Role: Security Engineer
Reporting to: Senior Director Cybersecurity
Our goal at Pivotree is to help accelerate the future of frictionless commerce. We will help lead this change over the next decade because we believe a future where technology is embedded intimately into all aspects of our everyday lives can benefit everyone and will shape the interactions with the brands we love. We will help shape the future of frictionless commerce by working together with some of the best brands in the world and some of the best people in the industry to leverage converging technologies that will make it possible to accelerate frictionless commerce faster than ever.
Pivotree provides services focused on the design, implementation, management, and maintenance of complex ecommerce solutions for large enterprises. We provide the technical skills necessary to enable the effective use of technologies combined with the business context to leverage a solution to solve our clients' business challenges. We strive to fill the gaps in available technology with our own IP to reduce the barriers to adoption.
We enable inclusive, immersive and highly personalized experiences for our clients and their customers. We build our products with a view to productizing and scaling technology to lower the costs and reduce the risks of implementing and managing our integrated solutions. Each of our solutions starts with reliable and reputable e-commerce and MDM platforms, which run on enterprise grade infrastructure that are customized to meet a variety of client needs, situations, and budgets. Over the next 10 years we will add new categories and capabilities that will define frictionless commerce ecosystems.
This is a journey of technology acceleration combined with consumer readiness and adoption. We are looking for people capable of adapting relentlessly to the rapidly evolving world around us.
We are looking for a Cyber Security Engineer to join our team of professional consultants in Cyber Security Analysis, Engineering and Architecture. This is a full-time position based in Toronto but offered Globally. Pivotree offers competitive compensation, flexible hours, and work from home.
The Cyber Security Engineer will act as an Information Security subject-matter expert and advisor, assigned to work on various projects with our customers, to ensure that information security best practices are followed throughout the lifecycle. She/he will also act as a link between the project teams, business stakeholders and technical teams such as SOC, Compliance, Threat Intelligence, Vulnerability and Risk Management, Systems and Network Engineering, Software Development, 3rd Party Vendors/Suppliers, etc. The ideal candidate possesses a broad knowledge of information systems security and strong skills in networking, programming, and system administration. She/he could have a background in many domains of IT, but a strong ability and interest in learning and championing cyber security.
Roles & Responsibilities:
- Determine security scope for all assigned projects.
- Provide functional and non-functional security requirements and associated Security Test Cases
- Perform security assessments.
- Produce threat models.
- Ensure that security design principles are followed throughout the project's Lifecycle.
- Review operational readiness prior to go-live.
- Help with security risk management activities.
- Follow Security Policies, Standards, Procedures and Guidelines, Legal and Regulatory Compliances.
Key Skills and Competencies:
- 5+ years of experience in IT or networking, including at least 3+ years with primary focus in Cyber Security.
- Technical security-related expertise in at least one of the following areas:
- Web application security threats, exploits and prevention (SQLi, XSS, CSRF, privilege escalation, and business logic flaws, etc.)
- Applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc.)
- Software architecture and development lifecycle
- Securing infrastructure in public clouds (AWS, Azure, GCP, etc.)
- Database and Big data solutions
- Bachelor's degree or equivalent
- Ability to plan, organize and prioritize tasks to complete within established time frames.
- Ability to work independently without direct supervision, self-motivated, meets tight deadlines.
- Ability to learn and adapt to new or evolving technologies.
- Possessing technical security certifications or a well-recognized security professional, auditor or manager certification such as the CISSP, the CISA or the CISM is a strong asset.
- In-depth knowledge of security best practices in large-scale environments
- Strong written and verbal communication skills is a must-have
- META: SIEM, SOAR, UEBA, IAM, EPP, DDoS, WAF, CTI, DAST, APT, ATT&CK, CIS, AI, BAS, ASV
Pivotree is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible workplace.