REIMAGINE TRUST
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.
Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.
We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!
The Opportunity
We are looking for a trustworthy and proactive Principal Security Architect to be the technical thought leader and driver of holistic security across product and corporate security. The Security Architect works across various groups in the organization to elevate our security posture and ensure adaptable and long-lasting security improvements. We’re looking for someone who loves to architect and implement solutions across multiple areas of information security, such as risk management, product security, offensive security, cloud security, corporate security, and security operations (detection and response).
To be successful as a Principal Security Architect, you should have exceptional foresight, great communication skills, and thorough knowledge across multiple security domains and technologies. As a key person influencing our security posture, we will be looking to you to drive security initiatives across multiple business units and ensure business-friendly and scalable solutions. Reporting to the Sr. Director of Information Security, you will be an early hire to the security team and will have the opportunity to influence and build secure architectures, tooling and approaches from the ground up.
Responsibilities
- Identify, architect, guide, mentor and implement security improvements to Incode’s current operations, product and infrastructure.
- Threat model and evaluate new solutions and tools in AWS, Azure, and other clouds, and develop security frameworks that enable Incode to introduce these technologies in a secure manner.
- Develop and drive north-star architectures, intermediate architectures and implementation strategies for secure solutions.
- Work closely with Product, DevOps, IT Compliance, and other areas to ensure security and privacy requirements are met in the development of the product and in the deployment of infrastructure that supports the product.
- Provide technical expertise and input into the security roadmap and drive the implementation of technical solutions in that roadmap.
Qualifications:
- Deep experience in at least one of the following areas: Product Security & Offensive Security (to include DevSecOps), Security Operations, Detection Engineering, Cloud Security, Risk Management, Corporate Security and Threat Intelligence.
- Thorough knowledge and experience in securing highly available SaaS products across cloud first, hybrid and on-prem deployment methods.
- Extensive experience with industry compliance and security standards including PCI DSS, SOC2, ISO 27001, NIST 800-53.
- Depth and experience in securing the full lifecycle of cloud-native technologies (including docker, Kubernetes, serverless, etc.).
- Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.
- Practical knowledge across automation, segmentation, application protection, defense-in-depth, remote access, encryption, disaster recovery and replication, high-availability, software defined networking, virtualization, enclaves, zero trust, supply chain and other security architectural elements.
- Extensive experience with infrastructure automation, infrastructure as code, automated application deployment, monitoring/telemetry, logging, reporting, and continuous integration and delivery technologies.
- Extensive implementation experience with enterprise, cloud and product security solutions, such as privilege management, identity management, federation systems, SIEM, SOAR, EDR, IDS, IPS, etc.
Preferred Experience and Certification:
- Prior experience in product security engineering, cloud security engineering, secure software engineering, or infrastructure engineering.
- Hands-on experience in offensive security and an attacker mindset.
- A polyglot programmer comfortable in many languages across different platforms
- SaaS Startup experience in security focused industries, such as fintech, security software and services, healthtech, identity and access management.
- Experience in technically supporting highly regulated industries with security initiatives (FedRAMP, HIPAA, FERC/NERC, etc.)
- Experience as a thought leader to a talented group of engineers
- CISSP, CISA, CISM, IS027001 LA/LI, SANS (or equivalent experience)
- Cloud Certifications, such as AWS Certified Solutions Architect, AWS Security Specialty
8 Aspects of our Culture:
- Values are what we value
- High performance
- Freedom & responsibility
- Context, not control
- Highly aligned, loosely coupled
- Continuous Feedback
- Pay Top of Market
- Promotions & Development
- Learn more about Life at Incode!
Benefits & Perks:
- Meaningful Equity
- Flexible Working Hours & Workplace
- Open Vacation Policy
- Wellness Program
- International Travel Opportunities
- Additional benefit package according to location (401k, medical insurance, etc.)
Equal Opportunities:
Incode is an equal opportunity employer, committed to creating a diverse and inclusive work environment. We take great pride in having an inclusive, diverse, and global team and are always on the lookout for talented, passionate people from all backgrounds and walks of life.
Applicant Data Privacy:
We will only use your personal information in connection with Incode’s application, recruitment, and hiring processes.