Security Engineer
About Procare
Our mission is to simplify childcare operations and create meaningful connections by providing technology, expertise, and unparalleled service.
Procare Solutions is the number 1 name in childcare software – used by more than 30,000 childcare businesses across the country. For over 30 years, childcare professionals have looked to Procare to provide real-time information for making critical decisions, maintaining compliance with local and state regulations, and adhering to business best practices.
We make childcare management run smoothly, so that our customers can spend more time focusing on the kiddos, not back office administrative duties.
A little About the Role
The Security Engineer will report to the Director of Infrastructure as part of the Cloud Engineering team. This is a matrixed position that will be aligned with the Director of Security on prioritization and implementation of InfoSec initiatives across the Procare organization.
The Security Engineer will develop strategies to respond to and protect against security breaches and vulnerabilities. This role will help to develop a set of security standards, best practices, recommended security enhancements, and automation improvements. They will be responsible for educating the workforce on information security through training and building security awareness programs.
The Security Engineer shall verify security controls and assist in implementing strategies to ensure that Procare’s applications and platform are compliant with security frameworks such as PCI-DSS, SOC2, CIS, NIST. Additionally, this position will provide security engineering support during system design and development to introduce security early in the SDLC across Procare’s platform.
The successful candidate will bring a strong passion for information security and use prior experience, insights, and knowledge to help contribute to Procare’s Information Security objectives.
What You Will Do
- Perform hands on operational support of vulnerability management systems and applications
- Hands on implementation of security controls including preventative threat detection and employee training meetings
- Develop guidelines for implementation and review of security configurations for an AWS based SaaS environment
- Develop proactive security monitoring and alerting capabilities
- Build security automation into infrastructure deployment and CI/CD pipelines DocuSign Envelope ID: 6E968A32-7648-4D5A-9783-946EB01FDCD9
- Perform manual and automated compliance, vulnerability, and penetration testing
- Constantly improve policies and procedures such as incident management while gaining buy-in across the department and organization
- Coordinate and lead routine vulnerability scanning and remediation oversight on Procare’s systems
- Contribute to strategic security initiatives to improve capabilities through automation, process enhancement, and infrastructure engineering
- Identify improvement opportunities and provide recommendations for best practice process improvements and process automation
- Create reports and generate security program metrics for management
- Develop, facilitate, and maintain the Information Security Policy, Methods & Procedures, Technical Standards, Technical Best Practices, and general process documentation.
- Provide operational support, ensuring systems and devices are online and available which may include 24x7 on-call support as needed
Requirements
Our Ideal Candidate Will Have
- BA/BS degree or higher and 3+ years of experience in cybersecurity or combination of education and relevant experience
- Demonstrated knowledge of OWASP Top 10, CIS, NIST and other security frameworks
- Hands on experience with AWS, Linux, Kubernetes and Docker
- Experience with implementation of the AWS well architected framework with an emphasis on the security pillar.
- A strong background in DevOps with familiarity with CI/CD and related concepts
- Strong verbal and written communication skills; ability to drive discussions and influence decision making; strong presentation and reporting skills
- Participation in more than one full SOC or PCI audit cycle preferred
- Experience in Agile development methodologies is highly desirable
- Network design and software engineering backgrounds are a plus
- Prior experience with security tools such as Qualys, Nessus, Kali, is a plus
- Ability to excel in a rapidly changing environment
Physical Requirements
- This position works most of the time in a fixed office location and may involve sitting and/or standing for prolonged periods.
- Frequently required to communicate verbally and in writing (mostly email) with customers, prospects, and other employees.
- Use of computer, telephone, and other office equipment for the greater part of the workday
Benefits
Why Procare?
- Excellent comprehensive benefits packages for full-time employees, including: medical, dental, & vision plans- choose the plan best for you
- HSA option with employer contributions of $50/mo
- Medical, Dependent Care, and Transportation FSA Plans
- Company paid Short and Long-Term disability and Life Insurance
- Vacation time, holidays, sick days, volunteer & personal days
- Some meals included
- 401K Plan with employer match and immediate vesting
- RTD ECO-Pass for all Denver employees
- Tuition Reimbursement up to $2,000/year
- Casual workplace environment
- Prime downtown location close to restaurants and entertainment
- Lunch and Breakfast provided once a week
- Promote from within- excellent career paths
Salary
$90,000 - $120,000 DOE
Location
This position will be based in our downtown Denver office.
We are currently in a flexible hybrid in-office/remote working model based on local COVID-19 health regulations and business needs. Candidates must be willing and able to work from our downtown Denver office as necessary.