Work In Tech

We are looking for a Senior Security Engineer to help us build and grow our EverCommerce security program. designs, builds, deploys, integrates, and optimizes security solutions and processes.

The Senior Security Engineer will have well-developed communication skills and can demonstrate proven technical ability, refined relationship management skills, and problem-solving skills. We are seeking an individual with a diverse background and that includes aptitude across several technologies, and skill sets. This role will require close coordination with other information security engineers, teams, security stakeholders and with internal and external software development teams.

Responsibilities - What You’ll Be Doing

• Create and maintain security architecture and engineering processes and procedures
• Design of system architectures which meet established cybersecurity requirements and align with customer needs
• This includes security requirements definition, documentation, and communication.
• Development of security architecture requirements and implementation guidance based on analysis of NIST 800-53 and or other security control frameworks
• Architect, design, implement, maintain, and operates information system security controls and countermeasures.
• Provides techniques and patterns for securing integration with external security system vendors and/or cloud providers
• Leads regular architecture and design reviews to ensure requirements implementation
• Evaluates and plays an active role in life-cycle management of multiple security technologies
• Identify security risks and control gaps within systems, designs, products, data flows, and processes; and recommend corrective architecture, integrations, controls, and operations
• Participate in the development of security requirements, architectures, and documentation to ensure security controls are seamlessly integrated into new technology deployments
• Perform secure architecture and design reviews of new technology and security systems deployments, and collaborate with business teams to integrate secure-by-design principles into CI/CD pipelinbes and Agile development processes
• Maintain a clear view of the overall security architecture roadmap and strategic plan
• Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for our solution groups and our customers
• Build, maintain and mature security architecture metrics and reporting
• Serve as a subject matter expert/contributor measurably improving the overall security framework and program
• Mentor junior security engineers and analysts
• Additional duties as required and assigned

Requirements

• At least 7 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration)
• Bachelor's Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience
• Have at least one current Industry recognized security certifications; CISSP, CISM, CISA, GIAC or commensurate experience
• Excellent communication and interpersonal skills, with the ability to communicate and collaborate effectively with cross-functional teams, matrixed organizations, and technical / and non-technical stakeholders
• Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks
• Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such AWS and Azure
• Knowledge of Information Security risk assessment methodologies and standards
• Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security
• Excellent verbal and written English communication skills

Successful candidates will have broad understanding and expert level experience in multiple of the following security technologies, security domains and sub-domains:

• EDR/XDR/NDR
• Security Automation and AI integration
• Information Asset Inventory Systems
• Secure Web Gateways
• Data Loss Prevention
• SIEM//Logging
• UEBA, UBA, Predictive Analytic Systems
• SOAR
• Vulnerability Management Systems
• Cryptography, PKI, Field Level Data at Rest Encryption
• Privileged Access Management
• Identity/MFA
• Application Security/WAF
• DevOps/SecOps/DevSecOps
• Cloud Technology Platforms, IaaS, SaaS
• Network Intrusion Prevention/Detection (IPS/IDS)
• Security Information and Event Management (SIEM)
• Vulnerability scanning tools
• Application scanning tools
• Network Access Controls (NAC)
• Zero Trust Networking Architectures
• Network-based and user-based segmentation controls
• Virtual Private Networks; SSL, IPSec and Site-to-Site
• CTI Frameworks and Systems
• SDLC Methodologies
• Systems segmentation, system hardening, and process isolation
• Vulnerability Management
• Managed Detection and Response
• MSSP Relationships

Preferred Qualifications

Our ideal candidate would also have the following preferred skills, experience, or education:

• Advanced knowledge regarding common attacks, attack methods, and defense architectures.
• Experience in securing multi-tenant compute services, microservices and modern APIs
• Working knowledge of common web and container-based vulnerabilities
• Experience with Information Security policies and procedure development and implementation
• Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers

Where: This role will be 4-5 days in our Denver offices, with minimal travel (one to two times per year.)