Information Security Engineer
FormAssembly is seeking an experienced Information Technology Security Engineer with exceptional technical skills to join our Security and Compliance department. As a Security Engineer, your role will be to work with other business units to ensure the highest level of security and compliance obligations are met.
We seek a motivated self-starter and team player to lead several aspects of security and compliance at FormAssembly. Responsibilities include ensuring FormAssembly meets the highest security standards, administering security audits, making infrastructure improvements, and helping achieve/maintain security standards such as PCI DSS Level 1, ISO-27001, HIPAA, GDPR, FedRAMP and others.
FormAssembly is a 100% remote, fast-growing SaaS company with teammates all over the world that come together every day to help customers streamline data collection processes. We’re chasing major growth goals year after year, and we’re looking for talented, driven individuals to join our dynamic team.
FormAssembly works with 5,000+ leading companies worldwide to help them collect data quickly and securely, including Amazon, PayPal, Dell, Harvard, and more. We have been recognized in the 2020 Inc. 5000 list of fastest growing private companies for four years in a row, and we are a G2 Crowd Winter 2021 Leader. As we grow rapidly and adapt our product to better serve our impressive roster of customers, we’re also dedicated to fostering community and building relationships with our coworkers.
For a glimpse at what it’s like to work at a SaaS company with 35% year over year growth and teammates from all over the world who live out our core values of transparency, accountability, curiosity, ambition, composure, and kindness, learn about our awesome team and how and why we work remotely.
If you share our core values and want to work together to build something great for our customers, we’d be thrilled to have you apply for this position. FormAssembly is an equal opportunity employer. If you belong to an under-represented group in tech, you’ll find a welcoming culture that thrives on diversity.
This is a full-time position, open to all locations (working remotely from home).
In this position you will:
- Maintain the security program such as appropriate risk governance, security procedures, security event management, incident response, and audit and compliance functions.
- Validate security configuration and standards for systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
- Performs vulnerability assessments to assess the effectiveness of existing controls and recommend remedial action.
- Produce reports concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Lead the company’s security awareness training program and phishing simulations.
- Continually monitor, test and harden our infrastructure security in AWS.
- Lead compliance efforts consisting of HIPAA, ISO-27001, PCI, NIST and maintain those appropriate certifications.
- Review and improve internal security best practices and training.
- Oversee and maintain DLP, FIM, IDS, WAF’s, anti-virus, SIEM etc.
- Assist in filling out security questionnaires for our customers.
- Audit and review controls within Google Workspace and Okta.
- Must have AWS or cloud experience.
- Minimum 3-4 years of experience as a security engineer.
- Experience with PCI, HIPAA, ISO-27001 and others.
- Linux and macOS experience.
- Must have Google Workspace experience
- Relevant security industry certification (CISSP, CISA, GIAC)
- Have current (non-expired) US work authorization or citizenship
FormAssembly offers several benefits that help to facilitate a healthy team, personal growth, and a work-life balance, all of which contribute to creating a more engaged and passionate workforce.
- Health benefits (health, dental, vision) for team members based in the United States
- 401(k) with 4% company match for team members based in the United States
- Open/Unlimited time off policy and 9 company holidays
- Flexible work schedule
- Paid parental leave
- Charitable contribution match
- Budget for professional development
- Company provided laptop (Macbook)
You'll be joining a talented and fun team, working together to build something great!