Senior Software Engineer, Security
Favor’s mission is ‘Anything Delivered’. Our engineers make high-touch logistics happen. The Favor technology platform is the engine behind the business enabling millions of Favors. Our technology efficiently manages the real-time assignment of Runners to Favors, facilitates communication between customers, Runners, and support, keeps thousands of customer and Runner mobile applications in sync, and more.
Do you like building and securing complex systems in a cloud infrastructure to scale, finding and fixing the root cause of issues, following best security practices and enabling engineering teams to build scalable complex systems? Our engineers create the tools and applications necessary to connect our customers, Runners, merchants, and support teams. As a Senior Security Engineer at Favor, you will be responsible for identifying and resolving vulnerabilities while serving as the security domain lead on web application security.
Responsibilities:
- Examine existing infrastructure & applications to identify and reduce risk
- Correlate threat intelligence with security systems & controls to handle security events
- Reduce time-to-detect and time-to-remediate by driving the automation of security event management, vulnerability assessment, and intelligence correlation
- Keep systems up to date with security patches
- Collaborate with engineers to make sure new features & services meet security requirements
- Provide mentorship to junior security engineers
- Perform code reviews and threat modeling and write security features in code, such as password handling
- Work with product and other departments to drive security initiatives and increase overall security
Requirements:
- 4+ years of experience in web and/or API application security at a mid or senior level
- Familiarity with OWASP vulnerabilities and web and API security standards
- DevSecOps or automation experience, such as implementing DAST/ SAST or other tooling
- Experience working as a security analyst with hands on experience using SIEM, AV, Firewall, WAF, Vulnerability Scanning
- Knowledge of Web application and network exploitation
- Knowledge of security standards in a cloud architecture
- Deep understanding of Linux internals
- Identify engineering opportunities to enhance detection systems and security controls to counter known threats
- Experience communicating with non-technical partners about security and risk
Ideal Candidate:
- Like working with other engineers in a collaborative and iterative environment
- Have experience in a high-growth startup
- Communicate well with technical and non-technical colleagues
- Have experience or familiarity with the following technologies: AWS, Docker, Jenkins, Kubernetes, PHP, Kotlin, Go, or Scala
- Have experience and knowledge of PCI Compliance, managing and configuring WAFs, microservices, and native app security (iOS and Android)
At Favor, we believe that to Run Texas, we need to represent Texas. By putting Community First, we honor the diversity of our backgrounds and experiences through sharing our unique voices. Our community grows when we challenge ourselves to learn and see the world from another’s view. We are committed to growing a team with different backgrounds, experiences, abilities, and perspectives and are an equal opportunity employer.