Interos is the operational resilience company — reinventing how companies manage their supply chains and business relationships — through a breakthrough SaaS platform that uses artificial intelligence to model and transform the ecosystems of complex businesses into a living global map, down to any single supplier, anywhere.
Reducing months of backward-looking manual spreadsheet inputs to instant visualizations with continuous monitoring, the Interos platform helps the world’s companies reduce risk, avoid disruptions, and achieve dramatically superior resilience. Businesses can uncover game-changing opportunities that radically change the way they see, learn and profit from their relationships.
Based in Washington, DC, Interos serves global clients with business-critical, interdependent relationships. The fast-growing private company is led by CEO Jennifer Bisceglie and supported by investors Venrock and Kleiner Perkins. For more information, visit www.interos.ai.
The Opportunity: (Primary Purpose of the Position)
Interos is looking for a Senior Security Engineer, Application Security, who will be responsible for designing, building, and delivering significant components of Interos' threat hunting strategy and overall security posture. You will work on a cross-functional team with knowledge of security processes and procedures, best practices, perform in-depth and advanced analysis in the pursuit to prove or disprove malicious activity. Knowledge and experience with information security controls, infrastructure, implementation techniques, familiarity with adversarial techniques, and application and infrastructure assessment are critical components for this role. You will demonstrate organizational and cross-functional communication skills to drive investigations into threats throughout the organization.
- Responsible for developing secure coding guidelines and best practice documentation for custom developed applications as well as ensuring the guidelines are followed.
- Conduct assessments using COTS and other tools to ensure coding practices are followed and effective as well as identify risks.
- Produce and update secure coding guidelines and related documentation
- Collaborate with development teams to ensure secure coding best practices are followed
- Collaborate with development teams to support remediation of software vulnerabilities
- Provide coding guidance to ensure best practices are continually followed and issues addressed.
- Conduct assessments of custom applications and related code to identify risks
- Perform general security policy development/maintenance and audit compliance support
- Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience.
- 6+ years of hands-on experience in information security
- 5 years of direct experience supporting secure coding practices.
- Demonstrated understanding of web application and database security
- Knowledge of software/application hardening OR input validation testing OR SQL injection testing a PLUS!
- Strong technical background in software security design/implementation and data protection
- Strong communication, interpersonal, consulting style skills to interface with staff, developers, and customers
- Knowledge of all domains within information security, especially defensive strategies, MSSP's
- 3+ years experience with more than one IDS/IPS, EDR, SIEM, and manual log analysis techniques
- 4+ years experience in Shell scripting or automation of tasks using Python
- Experience in application development using languages like Go, C/C++, or C# and source code review for control flow and security flaws
- Thorough understanding of network protocols, data on the wire, and covert channels
- Mastery of Unix/Linux/Mac/Windows operating systems, including Bash and Powershell
- Experience in scripting and configuration of SIEM tools
- Knowledge of web application logs and system event logs (Windows & *Nix)
- Ability to navigate and work effectively across a complex, geographically dispersed organization
- Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals
- Eligibility to obtain a security clearance is preferred
- Forensics background
- Certifications in one or more of the following:
- SANS GIAC Certification(s)
- Other cybersecurity offense / defense certifications
- Mission-oriented with an emphasis on making the team successful
*Supervisory Responsibility: This position has no supervisory responsibilities.
Include if position is Remote, US or Colorado: The range provided is for Colorado-based hires only and will be commensurate with candidate experience. Pay ranges for candidates in other locations other than CO may differ based on the cost of labor in that location. Pay range: $117,000 - $162,225
*FLSA Status: Exempt
*Work Environment: This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, printers.
*Physical Demands: This is largely a sedentary role. Physical requirements include occasional lifting/carrying of 5 pounds; visual acuity, speech and hearing; hand and eye coordination and manual dexterity necessary to operate a computer keyboard and basic office equipment. Subject to sitting, standing, reaching, walking, twisting, and kneeling to perform the essential functions. Working conditions are primarily inside an office environment.
*Travel Requirements: This position does not require travel.
- Comprehensive Health & Wellness package (Medical, Dental and Vision)
- 10 Paid Holiday Days Off
- Flexible Paid Time Off (FTO)
- 401 (k) Employer Matching
- Stock Options
- Career advancement opportunities
- Casual Dress
- On-site gym and dedicated Peloton room at headquarters
- Company Events (Sports Games, Fitness Competitions, Birthday Celebrations, Contests, Happy Hours)
- Annual company party
- Employee Referral Program
Interos is proud to be an Equal Opportunity Employer and will consider all qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity, genetic information, national origin, disability, protected veteran status or any other classification protected by law.
If you are a candidate in need of assistance or an accommodation in the application process, please contact [email protected]