Python Job: Jr. Security Engineer

Spiff (https://spiff.com), recently named one of the most innovative Fintech companies, is on a mission to inspire, enable, and reward peak business performance. Why? Commission plans are used by modern companies to reward and drive good behavior using more advanced rules or combinations of rules such as quota attainment, accelerators, and other types of variable earnings. Great Commission plans motivate Salespeople to sell more to the right companies. In order to help companies and reps to reach their full potential, we take the manual labor and complexity of current commission processes and completely automate them. Finance teams used to spend hours each month trying to prepare commissions, communicate them to their reps, deal with discrepancies, and then get those paid on time. Spiff automates that full process. We connect to the client's systems; CRM, ERP & Payroll to reduce the work and amount of errors. Spiff gives powerful, real-time data and insights to reps, managers, and executives about their commissions.

We’re looking for a passionate Junior Security Engineer to join our growing team and help us deliver intuitive and delightful experiences to our customers. We are considering remote applications from the United States or Argentina for this role.

Job Description

The Junior Security Engineer is an opportunity that introduces aspiring cybersecurity professionals to the day-to-day operations of security within the company. Junior Engineers are primarily exposed to frontline duties associated with cybersecurity practices and are introduced to the processes of event assessment and escalation (when warranted) to senior members of the cybersecurity team. This entry-level position is a fantastic opportunity to learn firsthand how cybersecurity controls are implemented, managed, and enhanced across the business.

Working alongside one or more mentors, Junior Security Engineers perform data collection, ticket processing, analysis and remediation tasks. Junior Engineers also work with cybersecurity team members to understand architectural designs, best practices, and event and incident response (IR) obligations. Junior Engineers provide support to the security operations center (SOC), IR and security networking teams. To be effective, Junior Engineers must have a general understanding of cybersecurity principles and concepts, as well as solid practical hands-on experience with computers.

What you’ll contribute in this role…

• Respond to security questionnaires and RFPs from potential customers and interested parties.

• Follow and execute directives issued by cybersecurity management and senior employees.

• Support day-to-day activities performed by the cybersecurity team.

• Learn to manage tools and solutions implemented throughout the organization.

• Work with senior members of the team to learn basic first-line threat assessment and response tasks and progress toward independence after proving competence.

• Execute tasks requested by cybersecurity team members, such as analysis, investigation, reporting and maintenance of general cybersecurity upkeep.

• Assist in supporting SOC, IR and security networking teams.

• Monitor dashboards and event logs with escalation to members of the cybersecurity team.

• Attain proven proficiency with cybersecurity tools and perform front-end troubleshooting and general triage.

• Read daily cybersecurity resources to stay current on security threats and vulnerabilities.

• Actively participate with the team in mock threat exercises to strengthen skills.

• Perform other duties as assigned.

• Progress towards a Security Engineer position.

  
  

What experience you’ll bring to Spiff…

• Undergraduate hands-on and general knowledge coursework in cybersecurity or information technology –and/or–

• Demonstrated hands-on lab experience collecting, investigating and documenting threats and incidents –and/or—

• Ability to speak to cybersecurity projects completed during education and training.

• Fundamental knowledge of cybersecurity principles and best practices.

• General knowledge and hands-on coursework (lab) experience with cybersecurity endpoint, network, vulnerability, forensic and log management tools.

• Basic understanding, knowledge of and hands-on capabilities with operating system configuration (Windows, Unix, Linux) and networking (DNS, DHCP, routing protocols).

• Ability to analyze event and incident logs, and work with SOC and IR teams to assess security events related to malware, vulnerabilities, exploits and kill chain methodology.

• Introductory knowledge of cloud-based infrastructure and operations.

• Basic exposure to one or more scripting languages (e.g., Python, PowerShell, and/or Bash) preferred.

• Basic knowledge of adversary tactics.

  
  

Bonus Points

• Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

• Solid written and verbal communication skills.

• Capable of working with diverse teams.

• Organized and punctual.

• Confident, but humble and willing to learn and take initiative.

• Recommendations from previous instructors, employers, or internship sponsors, or Certificates obtained during coursework are a plus, but not required

  
  

What types of perks and benefits we offer…

• What types of perks and benefits we offer…

• Competitive Salary and Equity

• Remote First & Friendly Company

• 100% Premium Coverage for High-Deductible Medical, Dental, & Vision Insurance

• Up to $1200 a year towards your Health Savings Account

• Additional Comprehensive FSA, Life, AD&D, Critical Illness, Group Accident, Hospital Indemnity, Legal, Commuter Coverages available for you & your dependents

• Company-sponsored Short-Term & Long-Term Disability Insurance

• Company-sponsored Mental Health Insurance & access to online counseling

• Flexible Time Off

• Flexible work hours

• Parental leave

• 401(k)

• HQ in Salt Lake City ( enjoy biking and skiing when you come to visit! )

  
  

At Spiff, we're committed to building a diverse and inclusive organization that reflects the ever-changing world around us. We strive for an equitable workplace where everyone feels welcome regardless of gender identity or sexual orientation; race or ethnicity; age; physical ability; socio-economic status; religious beliefs; political views or affiliations; or any other factor that can be used to make someone feel excluded from the workplace experience.

Our unwavering commitment to this mission is founded on the idea that varied perspectives drive innovation.

We know that fostering a diverse and inclusive team has a positive impact on our products and services, and helps us better serve our customers, employees, and community stakeholders. That's why we're building a culture where differences are celebrated and an environment where people from all backgrounds are treated with respect and given the freedom to be their authentic selves.