Staff Corporate Security Engineer

As the leading workforce management solution for the skilled trades, Workrise makes it easier for skilled laborers to find work, and for companies to find in-demand workers. Workrise currently operates in wind, solar, construction, oil and gas, and defense industries. We’re growing, and we’d love to learn what you can add to our team!

Workrise is hiring a Staff Corporate Security Engineer that will be responsible for enabling security focused applications, framework controls, network and physical devices. This role is critical to the success of the business and requires strong collaboration, deep understanding of security and privacy frameworks, and tenure managing corporate security infrastructure. Our ideal candidate can lead as both a technical mentor as well as help mature the security acumen with non-technical audiences. You will  be partnering with IT, Security Engineering and Business Application teams applying your experience with systems, encryption, securing SaaS applications, and protecting the integrity of employee data. 

Why Join us? Our Corporate Security team at Workrise is helping to build a modern and  scalable platform for the future of the skilled labor workforce. As a Staff level role, you will have the ability to influence enterprise security practices across a broad section of Workrise. You will get to apply security practices and solutions across a wide range of business applications as well as having a great deal of influence in setting out technical direction.

• Secure single-sign on platforms and enforce strong access controls across SaaS and in-house systems 
• Act as a “Builder” - design, deploy, and integrate technologies that we use to perform corporate security – detection and response, vulnerability management, access control, or other functions using a mix of commercial products, open-source tooling, and in-house scripts and tools
• Secure key enterprise applications that support employee collaboration and productivity 
• Helping with security reviews as part of our third-party risk management program
• Work to automate processes in order to streamline and work more efficiently as we continue to grow  
• Collaborate and build relationships with multiple teams throughout the organization, including IT, software engineering, and DevOps 
• Influence Workrise’s internal security strategy, to develop and execute security initiatives to meet our objectives, and to define the criteria and measurements that we use to assess our progress 
• Take part in on-call rotation to handle interrupt driven security questions and investigations.
• Work with cross-functional teams to respond to incidents – be it an escalated security event or remediating a critical vulnerability - when the need arises.
• Configure and manage corporate owned hardware and software including:
• End Points
• Mobile Devices
• SaaS Applications (Okta, JIRA, Salesforce, Jamf Pro)
• Manage employee identities and access controls for SaaS applications used by the business
• Supporting an asset inventory program with multi stakeholder group
• Automationing the needs for each of our major business functions, defining requirements, design solutions and oversee implementation

What you must have:

• Bachelor’s degree in Computer Science, Engineering, related field or equivalent experience
• 7+ years of technical professional experience in a security or corporate IT discipline
• 5+ years of experience in a security role supporting an enterprise
• 4+ years of experience in one or more of the following domains:
  • Cloud Security
  • Endpoint Management
  • Identity & Entitlements Management
  • Network Security
  • Secrets Management
  • Vulnerability Management 
• Recent hands on experience in Python, bash, and SQL scripting
• Experience with Google Workspace Administration and related technologies
• Experience with email security (SPF, DKIM, DMARC)
• Experience with DNS management, registrars, and zone transfers. 
• Experience with Infrastructure as Code (e.g. Gitops approach, Terraform, Cloudformation) 
• Experience with zero-trust network solutions (VPNs, proxies, tunnels, and logical, network segmentation)
• Experience managing a security awareness program (phishing, awareness training, and social engineering exercises)
• Experience with vulnerability and patch management. Experience with CVE, CWEs.
• Ability to work independently and break-down work from high-level requirements
• Excellent written and verbal communication skills with ability to communicate technical topics to a non-technical audience.
• Experience mentoring junior and senior engineers
• Additional experiences that are extremely helpful but not required: 
  • Experience with security incident response and investigations
  • Experience with cloud security management and cloud solutions (AWS, GCP)
  • Demonstrated open source and community contributions (blogs, white papers, presentations)
  • Strong understanding of security best practices and industry standards
  • Exposure to continuous verification and compliance using policy and compliance-as-code 
  • Experience in Detection & Response programs (SIEM, SOAR, XDR)
  • Experience leading Incident Response
  • Exposure to security, compliance, and privacy frameworks such as GDPR, CCPA, ISO27001, NIST CSF, CIS, or CMMC