Simplify Logo

Full-Time

Engineering Manager

Product Security

Posted on 6/27/2024

Alloy

Alloy

201-500 employees

End-to-end identity risk solutions for financial institutions

Financial Services
Data & Analytics

Compensation Overview

$210k - $247kAnnually

Senior, Expert

New York, NY, USA

Category
Security Engineering
Engineering Management
Required Skills
TCP/IP
Kubernetes
Communications
AWS
Requirements
  • 3+ years of leadership experience
  • 8+ years of work experience in Application Security, Cloud Security, or Platform Security
  • Relevant information security and other certifications preferred: CISM, CISSP, AWS Solutions Architect, AWS Security Specialty, and similar
  • Knowledge of security, governance, risk, and compliance standards, frameworks, and controls such as PCI­-DSS, ISO 27001/27002, SOC 2, NIST CSF, CIS Benchmarks, etc.
  • Practical experience with information systems security standards and practices (e.g., access control, system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Experience at each level of the stack: network, system, and application security – particularly with Kubernetes and public cloud
  • Knowledge of TCP/IP and network communications
  • Knowledge of encryption/decryption technologies
  • Experience implementing and configuring common security tooling solutions (SCA, SAST, SIEM, TPAM, DAST, CSPM, EDR, etc)
  • Strong problem-solving and analytical skills, exceptional written and verbal communication skills
  • Demonstrated experience leading a product security team
  • Demonstrated initiative, customer orientation, and teamwork competencies
  • Ability to manage multiple projects, priorities, and deadlines
  • Combination of education, training, and experience preferred
Responsibilities
  • Mentor a team of Application Security and Cloud Security engineers
  • Ensure the confidentiality, integrity, and availability of Alloy’s systems and data while allowing the business to move forward at a rapid pace
  • Conduct regular one on ones with members of the product security team, focusing on professional development, positive morale, and continuing momentum
  • Manage the product security backlog, prioritizing and delegating projects and ensuring their timely delivery
  • Engage with clients, auditors, and others during a variety of security assessments
  • Ensure timely security reviews of new and ongoing engineering initiatives
  • Manage security vendor relationships
  • Participate in third-party security assessments
  • Conduct recurring security management meetings (access control reviews, security bug bashes, incident response plan reviews, etc)
  • Participate in risk assessments; lead threat modeling and tabletop security exercises
  • Manage Alloy’s vulnerability management program
  • Ensure vigilance and monitor ongoing security threats
  • Analyze and respond to security incidents triggered by automated alerts, bug bounties, or external assessments
  • Perform ongoing log analysis and monitoring, and set up alerts to be proactively alerted or concerning activity
  • Proactively implement security controls and update existing controls to respond to an ever-changing threat environment
  • Implement and configure tools to help us detect and respond to new types of threats
  • Maintain awareness and understanding of Current Vulnerabilities & Exposures relevant to Alloy applications, dependencies, and infrastructure
  • Make sure vulnerable applications or systems are being promptly updated and vulnerabilities remediated
  • Regularly assess the security of our systems and compile reports for our team and our customers
  • Perform periodic security audits, penetration tests, and various tasks to ensure security policy and regulatory compliance
  • Prepare reports that document security incidents and the extent of the damage caused by the incidents
  • Maintain and adapt Alloy's security processes, procedures, and policies

Alloy offers an end-to-end identity risk solution for banks and fintechs, automating account opening, ongoing monitoring, and credit underwriting with a focus on fraud, compliance, and credit risk management. The platform utilizes configurable technologies and a broad network of data partners to support decision-making throughout the customer lifecycle.

Company Stage

Series C

Total Funding

$210.8M

Headquarters

New York, New York

Founded

2015

Growth & Insights
Headcount

6 month growth

4%

1 year growth

1%

2 year growth

3%

Benefits

Unlimited PTO

16 weeks of parental leave

Premium medical, dental, vision, HSA, & FSA programs

401k with matching and immediate vesting & eligibility

Commuter, health & wellness benefits

$1,000 annual learning & development stipend

Memorable team events and retreats