Portfolio Company Job Opportunities

CyberSecurity Engineer

Syndio Solutions

Syndio Solutions

Multiple locations
Posted on Tuesday, July 2, 2024

Do you want to empower organizations to fairly and equitably hire, promote, retain and compensate their employees? Syndio is a Series-C technology company committed to fairness in the workplace. Fueled by investments of $83M from Bessemer Ventures, Voyager Capital and social change organization Emerson Collective, Syndio is investing in growing our team and products.

This is a critical moment when organizations are looking for ways to take tangible action to fight gender and racial bias, and we believe creating diverse and inclusive workplaces for all starts with workplace equity.

About the role
We are seeking an experienced CyberSecurity Engineer to join our team and play a crucial role in safeguarding our SaaS platform, its supporting infrastructure, and the wider organization. The ideal candidate will have a deep understanding of security principles, hands-on experience with modern platforms and architectures, and a passion for protecting sensitive data and systems. By closely working with information technology and compliance teams, engineering squads, and the product team this role will be instrumental in developing and implementing security measures that ensure the overall security and compliance of our services and the overall organization. We are hiring within Greater Seattle, SF Bay Area, and New York Metro Area.

Why this Role is Exciting

  • Security Architecture: Design and implement security architectures that protect our SaaS platform and its data to include supporting infrastructure for the overarching organization
  • Cloud Security: Work cross-functionally to ensure the secure configuration and operation of cloud environments used by the SaaS platform, including managing access controls, encryption, and monitoring for threats
  • Infrastructure Security: Implement and maintain security measures for the underlying infrastructure supporting the SaaS platform, such as network security, system hardening, and patch management
  • Security Assessments: Assist in regular security assessments and review of control implementation effectiveness to identify and remediate potential risks
  • Security Monitoring: Implement and manage comprehensive security monitoring solutions to detect and analyze security events in real-time
  • Vulnerability Management: Monitor the organization's environment for vulnerabilities, using tools like vulnerability scanners and penetration testing to prioritize/remediate vulnerabilities in accordance with Service Level Agreements (SLAs)
  • Threat Detection and Incident Response: Maintain effective threat detection and incident response capabilities, engage in routine incident response exercises, and investigate potential incidents to mitigate future risks
  • Data Security and Privacy: Implement measures like encryption, data loss prevention (DLP), and secure backup and recovery processes to ensure the confidentiality and integrity of data
  • Identity and Access Management: Work with our Information Technology (IT) Team to design, enforce, and support strong identity and access management controls to protect sensitive data and systems
  • Security Automation: Automate security tasks and processes to enhance efficiency and effectiveness in our security operations
  • Security Awareness: Promote security awareness within the organization and provide training on security best practices to all employees
  • Subject Matter Expertise: Serve as a subject matter expert within multiple security domains relevant to our SOC2 and ISO certifications, ensuring ongoing compliance and guidance on security controls

About you

  • You possess 5+ years of experience in an InfoSec or security engineering related field
  • You have a background in core system engineering skills and system security skills across hardware, software, and networking technologies
  • You have a demonstrated knowledge of application security, risk management, authentication systems, system security testing and hardening, and cloud security
  • You are experienced within the SaaS industry and technologies utilized across major cloud providers
  • You have a strong working knowledge of national and regional InfoSec standards, frameworks, and guidelines (e.g. NIST, SOC, ISO, GDPR, CIS Benchmarks, etc.)
  • You possess strong analytical and problem-solving skills with an ability to think independently and take initiative
  • You are comfortable speaking with senior leaders, engineers, product teams, and customers (when required) about the current state of our security architecture, best practices, and strategic initiatives
  • CISM, CCSK, and CISSP certifications are a plus but not required
  • Most importantly, you are passionate about our mission to close pay gaps and create fairness in the workplace
Why you'll love it here:
  • Check out our Employee Experience page for more information on our Mission & Values, Work-Life Balance, Pay Transparency, Diversity, Culture, and Benefits.
  • 💰 Competitive Compensation. Our base salary for this role is $133k—$156k per year. Final offer amounts are determined by factors such as experience and expertise. We take a geo-neutral approach to compensation within the US, meaning that we pay based on job function and level, not location.
  • 🏆 Syndio Equity. So you can share in Syndio’s success.
  • 🏝 Flexible Vacation Policy. We encourage our team to recharge when they need to, plus paid sick & safe time, compassion leave, and voting leave.
  • 16 weeks of paid parental leave
  • 🩺 Medical, Dental, Vision. Syndio pays 90% of employee premiums and 50% for dependents.
  • 🏥 Life Insurance & Disability. Syndio covers the full premium.
  • 🏦 401(k). To help you save for your future.
  • 🧠 Hone Membership - live training platform with programs designed for leaders, managers, and individual contributors to develop skills to succeed in the workplace
  • 📍 Remote-First (within talent hubs: Seattle, SF, or NYC) #LI-Remote

Role Progression

  • Month 1 - We'll ramp up. You will begin to grasp our current security frameworks, assist in data gathering, and follow existing incident response procedures. By the end of 30 days, you will have started exploring automation tools.
  • Month 3 - Let's get to work. You will now independently gather compliance data, identify control gaps, and troubleshoot basic security incidents. By the end of 90 days, you will have automated various simple security workflows and compliance tasks.
  • Month 6 - Time to make an impact. Expect to lead compliance improvements, own control sets, resolve most security incidents, and develop complex automations to streamline security operations.

The interview overview

Below is an outline of the interview plan for our CyberSecurity Engineer position. Please note that this is what we expect the process to look like; we may ask you for supplemental information or require an additional step before making a final decision.

  1. 30-minute interview with a member of our Talent Team
  2. 45-minute Zoom interview with an Engineering Manager
  3. A take-home assignment (This replaces live coding in further interviews)
  4. Three video interviews with several team members (Engineering, Platform, Security and Compliance) - 2 hours

At Syndio, we're building a diverse team that values candor, curiosity, and community. If you share these values and are interested in joining us, we'd love to talk with you even if you don't 100% meet the "about you" listed here. We don't expect anyone to have all the answers, as long as you're willing to learn and grow with us.

Employees joining the Syndio team at this early stage of growth will impact this critical social issue and support a growing customer base (including Nordstrom, General Mills, Match Group, and others) to take tangible action on workplace fairness.

Syndio is an Equal Opportunity Employer. We are building an inclusive and collaborative workplace as we grow, and we welcome team members regardless of gender/identity, sexual orientation, race or cultural background, religion, physical disability and age.