Loadsmart · Feb 23rd 2021
Who we are:
Loadsmart aims to move more with less. We combine great people and innovative technology to more efficiently move freight throughout North America. Our focus is on designing and building the best tools for our team and our customers, using machine learning models to connect freight with trucks. We automate with algorithms and scale with integrations to better match supply and demand. In doing this we reduce wasted fuel and lost time, cutting out empty miles for motor carriers and providing cost savings and instant booking for shippers.
Where we are:
Loadsmart was founded in New York and is currently headquartered in Chicago, IL. Our teams operate remotely from different parts of the United States as well as in several locations across Latin America.
Who you are:
You believe in game-changing innovations and are excited about reimaging a 700 billion dollar industry. You are an analytical person with a solid understanding of business and the impact that analysis plays in a company's growth.
We are looking for a Lead Security Engineer to work remotely based in Brazil or in LATAM. You need to be obsessed about security, both technical and non technical aspects of it. You should have experience and proven ability to analyze, propose and implement safer systems and processes. You will work closely with engineering squads across platform engineering to ensure our applications are secure.
Take a leadership role in driving internal security projects with engineering teams
Reduce cloud and infrastructure vulnerabilities across all cloud assets.
Do regular risk assessment over important assets of the company
Do regular security tests and code reviews to look for possible threats
Seek, give, and receive constructive feedback to teammates through code and specification reviews
Document operational procedures and protocols regarding security
Build security plans, coordinate among involved people and execute
Define and manage KPIs and other measurements to indicate the health of security-related programs
Work directly with engineers and product managers to influence the product requirements
Provide security training and outreach to internal teams
4+ years of Security Engineering or Operations (i.e. traditional security controls and technologies, such as firewalls, intrusion detection/prevention systems, public key infrastructure, etc.) experience
Demonstrable knowledge of Information Security attacks and analytical mindset to detect cyber adversary tactics, techniques or procedures
Strong written and verbal communication skills; excellence in communicating business risk from cybersecurity issues
Strong organizational and communications skills with the ability to convey complex ideas in a manner that results in a definitive direction and results.
Experience in application security testing and releasing SaaS software in public clouds - AWS
Deep technical understanding of the OWASP Top 10 (XSS, SQL injection, broken access control/authentication/authorization etc)
Experience in working with AWS, Cloud environments, Containers, Kubernetes, Docker - DevOps Engineering environment with owning tests, CI/CD pipelines
Experience automating vulnerability discovery and repetitive tasks
Experience developing and interpreting security compliance standards and guidance
Programming experience with Python and at least one more programming language
BS or MS degree in Computer Science, Engineering or related field or equivalent experience