Senior Security Engineer
Security | SF / DC / Remote | Full Time
Coalition was founded by repeat entrepreneurs, Joshua Motta (Cloudflare) and John Hering (Lookout), with a mission to solve cyber risk. We believe that cyber risk is among the most pervasive risks facing society, and we've built the first holistic solution to it by combining free cyber security tools to help prevent loss, expert response to mitigate it, and up to $10M of insurance coverage to recover from it. Our technology platform encompasses insurance, threat intelligence, patch and vulnerability scanning, DDoS mitigation, ransomware protection, and more. Coalition’s team of engineers, data scientists, security researchers, incident responders, and insurance personnel protect customers before, during, and after cyber incidents. Our insurance products are backed by Swiss Re, one of the world’s largest (re)insurers, and Argo Group. Our customers are in every industry, and all across the US. We are based in San Francisco, although you'll find some of our team in more exotic places.
If you enjoy solving problems at scale (with lots riding on it) we hope you'll consider joining us.
About the role:
The Coalition team is comprised of bright minds across many cybersecurity domains, with expertise in Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance. In the Security Engineering role your mandate is to protect our customers from loss. As a part of this mandate you might find yourself investigating data breaches and claims events, leading incident response efforts with our clients and partners, conducting security gap analysis assessments, assisting with penetration testing / red-team assessments, or otherwise working across our client base on topics ranging from security architecture and cloud security, to data protection and compliance.
You will also have an opportunity to work with our product team to codify security best practices into our underwriting algorithms, rating models, and risk management apps.
- Review and analyze the security posture of insureds or potential insureds quickly and efficiently.
- Prototype tooling for risk enumeration and threat intelligence,
- Model threats, fingerprint exploits and build validation logic for accurate vulnerability identification.
- Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.
- Assist with developing Information Security Plans and Policies, including those for Incident Response, customized to customer requirements and risk profile.
- Provide recommendations on solutions to help customers manage information security risk.
- Track emerging security practices and contribute to building internal processes, and our various products.
- Stay abreast of the current regulatory environment, industry trends and related implications.
- Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.
- Minimum of 2-4 years of incident response or digital forensics experience.
- Demonstrated expert understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
- Knowledge of TCP/IP Protocols, network analysis and network/security applications, including log and network traffic capture analysis.
- Experience with EnCase, FTK, SIFT, Volatility, Splunk, Graylog, ELK/Logstash, WireShark, Zeek, or other open source forensic/log analysis/network analysis tools.
- Knowledge of industry standard frameworks – NIST, ISO, HIPAA, PCI.
- Self-motivated; entrepreneurial spirit; comfortable working in a fast-paced, dynamic environment.
- Strong interpersonal communication skills (verbal & written).
- Aptitude to learn technical concepts/terms, and ability to manage multiple tasks/projects simultaneously.
- Security policy, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).
- Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.). Experience with system hardening procedures for Windows, Linux, Unix is helpful.
- Knowledge and/or experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools is helpful.
- Knowledge of programming and scripting for development of security tools and industry frameworks is helpful.
- SCADA / Control systems network experience a plus.
- We have lots. Check them out on our site.
- We are open to hiring a qualified candidate in any of our offices (SF, Washington DC, Boulder). Qualified remote candidates are also welcome to apply.
Coalition hires the best people based on an evaluation of their abilities and effectiveness. We do not discriminate against employees on the basis of any other personal characteristic or any classification protected by federal, state, or local law.