TaxJar

Security Engineer

TaxJar

Remote job description

TaxJar is the leading technology solution for busy eCommerce sellers to manage sales tax and is trusted by more than 20,000 businesses.

We know sales tax isn't fun for anyone, so we're determined to ease the burden with an exceptional customer experience. To achieve this, we provide the same incredible quality of life for our team members as we do for our customers by creating a professional, unique, award-winning place to work. We have many different backgrounds and lifestyles, and everything we do is guided by our core values:

  • We do the right thing for our customers
  • We're a team, built on trust
  • We're proud to be remote
  • We're in control of our own destiny

Were a happy team and we all really love what we do. Were fast-growing, fully-distributed, talented, and driven. We live all across the US, working from our homes, local libraries, co-working spaces, airstreams - pretty much anywhere we can and do accomplish great work. We've created a space where high-achievers can succeed, but are also safe to fail. We're profitable and focused on growing TaxJar sustainably, and we believe a diverse team can create better solutions for our customers.

Were looking for people who:

  • Are based in the US
  • Value working remotely
  • Excel at communication and collaboration
  • Highly value working with people they like and respect
  • Are open and accountable
  • Are confident with their skills and who love being part of a team (were peers here, no egos please) but are also comfortable working asynchronously
  • Want to make a positive impact at TaxJar and who arent afraid to fail

TaxJar is looking for an exceptional and highly skilled application security engineer who lives by TaxJars values and has a demonstrated track record of securing web applications and the SDLC process. TaxJars Security Team is responsible for partnering with Engineering teams to build and deploy secure products for our customers. This involves maturing the Secure Development Lifecycle, training developers in secure practices, working with our Operations team to scale and automate security, and innovating new ways to help developers secure themselves.

As an Application Security Engineer for TaxJar you will:

  • Proactively perform technical security assessments against TaxJars web applications and services
  • Work with software engineers to provide security-focused best practices during all phases of the software development lifecycle process (SDLC) and CI/CD pipeline
  • Act as a technical leader for security architecture discussions with engineering for both product and infrastructure designs and develop risk mitigation plans when needed
  • Run the vulnerability management program and perform regularly scheduled vulnerability scans to support compliance and triage new vulnerabilities
  • Implement cloud security controls in AWS and help automate security processes when appropriate
  • Perform security monitoring, threat analysis, and lead the incident response process
  • Create and maintain comprehensive documentation related to Application and Cloud Security processes and controls

Requirements:

  • 4+ years of experience in Application/Product Security preferably in SaaS
  • 2+ years of experience with Cloud Security in AWS preferred
  • Strong understanding of web application architecture and design principles
  • Hands-on knowledge of security technologies such as WAF, File Integrity Monitoring (FIM), SAST/DAST tools, etc.
  • Working knowledge of common security flaws (such as OWASP Top 10) as well as how to identify and mitigate them
  • Experience with manual secure code review in languages such as: Ruby, Elixir, JavaScript
  • Familiarity with common web application testing tools, such as Burp Suite or Zap, and ability to apply that knowledge to practical testing scenarios
  • Experience leading incident response plans and working with SIEM tools for threat analysis
  • Knowledge of container security such as Docker and Kubernetes a plus
  • Experience working with operating systems and hardening (Linux, OS X, and Windows) a plus
  • Certifications such as CISSP, GSEC, CEH or CISM a plus
  • Agile, humble, trustworthy, and a team player

Benefits:

  • Excellent health, vision and dental benefits
  • Flexible vacation
  • Company holidays, plus mandatory Birthday holiday
  • 12 weeks paid parental leave for all employees
  • 4 hours volunteer time per month
  • Biannual all-company in person summits (paid for by us, of course!)
  • $250 Home office stipend
  • 401k Plan
  • Equity in a profitable company
  • Monthly perks reimbursement ($100 a month to appreciate your teammates, Netflix, Amazon Prime, gym membership, home internet etc.)

Please visitwww.TaxJar.com/jobsfor a full list of our amazing benefits for full-time employees, and to learn more about our values and how we work.You can learn more about our hiring process here.

If you send us a referral for someone who may be a great candidate for this role, we'll pay you $1,000 if we hire them. To refer someone, please email their full name to candidateexperience@taxjar.com and add Candidate Referral - [Job Title] to the subject line once the individual has applied for a role.



Summary
TaxJar
Application Security Engineer at TaxJar

Tags: Ruby on Rails, AWS, security

Share or copy

Job alerts