A daily email of jobs matching your skills and preferences.Sign Up 👋
Senior Security & Compliance Engineer
Operations Wayne, Pennsylvania Gainesville, Florida Waltham, Massachusetts Remote, United States
We are Mobiquity, a digital consultancy, committed to helping our clients understand apply and engage technology in meaningful ways and we are growing. As we continue to work with our clients uncovering friction and sparking digital transformation, we are hiring a Senior Security & Compliance Engineer to work with our high impact teams.
Reporting to the Director of Security Engineering, and working with other members of the security team, project delivery, Operations, and IT teams. This role is responsible for the overall quality and security of Mobiquity applications and products.
Ensure new projects are scoped, implemented and deployed in a secure manner;
Provide application security expertise to customer project delivery teams throughout the Mobiquity Software Development Lifecycle (SDLC);
Review static code analysis findings for exploitability and provide recommendations to developers for remediating findings.
Perform validation and testing on mobile and web applications to ensure products meet internal requirements and industry standards for software security.
Provide security and compliance subject matter expertise and consultation to internal Business Units and Customers;
Maintain, apply, and enhance security architecture, development, testing, operations, and compliance standards throughout the organization;
Coordinate with the IT, Operations, and Delivery teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices;
Perform security/compliance internal audits on new projects;
Perform risk assessments on vendors, tools and processes;
Advise on strategyf or new and existing compliance standards for Mobiquity and customers;
Support and lead internal security operations functions, including security awareness, vulnerability management, and incident response;
Consult with IT and Delivery teams on forensic analysis of breaches and exploits;
Maintain, apply, and enhance a set of materials for internal and external use related to Mobiquity security and compliance posture and on-going expertise;
Assist with creation of periodic blog posts and other market-facing content on topical security & compliance subjects;
Represent Mobiquity with industry leaders, analysts and standards bodies in areas related to security and compliance;
Provide other security, compliance, and technical tasks as assigned by the Director of Security Engineering .
Desired Experience and Capabilities:
Ability to understand, explain, and demonstrate various security vulnerabilities & risks including XSS, CSRF, Code Injection, MitM, Brute-force/Dictionary/Rainbow Table attacks
Knowledge of stack exploitation in C based languages
Experience with Mobile (Android and iOS) application architecture
Experience with AWS technologies and recommended security best practices
Experience explaining technical and security concepts to both technical and non-technical resources in a consultative role
Excellent oral, written, and interpersonal communication skills
Knowledge of industry regulations such as GDPR and HIPAA, or other industry standards such as PCI DSS, ISO 27001, or OWASP
Experience delivering security training to security professionals, engineers, and non-engineers
Applicable Certifications Include:
Certified Ethical Hacker (CEH)
Certified Information Systems Security Professional (CISSP)
AWS Certified Security - Specialty
A new window will open to the job source site.
Growing a career that's right for you is a life-changer, but it's undeniable that the job search gets tougher every year. With automated hiring processes, resume filters and questionable interview practices, finding a job that a tech skillset has become seriously challenging.
That's where we step in. Careeriscope can help lighten the stress load by making your search a bit easier. We help you find matches based on the job search criteria you set, then send a summary of the results in a daily email sent every morning for review.