic, Mars Global, eBay, American Airlines and PetSmart to make fair and appropriate pay decisions.Pay is powerful. To learn more, visit www.payscale.com.Location Payscale Romania has an employee centric hybrid model that provides you the flexibility to do your best work in a space that supports you, while also finding time to collaborate in person in our office for the moments that matter.In our hybrid model, employees can work from the location that works best for them when not in the office. Payscale has employees across the US, Canada, UK and currently hiring in Romania.The roleAs a Senior Information Security Engineer at Payscale, you will:

• Collaborate with Infrastructure, Engineering, and Platform teams to harden systems, networks, and engineering processes.
• Develop and implement mitigations for security vulnerabilities in cloud and hosting platforms.
• Work with cross-functional teams to identify and apply security fixes and best practices.
• Deploy and manage cloud-native WAFs across application platforms.
• Secure containerization strategies, including container scanning and runtime protection.
• Ensure cloud hosting environments adhere to CIS standards and industry best practices.
• Utilize asset and configuration management tools to enhance security monitoring and coverage.
• Automate key and secret encryption processes using cloud-native infrastructure.
• Define scope and build requirements for platform security initiatives.
• Contribute to the design and review of security architecture strategies.
• Expand Intrusion Detection and Prevention capabilities for both host and network security within the platform.
• Support security incident response processes for cloud and hosting environments.

Skills

• Bachelor’s Degree in Information Security, Computer Science, or Computer Engineering.
• 5+ years of experience in information security, preferably in a technology-based or SaaS-focused company.
• Demonstrated ability to work with cross-functional teams, including Engineering, DevOps, and Infrastructure.
• Hands-on experience with Azure and AWS (certification required).
• Proficiency with cloud-native security tools for AWS and Azure.
• Experience installing, configuring, and administering various operating systems.
• Expertise in hardening systems, networks, and applications, including adherence to CIS Benchmarks.
• Knowledge of cloud application services and security best practices for cloud hosting platforms.
• Familiarity with scanning tools for applications, networks, and systems.
• Experience administering and configuring key and secrets management tools (e.g., HSM, KMS, Key Vault).
• Proficiency in developing and securing Infrastructure-as-Code tooling.
• Knowledge of PERL, Python, Ansible, and PowerShell for security process automation.
• Experience with cloud-native application and network firewalls.
• Proven experience working in regulated and audited environments, such as SOC2, ISO 27001, PCI, and HIPAA.

Benefits and Perks All around awesome culture where together we strive to live our 5 values:

• Respect every individual, work as a team
• Be Customer first, customer centric
• Have a Bias towards action
• Commit to excellence (we give our best everyday)
• Make Data driven decisions

An open and inclusive environment where you’ll learn and grow through programs and resources like:

• Monthly company All Hands meetings
• Regular opportunities for executive leadership exposure through things like AMAs
• Access to continued learning & development opportunities
• Our commitment to a continuous feedback culture which allows us to drive performance and career growth
• A growing network of Employee Resource Groups
• Company sponsored volunteer hours
• And more!

Equal Opportunity EmployerWe embrace equal employment opportunity. Payscale is committed to a policy of equal employment opportunity for all applicants and employees. It is our policy that employees will not be subjected to unlawful discrimination on the basis of race, color, religion, sex, age, national origin, or ancestry, physical or mental disability, veteran or military status, marital status, sexual orientation, political ideology, and any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including but not limited to: recruitment, hiring, transfers, promotions, training, discipline, termination, compensation and benefits, performance appraisals, education, and social and recreational programs.We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.If you have a disability or impairment and need assistance with the application process, please email recruiting@payscale.com for support.Fraud Alert Payscale values security and privacy. During your job application and interview process, we will never ask for your personal banking or financial information, social security number, or other sensitive information, if you are unsure if a message is from Payscale, please email recruiting@payscale.com