Back to jobs

Senior Security Associate

 

 

Company Overview

Founded in 2010, we’ve been recognized as a "Best Places to Work" and have offices in the US (Boulder), UK (London) and India (Chennai). However, we are a remote-first company with employees across the globe! Today, we are a leading B2B marketing provider that offers two distinct solutions: 

Integrate

Lead management & data governance SaaS platform for marketing operations and demand marketers. The Integrate platform makes every lead clean, compliant, and actionable, freeing enterprise B2B marketers from bad data and operational headaches so they can focus on what matters: generating revenue.

Pipeline360

Media solutions that combine three powerful demand generation tools: targeted display, content syndication, and a comprehensive marketplace model. Pipeline360 ensures that marketers achieve 100% compliant and marketable leads by effectively engaging with audiences much earlier in the buying cycle, connecting with buyers at every stage of the process, and optimizing programs to drive performance. 

Our Mission

  • Integrate: exists to make your lead data marketable so you can drive pipeline.
  • Pipeline360: exists to make the unpredictable predictable.

Why us?

We are an organization of integrity, talent, passion, and vision with a long track record of growth, customer success, and a commitment to driving leading innovation and delivering world-class customer experience.

 

Job Description Summary

We are looking for a Senior Security Professional with 8+ years of hands-on experience who brings strong technical acumen in Cyber security and Infosec management in the cloud with the vision of building and implementing various security best practices and provide advance leadership on Cyber security by closing working with various cross-functional teams.

Responsibilities

  • Assess the security for Software/Product architecture – guide the product architects and engineering teams to ensure security is built into at the design level itself and integral part of development.
  • Own development of cyber security artifacts including Pen testing, Cloud security, Threat model and lead discussion on identifying mitigations.
  • Drive and assist the Engineering teams in triaging and identification of fix for detected product vulnerabilities.
  • Interact with internal / external team to co-ordinate security and privacy assessments to determine compliance and security posture.
  • Assist business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.
  • Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.
  • Guide the business unit in their management of the resolution of security audit or review findings.
  • Provide security risk management and security advice as well as advice on strategic direction relating to product and information security.
  • Assist with security incidents and review risk and impact of breaches to protected systems.
  • Review proposed services, engineering changes, and feature requests for security implications and needed security controls.
  • Participate and identify security risks companywide and ensure that appropriate data security procedures and products are implemented.
  • Incident Response : Lead the response to security incidents and breaches, including forensic investigations. Develop and maintain incident response plans and playbooks. And also conduct post-incident reviews and implement improvements.
  • Compliance: Assess and manage security risks across the organization’s systems and applications. Ensure compliance with relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001,SOC) and proven experience in driving external and internal audits.
  • Threat Monitoring and Analysis: Monitor security alerts and logs from various systems, including firewalls, Endpoint Security, System Logs, IDS/IPS , various cloud agents and event management (SIEM) tools. Analyze security incidents to identify patterns and assess potential threats
  • Conduct Penetration Testing: Perform web application, APIs and mobile application penetration tests. And also conduct internal and external penetration tests to identify security weaknesses.
  • Vulnerability Assessment: Leverage automated tools and manual testing methods to identify vulnerabilities in codebase and engage in Static and Dynamic application security testing and also Engage in security automation efforts and process improvements

Qualifications/Requirements

  • Bachelor’s degree in Computer Science, Information Security, or related field.
  • 8+ years of development and security experience which includes application security, mobile security, network security, OS security and Cloud Security.
  • Excellent experience with Cyber Risk, Governance & Compliance through the remediation, implementation and maintaining of security controls through SOC & ISO frameworks.
  • Experience in Rest Api, Kubernetes and container security assessments.
  • Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.
  • Proficient experience of AWS and Azure services, specifically related to security.
  • Hands-on experience in execution and review of Static & Dynamic Code Analysis reports and ability to discuss with development teams for true positives.
  • Experience and knowledge of penetration testing methodologies and tools.
  • Strong knowledge of programming and scripting languages (e.g., Python, Ruby, Bash).
  • In-depth understanding of network protocols, web applications, and operating systems.
  • Proficiency in using penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus).
  • Willingness to learn new technologies and work on security for varied products.
  • Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
  • Sound security engineering knowledge (technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure products.
  • Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA
  • Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
  • Ability to relate cyber security incidents from cross-industries.
  • Ability to work independently and as part of a team. Attention to detail and strong organizational skills is highly expected.

Integrate in the News:

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Education

Select...
Select...
Select...
Select...
Select...

Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Integrate’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.