BEAMSTART Logo

HomeJobsFull Time

Principal Product Security Architect

Veryfi, Inc. LogoVeryfi, Inc.


Date Posted

31 Oct, 2022

Salary Offered

Not Specified

Job Type

Full Time

Experience Required

3+ years

Remote Work

Allowed

Stock Options

No

Vacancies

1 available


Location: California Resident, SF Bay Area -Hybrid Role

About the role

We are seeking a full-time Principal Product Security Architect to join our talented team at Veryfi!

As the Senior Product Security Architect, you'll play a pivotal role in setting the strategic technical direction of the company while keeping both Veryfi and our customers secure. You are someone who can architect solutions, is a great communicator, and has high level experience in Security. Bonus: previous experience with FedRAMP.

What You'll Be Doing...

You will ensure security by design, product engineering and architecture for Veryfi products. In this role as a Senior Product Security Architect, you will conduct security assessments for products and solutions developed by Veryfi. You will collaborate with various cross functional teams and help to create, define, and implement security controls and tooling in conjunction with internal product development and partner teams.

Responsibilities Include

  • Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible.
  • Work closely with the product development engineers to perform security design and code review by suggesting flow improvements, anti-tamper protection when needed for security modules, and help with integration of vulnerability assessment tools.
  • Provide security guidance to Engineering and Product teams on overall product architecture and its ecosystem.
  • Build Threat Models, conduct Risk Assessments for new features or services and provide guidance on effective countermeasures.
  • Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology.
  • Provide subject matter expertise on Encryption, Security Controls, and Secure Design and programming practices across the Technology organization.
  • Contribute to Security Policy, Standards, and Guidelines related to Information Security.
  • Evaluate and operationalize new technologies for securing the organization.
  • Train and mentor Security Champions throughout the development.
  • Share thought leadership in the product and application security space.
  • Create security User Stories and security Test Cases for products that are tailored to the product attributes and technology.
  • Support and advise product owner and product development teams by ensuring technical and architectural feasibility, readiness and compliance.

You'll Need To Have

  • Six or more years of relevant work experience
  • Experience with performing security requirements analyses to secure the deployment of large globally distributed cloud-based and/or mobile-embedded platforms.
  • Experience with OWASP Top 10 vulnerabilities and Cryptographic Algorithms: (PKI), X.509 Public Key Certificates, authentication protocols, and transport layer security, OID, OAuth, SAML.

Even Better If You Have

  • Hands-on experience with implementing Security Services and tools in AWS such as GuardDuty, Macie, CloudTrail, CloudWatch, KMS, WAF, AWS Config, AWS Inspector.
  • Programming skills in C++/C, Swift, Java, Go, Python or other languages and the ability to solve complex operational issues.
  • Deep understanding of VPC, firewalls, reverse proxies, Load Balancers, Security Groups, Route Tables, IDS/IPS.
  • Hands-on experience with vulnerability scanning concepts and tools: SAST, DAST/IAST, server and container vulnerability scanning and remediation.
  • Container Security experience with Docker, ECS, Kubernetes.
  • Experience with configuration languages/IaaC: Ansible, CloudFormation, Terraform.
  • Experience with SDLC for mobile platforms including use of obfuscation techniques, Reverse Engineering and Tamper Resistant software development on Mobile Platform.
  • Understanding of various types of Exploits, Threat Modeling, and Attack surfaces
  • Experience with IT Security Frameworks such as NIST, ISO27001, PCI, DSS, FedRAMP
  • Master's degree in Computer Science or equivalent engineering experience.
  • One or more of the following certifications: AWS Certified Solutions Architect (professional), AWS Certified Security (Specialty), CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP), CISSP. 22CyberNET

Notice(s):

Salary Range Disclaimer

The base salary range represents the low and high end of the Veryfi salary range for this position. Actual salaries will vary depending on factors including but not limited to location, experience, and performance. The range listed is just one component of Veryfi's total compensation package for employees. Other rewards may include an open Paid Time Off policy, and many region-specific benefits.

Equal Opportunities and Accommodations Statement

Veryfi is deeply committed to building a workplace and global community where inclusion is not only valued, but prioritized. We're proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, family status, marital status, sexual orientation, national origin, genetics, neuro-diversity, disability, age, or veteran status, or any other non-merit based or legally protected grounds.

We value diverse experiences, including those who have had prior contact with the criminal legal system. We are committed to providing individuals with criminal records, including formerly incarcerated individuals, a fair chance at employment.

Where legally permitted, Veryfi requires all individuals attending or working out of Veryfi offices or visiting Veryfi clients to be fully vaccinated against COVID-19. For positions that can only be performed at an Veryfi office, candidates must be fully vaccinated against COVID-19 and present acceptable proof of vaccination by the date of hire as a condition of employment. For positions that require some in-office work or in-person client meetings, exceptions to these in-office or in-person job requirements may be made at the discretion of the business through June 2022, at which point full vaccination will be required. Veryfi will consider requests for reasonable accommodation as required under applicable law. To qualify as being fully vaccinated against COVID-19 there should have been a two week period after receiving the second dose (or any government recommended booster shot) in a 2-dose COVID-19 vaccine series, or a two week period after receiving a single-dose (or any government recommended booster shot) in a single dose COVID-19 vaccine

Post this on top for Angel List/ Post in bottom Y combinator

Why you should join Veryfi, Inc.

Veryfi empowers organizations to transform their unstructured data in the form of receipts, invoices, purchase orders, checks, W2s and other business documents into structured data at scale. Their suite of data transformation APIs can be leveraged for many use cases in financial services to deliver valuable business intelligence in seconds. Trusted by enterprises and technology companies alike, Veryfi's AI-based platform is being leveraged by companies worldwide.

Veryfi is backed by NewView Capital (NVC), Act One Ventures, TI PLatform, Y Combinator and Zillionize

Veryfi Raises $12 Million To Use AI To Tackle The Unstructured Data Entry Market https://www.forbes.com/sites/rebeccaszkutak/2021/04/26/veryfi-raises-12-million-to-use-ai-to-tackle-the-unstructured-data-entry-market/?sh=886fe19183f8

The Untapped Potential of Unstructured Data https://nvc.vc/perspectives/veryfi-the-untapped-potential-of-unstructured-data/

Capterra Reviews https://www.capterra.com/p/141684/Veryfi-Receipts-and-Expenses/reviews/

COME AND SAY G'DAY!

About Veryfi, Inc.

Veryfi, Inc. Logo

APIs to Liberate Trapped Data in Unstructured Documents

Company Size: 51 - 250 People
Year Founded: 2017
Country: United States

BEAMSTART

BEAMSTART is a global entrepreneurship community, serving as a catalyst for innovation and collaboration. With a mission to empower entrepreneurs, we offer exclusive deals with savings totaling over $1,000,000, curated news, events, and a vast investor database. Through our portal, we aim to foster a supportive ecosystem where like-minded individuals can connect and create opportunities for growth and success.

© Copyright 2024 BEAMSTART. All Rights Reserved.