Sr. Cyber Security Engineer

About Whisker Labs

We’re on a mission to save lives and property, leading the next wave in smart home technology and fire prevention with Ting. This intelligent sensor and concierge service monitors a home’s electrical network to detect electrical hazards that often lead to the most devastating and catastrophic fires. While on the job preventing fires inside a home, Ting also helps monitor the electrical grid, contributing to increased community fire safety and reduced environmental impact that comes with fire reduction. We’re steadfastly addressing the long-underserved realm of electrical fire prevention with leading-edge technology and embarking on the next stage of our growth. Visit tingfire.com for more information.

About The Role

We are looking for hands-on individual with a whitehat hacker mind set to join us in a Sr. Cyber Security Engineer Role. Prior experience or strong interest in developing IoT Security expertise is highly preferred. This position reports to the Chief Technology Officer (CTO) and will assist with Whisker Labs ongoing security engineering and security operations activities. You will be responsible for architecting, developing and deploying security tools and technologies to protect the Whisker Labs platform and backend infrastructure.

Job Duties

• Perform static code analysis of the Whisker Labs code base on a regular basis and provide relevant recommendations to Whisker Labs developers.
• Perform dynamic application security testing using open source and commercial tools before applications are deployed in production.
• Perform internal penetration testing on the IoT sensor device.
• Perform vulnerability assessments of the Whisker Labs production platform and provide recommendations for identified vulnerabilities.
• Review security alerts and reports on a daily basis and work closely with the DevOps team in any follow up investigation or remediation.
• Triage all issues reported by external researchers via the bug bounty program at Whisker Labs and work with the developers for timely remediation of the reported issues.
• Tune the logging infrastructure on an ongoing basis to surface true positives.
• Perform security assessments on all existing and any new Whisker Labs 3rd Party Vendors.
• Review the current and upcoming infrastructure stack from a security perspective and provide recommendations for hardening the stack.
• Perform threat modeling on existing and upcoming feature set in the Whisker Labs application so that appropriate security controls can be built from the ground up.
• Automate security controls using scripting to the extent that it requires minimal human interaction.
• Perform Corporate IT and security administration tasks including firewall management, SSO implementation, IAM, endpoint security, business application administration among others.
  
  

Requirements

• Bachelor's degree in Computer Science or related field
• 5+ years in a security engineering or operations role
• Strong knowledge of applied cryptography, web security, TLS/SSL, web authentication protocols such as OAuth.
• Experience in using scripting languages e.g. Perl, PHP, Python, Ruby to automate tasks and manipulate data
• 3+ experience building and administering Linux/UNIX based systems preferred.
• Comfortable with security tools like BurpSuite, ZAP, nmap etc.
• Experience with Amazon AWS and Web Application Firewalls (WAF) highly preferred.
• Hands On expertise with log management tools e.g. ELK, Splunk, SumoLogic
• Experience with Vulnerability Scanning tools e.g. Qualys, Nessus etc.
• Solid comprehension of packet analysis and demonstrated ability troubleshooting incidents using security tools such as Wireshark, tcpdump, nmap, SIEM (log analysis), and IDS/IPS.
• 3+ years working with compliance standards e.g. PCI, SOC 1, SOC 2, HIPAA, ISO 27001, FedRAMP
• Certifications like OSCP, GCIH, GSEC, CISSP preferred but not required.
  
  

What We Offer

• Competitive salary + equity.
• The ability to make, own and carry out decisions.
• Health, dental, and vision insurance.
• 401(k) with match.
  
  

Whisker Labs is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.