Information Security Technical Lead (вакансія неактивна)

— 5+ years of experience engineering and administering security technologies;
— Strong cloud security experience with one or more enterprise clouds, AWS preferred;
— Solid knowledge on web application security risks and common attacks (e.g. OWASP Top 10);
— Experience in implementing secure SDLC practices;
— Knowledge of modern authentication/authorization schemes like SAML, OAuth, OpenID;
— Working knowledge of IT security controls associated with Application Security, Vulnerability Management solutions, IPS/IDS, SIEM, cryptography, network, endpoints;
— Technical documentation skills to contribute to security documentation and policies;
— Ability to establish relationships to influence colleagues and to effectively communicate;
— Knowledge and experience with at least one programming language preferred.

— Professional information security certifications.

— The members of our team get monthly bonuses and options contracts (each of us has a share in pdfFiller, so that company growth is a capitalization growth of one’s interest);
— All of pdfFiller employees have access to the company’s financial reports regardless of their role in the team. When the company goes public, the employees get their one-off payments according to their options contracts;
— Regular sports activities in the office with professional coaches: yoga, stretching (3 times a week) and TRX training;
— Paid upgrade career courses, conferences for professionals and English classes are common practice at pdfFiller;
— Medical insurance;
— Staff massage therapist;
— We’ve organized PHP, JS and QA Automation schools based in our office where the trainers are our employees. Anyone may try their hand at one of the schools and attend the course.

— Provide expertise and leadership in all security domains;
— Partner with engineering and business stakeholders on security processes and requirements;
— Design and lead implementation of secure SDLC practices;
— Engineering and operational responsibilities in building and managing security controls across a global cloud platform environment;
— Implementation and support of IT security control and various security toolset (SAST/DAST, IPS/IDS, SIEM, Vulnerability management, Firewalls, etc.);
— Supporting IT infrastructure & Web application vulnerabilities and penetration testing;
— Develop and implement information security plans and policies;
— Assist with compliance enforcement, incident response, and security change management processes.

You and your team will be responsible for defining security strategy, security road-map planning, integrating security requirements across the organization, performing security assessments to prevent security vulnerabilities, solving tough cybersecurity challenges, and partnering closely with engineering teams to produce innovative and secure solutions.

A few words about us:
PDFfiller is a global IT company founded in Boston, USA, back in 2008. Today, the company develops products aimed at business process automation and digital workflow management. pdfFiller’s brand portfolio consists of four services:
— airSlate — no-code automation for business processes;
— PDFfiller — online PDF editor;
— SignNow — e-signature tool;
— USLegal — the US largest library of legal forms and other documents.

Over 30 mln people are currently using the Company’s services. And of those, 500k are regular business customers and over 800 pdfFiller employees are working in offices located in the US, Ukraine, Russia, and the Philippines. The Head office is situated in Boston, MA.