Information Security Engineer
Information Security at Enigma is a trusted resource for the entire company, helping effectively Identify, Communicate & Manage Risk. We enable our sales partners, software engineers, data analysts, infrastructure engineers and everyone else. We help demystify risk, make informed business & technical decisions, meet client requirements. As a key member of the Information Security team, you’ll work alongside a brilliant team of other curious, data-obsessed co-workers, who want to share the magic that Enigma products can bring to a customer. We build products to ingest large, diverse datasets, map them to ontologies, probabilistically identify likely connections, and then use these knowledge graphs to power applications to create transformative value - from saving lives to preventing financial crime.
By applying Enigma technologies to real-world industry challenges, engineers at Enigma are responsible for enabling next-generation business processes for blue chip clients, one workflow, process, or team at a time. Engineers are guided by four principles: “Always be shipping,” “Customer obsession,” “Strive for perfect,” and “Think big, start small.” Ultimately, we are excited about data’s impact on the world and are looking for engineers who are curious, generous and can hustle in a fast-paced environment.
Qualities we value:
-Focus on the risk, rather than the control. It’s easy for Information Security to only focus on the control for controls’ sake. We strive to get to the bottom of the risk equation, without the dogma.
-Comfortable using the right tool for the job, rather than any sticky preference for a tool or technology to drive the end-to-end ownership of small and large deliverables
-Enjoy learning and sharing your valuable feedback across our engineering teams, so we can continue to iterate and improve
-Clear communicator with a solutions-oriented mindset. Seeks the deeper context and the information required to make the most informed decision (i.e. disambiguating requests and understanding the root cause)
-Pro-actively seeks information cross-functionally, communicating with external and internal non-technical and technical stakeholders.
-Highly motivated, results-oriented, and take pride in being a problem solver
What we’re looking for:
-Experience implementing and/or operating at least 3 of the following security solutions. Where the candidate does not have experience with these solutions, a willingness to learn is a must:
-Vulnerability scanners for APIs, Web applications & infrastructure
-Data Loss Prevention tools (DLP)
-Patching for AWS EC2 instance
-Developer Access to Production (DAP) solutions
-Log Consolidation & Alerting solutions via MSSP
-3rd party penetration testing
-Experience responding to & resolving alerts from MSSP for log consolidation, as well as the Enigma user community (suspicious activity alerts, including phishing)
-Experience in AWS required; other cloud solution providers would be helpful
-Ability to communicate vulnerabilities to technical staff that are responsible for remediation (developers, engineers)
-Experience with AWS and all of their product offerings
-A sense of ownership, initiative, and drive
-Ability to participate in:
-Information Security Incident Response procedures
-Business Continuity & Disaster Recovery planning & exercises
-Experience in the following would be helpful, but not required:
-Training business team members in entitlement review procedures
-3rd party Vendor Risk Management
Enigma is a New York-based Data-as-a-Service company. We transform disparate, tabular data into rich representations of real-world relationships, providing a trusted source of intelligence about people, places and companies. From evaluating insurance risk to combating money laundering, Enigma connects and enriches clients’ internal data assets to transform their strategies and workflows. Leading organizations, including American Express, BB&T, EMD Millipore, Celgene and Merck depend on Enigma to power the daily decisions that matter. Enigma was the winner of TechCrunch Disrupt NY 2013 and a graduate of the 2014 FinTech Innovation Lab.
We are proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.