Cyber Security Engineer

Posted Aug 28

๐Ÿš€ What does Finalis do?

Finalis is the leading platform enabling the securities brokerage landscape to operate legally and compliantly. The firm delivers a white-labeled regulatory affiliation and compliance back-office solution that supports a wide range of private market dealmaking including M&A, capital raising, private placements, direct participation programs, fintech marketplaces, and alternative investment sponsors.

Finalis provides additional leverage to securities brokers with the Finalis Platform, which delivers a hassle-free deal management solution and a Marketplace that connects brokers with one another to gain insights and explore collaborations.

Launched in 2020 and growing rapidly, the SF- and NYC-based firm is on a mission to power dealmakers by building the worldโ€™s largest dealmaking platform.

Join us in disrupting the securities industry, for good.

๐ŸŒ How does Finalis work?

We are a fully-remote company with Finalists distributed between the time zones of Eastern Standard Time and Eastern European Time .

If youโ€™re located outside this time zone range, depending on the needs of your team, you may be requested to be available during specific hours.

Although we donโ€™t have an official physical place to work, we promote gathering with your team or other colleagues whenever possible.

๐Ÿค What about your team?

As Finalis continues to rapidly grow, we seek to bring on a skilled Security Cloud Engineer. Be part of the team harnessing the full power of the cloud to create extraordinary new value for the world 's leading organizations. From architecture professionals, data security specialists to software developers, you'll join the best in the industry, leveraging agile methodologies across the technology stack to drive 360หš value for clients.

โœจ What will you be doing?

  • Participate in compliance enforcing security standards such as SOC2 and ISO 27001.
  • Contribute to design the infrastructure architecture and suggest recommendations on security aspects. Contribute to threat modeling and attack surface analysis.
  • Assess security risks and their impact on applications and infrastructure using tools such as Nessus, Burp Suite, NMAP, OWASP ZAP, etc.
  • Monitor and analyze system alerts to identify and block malicious behavior and activities.
  • Execute incident response plans, identify root cause and drive mitigations to prevent future incidents.
  • Document all actions taken as part of the investigation, such as work instructions.
  • Continuously improve processes through automation and creation of tools using Python, Go or similar.
  • Generate vulnerability, configuration, and coverage metrics and reports to demonstrate assessment coverage and remediation effectiveness for systems and infrastructure.
  • Assist with the development of processes and procedures to improve threat and vulnerability management and security center operations
  • Educate and advocate for improved security throughout the data ecosystem.
  • Hardening Cloud infrastructure.
  • Generate security incident reports, security assessment reports, security procedures.

๐Ÿ’ฌ Who are we looking for

  • Graduated and/or student of careers related to Systems.
  • A minimum of 3 years of experience.
  • Hands-on experience hardening cloud servers, Docker Containers, and K8S.
  • Knowledge of OWASP application security standards, CIS Benchmarks, etc.
  • Experience in planning and testing for business continuity and disaster recovery
  • Experience with network and endpoint security tools such as EDR, IDS, SIEM, WAF.
  • Experience using AWS security tools.
  • Understand vulnerability assessments and experience in red teaming and penetration testing used to identify weaknesses and mitigations.
  • Security Event Management: Triage, analysis and response activities.
  • Knowledge of scripting languages such as bash, Python, GO, etc.
  • Excellent communication skills (written and verbal) as well as comfort and experience in delivering presentations.
  • Ability to quickly adapt to changing priorities, demands, and timelines through analytical and problem-solving capabilities.

Bonus Track!

  • Security related certification such as CEH, CISM, CCSS, CCCA, CCCS, CompTIA Security+, CISSP, GSEC etc. (Desirable)
  • AWS Infrastructure Certifications Desirable: AWS Solution Architect, AWS Security Specialist. (Desirable)
  • Experience with Github Actions, CI/CD.

๐ŸŒŸ What do we offer?

  • 100% Remote work (Work from wherever you want!)
  • Competitive USD salary
  • USD $20 per month for Internet expenses
  • Generous Paid time-off (Vacation Time!)
  • 17 Flex Days (to use in national holidays or personal matters)
  • Professional Growth Benefit (take your skills to the next level!) ๐Ÿš€
  • People Team Partner (to target your roadblocks and customize an action plan for your career path)
  • Buddy Program
  • Virtual After-Office Activities
  • Diverse Culture & Inclusive environment

๐ŸŒˆ Why work with Finalis?

We are a fast-paced startup which will enable you to develop skills quickly and work in an entrepreneurial culture where pushing limits and taking risks is everyday business. As we have Finalists from different countries and cultures, we encourage our team members to develop their soft skills, boosting their ability to adapt themselves to different backgrounds.

Finalisโ€™ core values:

  • We embody the trust we deliver
  • We are extremely proactive
  • We challenge conventional wisdom
  • Weโ€™re passionate about our work
  • We exercise stewardship with our users, investors and each other.

Finalis provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity, or gender expression. We are committed to a diverse and inclusive workforce and welcome people from all backgrounds, experiences, perspectives, and abilities.