Staff Security Engineer
Your Role:
We are seeking an experienced Staff Security Engineer who can help expand our Security efforts and play a critical role in safeguarding Alpaca’s systems, data, and client assets from evolving cyber threats to ensure the security and integrity of our Firm.
The role requires a deep understanding of Cybersecurity principles, incident response, cloud security, offensive security, and proactive threat detection with a proven track record of managing security risks and cross functional collaboration. The Security Team is 100% distributed and remote. This role will be reporting directly to the CISO.
Things You Get To Do:
- Lead and triage security events including potential security incidents, insider threats, malware infections, unauthorized access, fraud, and data exfiltration events
- Conduct thorough analyses of events, assess impact, and implement corrective actions by collaborating with cross-functional teams to prioritize and remediate issues as necessary
- Develop and maintain security incident response playbooks and automate security workflows to improve efficiency and effectiveness
- Conduct Threat Hunting activities to identify potential issues and implement strategies for proactive threat detection
- Manage and optimize security tools and technologies, such as SIEM, SOAR, Container Orchestration like Kubernetes, Docker / Docker Swarm and other relevant solutions
- Enhance the security of our CI/CD pipeline by integrating security measures into GitOps and focus on brainstorming, designing, building, deploying, and managing cloud-native security
- Collaborate with Product and Engineering to ensure secure design and implementation of systems and applications
- Lead and assist with vulnerability management, penetration testing, and red teaming activities, including managing our bug bounty program
- Foster strong cross-functional relationships with IT, Engineering, Compliance, and other stakeholders to ensure alignment and effective security practices
- Assist with compliance audits and assessments as necessary
- Conduct security research and contribute to the development of new security tools and techniques.
Who You Are (Must-Haves):
- Excited about Alpaca’s mission and what we’re building
- 6-8 years of mixed experience in a security operations, security engineering, product security, and DevSecOps
- Experience with implementing and maintaining SIEM/SOAR and automation solutions, and other security tools
- Experience with cloud-centric environments and cybersecurity capabilities, including a strong understanding of Kubernetes security concepts
- Strong analytical and problem-solving skills
- Excellent communication skills and committed to work collaboratively across the Firm
- Available for on-call rotations and after-hour responses as needed
Who You Might Be (Nice-to-Haves):
- Bachelor’s degree in Information Technology or a related field
- Security related certifications such as CISSP, GIAC, OSCP, CRTO, K8s is a plus
- Experience in securing and monitoring APIs
- Understanding of financial and privacy regulations
- Experience in the financial services industry
- Business acumen to be able to balance tradeoffs between stakeholders and technology feasibility and budget constraints
How We Take Care of You:
- Competitive Salary & Stock Options
- Health Benefits
- New Hire Home-Office Setup: One-time USD $500
- Monthly Stipend: USD $150 per month via a Brex Card
Alpaca is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
Apply for this job
*
indicates a required field