Security Engineer, Prove

• Four to Seven (4 - 7) years of related experience, specifically in Engineering/IT Operations, Security Operations, Vulnerability Management, and/or Incident Response
• Bachelor’s degree in IT, information security, computer science, or a related field and/or related work/military experience
• Hands on experience with Vulnerability Management tooling, SAST, DAST, SCA, DLP, SIEM and SOAR tooling
• Strong scripting skills (PowerShell, Python, etc.)
• Understanding of a Security Development Life Cycle
• Knowledge of Incidence Response policy, process, and execution
• Understanding of PCI DSS, HIPAA, SOC 2 Type 2 and NIST requirements and policies
• Ability to communicate network, cloud and system security issues to fellow analysts and engineers
• Experience in high-growth /pre-IPO Technology companies
• Strong passion for learning about our products and markets through in-house and external training
• Promote, maintain and enhance our cultural values of humility, passion, inclusion, and leadership

• Reports To: Tony Michelotti – Manager, Information Security
• At Prove, Security Engineers handle the digital security for our company and our products
• Our Security Engineers are the first line of defense against malicious actors
• Their duties include operating and maintaining our cyber security system and our IT security infrastructure, building digital security protocols, and proactively scanning our company’s digital assets for weaknesses and creating robust countermeasures to prevent future incidents
• Additionally this role is responsible for configuring vulnerability and threat intelligence scans, researching the latest threats, conducting risk assessments, coordinating remediation of identified risks, performing penetration testing activities and reporting on compliance
• As a Security Engineer, a portion of your time will be to train fellow Provers on security best practices and advise management on investments to safeguard the company’s computer and network systems
• As a member of the Information Security team, a Security Engineer will:
• Manage the IAM program including administering and provisioning corporate identities and access
• Act as a technical lead within a rapidly growing cyber security group and develop team objectives to resolve outstanding risk and identify new areas of exposure
• Assist in validating and remediating critical findings resulting from Audit/Vulnerability & Threat Management processes
• Utilize industry-standard toolsets to map and reduce the attack surface of a complex and dynamic architecture
• Collaborate with Threat Intelligence groups to overlay observations from the global threat landscape with patching and remediation strategy
• Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
• Triage and escalate high risk and zero day exploits and provide remediation recommendations
• Review opportunities to reduce the risk surface of Prove, ensuring a highly secure target for adversary actors
• Develop scripts, tools, and methodologies to identify and exploit points of exposure on internal and perimeter applications
• Implement and direct processes across the vulnerability management lifecycle, including Discovery, Prioritization of Assets, Vulnerability Assessment, Reporting, Remediation, and Verification
• Assess a system’s ability to defend against, respond to, and recover from cyber and social engineering attacks
• Hold teams accountable for SLA obligations, which can include escalation of issues in a timely fashion

• 401k Match
• Parental Leave Policy
• Stock Options
• Health benefits
• Wellbeing reimbursement
• Work From Home Opportunities
• Bonus Scheme
• Generous Vacation Time

Total funding: $252.1m

Prove's identity-proving solutions allow businesses to enable their customers to prove their identities with just a phone. It is used by more than 1,000 global enterprises and 500 financial institutions, across multiple industries.