Senior Security Engineer at Ibotta (Greater Denver Area, CO or Remote)
Ibotta is seeking a Senior Security Engineer to join our innovative team and contribute to our mission to Make Every Purchase Rewarding.
In this role you will partner with key stakeholders across the organization to mature Ibotta’s security policies and procedures and you will implement technical security controls in support of those policies. You will manage our network and system vulnerability management program and mature our SIEM and incident detection and response efforts, and lend a hand in day-to-day security operations.
This position is located in Denver, Colorado or with the option of full-time remote. Candidates must live in the United States, Canada, or Mexico.
What you will be doing:
- Embrace and uphold Ibotta’s Core Values: Integrity, Boldness, Ownership, Teamwork, Transparency & Advocate for Savers
- Mature our SIEM and detection capability, and provide monitoring and response to alerts and events
- Conduct risk assessments and vulnerability scans on Ibotta’s systems and infrastructure, and work with system owners and stakeholders on remediation
- Monitor and communicate threat intelligence from various sources to appropriate stakeholders
- Work with Ibotta’s external penetration testers on system and network testing, and work with system owners and stakeholders on remediation
- Guide the creation and implementation of Ibotta’s security methodologies, policies and procedures
- Identify gaps and propose solutions to increase security efficiency and effectiveness
- Document security system architecture and processes
- Work with Ibotta’s procurement process to vet Ibotta’s third party suppliers and data partners
- Train others on InfoSec procedures in a way that everyone can understand
- Coordinate with other members of IT, Legal, and Technology on security program initiatives
- Manage applicable supplier relationships (ex: SIEM provider, vuln scanning tools, etc.)
- Participate in a 24/7 oncall rotation
- Act as subject matter expert for information and cyber security to internals, clients, and data partners
What we are looking for:
- Core Competencies: resilience, tech savvy, collaborates, resourcefulness, manages ambiguity, decision quality, and excellent communication skills
- Experience with enterprise logging (Splunk)
- Experience with Python and data wrangling languages such as SQL or Splunk SPL
- Experience with Cloud Access Security Brokers (Bitglass)
- Experience with enterprise endpoint protection systems (CrowdStrike)
- Understanding of networking concepts (IP, Ethernet, DNS, DHCP, VLANs, OSI Model)
- Familiarity with DevOps tools and concepts (Terraform, version control, etc)
- Knowledge of Linux, macOS, iOS, and Android
- Knowledge of AWS security principles
- 5+ years of technical security experience in a cloud environment
- Familiarity with SOC 2, ISO 27001 and NIST security frameworks
- Basic knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence, and coordinate a unified security response
- Bachelor's degree in a STEM field preferred or equivalent experience
- AWS Certified Cloud Practitioner
- Offensive Security Certified Professional (OSCP)
- CompTIA Security+ certification
- CompTIA CySA+ or CSA+ certification
- CISSP certification
Built in Denver, CO, Ibotta ("I bought a...") is a free mobile shopping app that gives users cash back on groceries and more. Through our partnerships with brands and retailers like Procter & Gamble, Kraft Heinz, Kellogg, Amazon, Walmart, Target and Uber, we’ve delivered over $1B in cumulative cash rewards to our Savers. Guided by our values and our mission to make every purchase rewarding, we come to work energized by the business problems we get to solve, the technology we get to build, and the people we get to innovate (and have fun) with. Ibotta made Inc.’s 2020 list of the 5000 fastest-growing private companies in the U.S. for the third consecutive year. In 2019, we became the first mobile consumer technology company in Colorado to achieve $1B in valuation.
- This position is located in Denver, CO or with the option of full-time remote and includes competitive pay, flexible time off, benefits package (including medical, dental, vision), Lifestyle Spending Account, 401k match, profit sharing and equity. Candidates must live in the United States, Canada, or Mexico.
- Base compensation range: $120,000 - $155,000. Total compensation for this role also includes a variable component in addition to base salary. This compensation range is specific to the state of Colorado's local labor market and may vary for employees living in other areas.
- Ibotta is an Equal Opportunity Employer. Ibotta’s employment decisions are made without regard with race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected status
- If living in the United States, applicants must be currently authorized to work in the United States on a full-time basis.
- For the security of our employees and the business, all employees are responsible for the secure handling of data in accordance with our security policies, identifying and reporting phishing attempts, as well as reporting security incidents to the proper channels.