Senior Security Engineer

February 5

Apply Now

Receive Emails with Similar Jobs

ButterflyMX

WebsiteLinkedInAll Job Openings

ButterflyMX is a company specializing in scalable and user-friendly property access control solutions. It provides products such as video intercoms, access control systems, security cameras, smart locks, and elevators controls, offering a seamless and secure access experience for multifamily, commercial, student housing, and gated communities. The solutions allow property staff, residents, and visitors to manage access through smartphone technology and integrate with other property management systems to enhance convenience and security.

Smartphone Security • Property Management Software • Video Intercom • Touchscreen • Application Development

201 - 500 employees

☁️ SaaS

🔐 Security

🏠 Real Estate

💰 $50M Series D on 2021-12

📋 Description

• Founded in 2014, ButterflyMX is on a mission to empower people to open and manage doors & gates from a smartphone. • Our products are installed in more than 15,000+ multifamily, commercial, gated communities, and student-housing properties worldwide. • Fantastic people are the key to our success. We’re looking for more intelligent, passionate, collaborative, and down-to-earth individuals to join our growing team. • As our first Security Engineer at ButterflyMX, you will assume a pivotal role in delivering substantial value to the organization by prioritizing the protection of clients', tenants’ & employees' information assets. • You will mature, build, scale & operationalize our information security program as our first dedicated security engineer. • Your expertise will be instrumental in safeguarding our innovative solutions & protecting our valuable assets & customers. • You'll be a leader wearing multiple “security hats” to ensure the resilience, safety, confidentiality, availability & integrity of our solutions & data.

🎯 Requirements

• 5+ years of security engineering experience building, managing & scaling security operations at a fast-paced, agile/dynamic, cloud native, technology-driven startup • You enjoy working as a security engineer in organizations that develop software as a service &/or operate managed infrastructure & technology services for their own customers • Experience securing a tech stack/solution that includes SaaS, Mobile, & IoT • Experience working with cross-functional teams to identify & mitigate security, compliance & data privacy risks • Proficiency with deploying, operationalizing & managing security solutions in a remote first organization, with a cloud tech stack built for providing SaaS. • AWS Security SME - experiential knowledge of securing EC2, S3, Lambda, EKS • AWS Security Stack Experience - WAF, Inspector, Security Hub, GuardDuty, etc.. • Security Overlay Solutions: EDR, SIEM, CNAPP/CSPM, DSPM, DLP, IDS/IPS.. • Google Workspace, Apple, Windows, MDM, Secure Email Gateway • Extensive experience & expertise across multiple security domains including cloud security, data security, network security, application security, incident management, threat/vulnerability/patch/configuration management, identity & access management.. • Strong understanding of security best practices, frameworks, standards, & compliance requirements, & particularly how these apply to a startup environment through enterprise environments. Experience maturing security controls as an organization matures. • Experience maintaining SOC 2 Type II compliance & associated security controls within an organization • Demonstrated technical expertise in implementing data privacy controls & safeguards to include facilitating the deployment of technical measures to ensure compliance with data privacy regulations such as GDPR & CCPA • Expertise in DevSecOps practices, such as automating security testing within CI/CD pipelines & conducting static & dynamic code analyses, through remediation of findings. • Experience automating security controls. Proven technical proficiency using Terraform & other infrastructure as code tools, with a strong track record of managing vulnerabilities in ephemeral cloud infrastructure environments. • Incident response management: Experience in developing & implementing incident response plans, conducting investigations, & managing security incidents effectively • Demonstrated ability to educate an engineering audience about technical application security vulnerabilities, i.e., OWASP Top Ten, OWASP API Security Top 10 • Adept in a data-driven approach for decision-making & a risk-based mindset to prioritize & address security concerns effectively. • Experience with implementing Security & Privacy by design principles into a development lifecycle involving incorporating threat modeling to identify potential risks & ultimately design appropriate security controls. • Customer focused & Solution oriented, Enthusiastic, Empathetic, Adaptable/Flexible, Bias for Action, Forward thinking, Optimistic, Trusted Advisor • Everyone is a customer & everyone is on the security team • A strong inclination to dive into the details, actively engaging in hands-on work. • Continuous improvement mindset. Pursues ongoing professional development, stays updated with emerging threats & technologies.. • Industry certifications such as AWS Security Certified, CISSP, CCSP, CSSLP, GX

🏖️ Benefits

• Comprehensive Medical (ButterflyMX covers 90% of the cost) starting day 1 • Dental and Vision plans (ButterflyMX covers 100% of the cost) starting day 1 • 401(k) plan with a match • 13 paid holidays and 25 days of PTO • Paid Family Leave • Employee Assistance Program • Quarterly self-care stipends • HealthAdvocacy Program • Access to optional benefits, including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Disability, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance • Collaborative, dynamic work environment filled with kind, intelligent people who are working hard on an industry-defining product