Who Are We?
MerchantE is an innovative, technology-focused company providing a full-service platform to support the payment processing needs for merchants of all sizes, including small business retail shops, B2B wholesalers, and global eCommerce enterprises. We partner with financial institutions, software developers, independent sales organizations, and agents to bring our solutions to market.
Why Join Us?
We’re growing and we’re looking for collaborative, innovative, and hard-working individuals to grow with us! We offer a modern and inspiring work environment where your ideas and contributions are valued. Come experience, first-hand, the impact of your contributions.
We are seeking a security engineer to join our Security Operations Center (SOC). The ideal candidate should be knowledgeable in cybersecurity fundamentals and know their way around a Windows, Linux, or Mac environment (preferably all 3!). You will be a part of a team that helps ensure the availability, integrity, and confidentiality of MerchantE systems, applications, and data. This is a great opportunity to get exposed to many different technologies and learn from a great team of cybersecurity professionals.
Essential Duties and Responsibilities:
- Continuous Monitoring: Act as first response to security alerts and incidents, escalating to senior engineers as required. Familiarity with one or more SIEM platforms is a plus.
- Vulnerability Management: Perform periodic scans of the environment using a vulnerability scanning tool, performing triage based on severity and working with the appropriate business unit to resolve
- Endpoint Security and Incident Response: Ensure uniform inventory of endpoint detection and response tools across all assets, respond to detections and incidents, and work with affected users to identify, contain, eradicate, and recover.
- Data Loss Prevention: Respond to alerts in our DLP platform and investigate potential data loss events
- Perform Security Reviews: Ability to review a web, mobile, or desktop application, reason about its security posture, and determine whether the application can be safely used within our environment.
- Threat Intelligence: Triage threat intelligence from a variety of sources, search for indicators of compromise or indicators of attack within environment, and take effective action to mitigate the threat
- Cloud Knowledge: Familiarity with one or more public cloud platforms
Required Education, Skills, or Experience
We expect you to have either formal training in a computer science or cybersecurity related discipline, entry-level cybersecurity certifications, OR documented experience in cybersecurity or a related IT discipline. The more demonstrated experience, the less importance will be placed on formal education or certificates, and vice versa.
- Degree in Computer Science, Information Security (Cybersecurity), Information Systems, or a related technical field
- 2 years’ combined experience in an Information Technology discipline (Systems Administration, Network Engineering, Software Developer, DevOps Engineer) and Security Engineering role.
- Cybersecurity or IT certifications (Security+, Network+, Linux+, CCNA, RHCSA or RHCE, MCP or MCSE)
- Understanding of web application security and common vulnerabilities (OWASP Top 10), including XSS, CSRF, and Injection.
- Fundamentals of the CIA triad and Infosec concepts such as authentication, authorization, accounting, identity access management (IAM) and non-repudiation.
- Practical understanding of cryptographic protocols, including encryption, hashing, digital signatures, and public key infrastructure
- Knowledge of network and Web-related protocols (e.g., TCP/IP, IPSec, HTTP, SSL/TLS, DNS, etc)
- A strong sense of accountability and self-motivation and a desire to work collaboratively in a small, cross-functional team.
- Effective writing and communication skills
- An ability to think critically and an aptitude for problem-solving.
- Ability to adhere to a formalized Change Management Process
- Network security experience - including flow and network traffic capture analysis.
- Experience with network IDS/IPS and/or web application firewalls
- Experience in one or more technical forensics and/or malware analysis tools
- Knowledge of containerized solutions, such as Docker or Kubernetes
- Ability to read and write scripts in languages such as Python, Ruby, or Perl
- Experience with Security Information and Event Management (SIEM) platforms such as Splunk or ELK SIEM.
- Financial industry experience or knowledge of the PCI Data Security Standard