Senior Security Engineer
Full Time - Texas or Remote
Favor’s mission is ‘Anything Delivered’. Our engineers make high-touch logistics happen. The Favor technology platform is the engine behind the business enabling millions of Favors. Our technology efficiently manages the real-time assignment of Runners to Favors, facilitates communication between customers, Runners, and support, keeps thousands of customer and Runner mobile applications in sync, and more.
Do you get a thrill when you make an impact on hundreds of thousands of users? Do you want to work for a purpose and value driven company in a high growth environment? Our engineers create the tools and applications necessary to connect our customers, Runners, merchants, and support teams. You will work closely with our engineering teams to meet customer needs, build solutions to complex problems, and deliver delightful, secure experiences to all our users.
At Favor, we are committed to building a world class team that shares a passion for modern, clean code and products that make a difference. We need engineers like you to help us achieve our mission of ‘Anything Delivered’. As a Senior Security Engineer at Favor, you will be responsible for identifying and resolving vulnerabilities while serving as the security subject matter expert on web application and mobile security for the rest of the engineering team and company.
- Examine existing infrastructure and applications to identify and reduce risk.
- Provide security event management, vulnerability assessment, and intelligence correlation.
- Correlate threat intelligence with security systems and controls to handle security events.
- Reduce time-to-detect and time-to-remediate by driving the automation of security event management, vulnerability assessment, and intelligence correlation.
- Keep systems up to date with security patches.
- Collaborate with engineers to make sure new features and services meet security requirements.
- Provide mentorship to junior security engineers.
- Perform code reviews and threat modeling and write security features in code, such as password handling.
- Work with product and other departments to drive security initiatives and increase overall security.
- 4 - 8 years of experience in web and/or API application security at a mid- or senior-level.
- Familiarity with OWASP vulnerabilities and web and API security best practices.
- DevSecOps or automation experience, such as implementing DAST/ SAST or other tooling.
- Experience working as a security analyst with hands on experience using SIEM, AV, Firewall, WAF, Vulnerability Scanning.
- Knowledge of Web application and network exploitation.
- Knowledge of best security practices in a cloud architecture.
- Deep understanding of Linux internals.
- Identify engineering opportunities to enhance detection systems and security controls to counter known threats.
- Experience communicating with non-technical stakeholders about security and risk.
The Ideal Candidate
- Like working with other engineers in a collaborative and iterative environment.
- Have experience in a high-growth startup/medium-sized company.
- Communicate well with technical and non-technical stakeholders.
- Have experience or familiarity with the following technologies: AWS, Docker, Jenkins, Kubernetes, PHP, Kotlin, Go, or Scala.
- Have experience and knowledge of PCI Compliance, managing and configuring WAFs, microservices, and native app security (iOS and Android)
Life at Favor
- Benefits -- We offer premium health, vision, dental, life, and 401(k) options. We also offer Favor delivery credit and H-E-B discounts!
- Time-Off -- We offer unlimited PTO for salary employees and ample vacation time to all team members. We empower you to live your best life and do your best work!
- Learning & Development -- We encourage personal growth and education through regular Learning Labs taught by internal team members and external facilitators.
- Community -- Whether you’re an avid cyclist, dog lover, or Magic enthusiast, there’s a group for you here. We foster community through Employee Resource Groups (ERGs), quarterly company-wide events, happy hours, and regular connection opportunities.