Convoso
Senior Information Security Engineer
Convoso, Los Angeles, California, United States, 90079
Convoso is a leading AI-powered contact center platform purpose-built for revenue teams. Since 2006, Convoso has remained at the forefront of innovation, consistently developing solutions to drive customer growth while supporting adherence to regulatory standards.
Who We Are:
While headquartered in Los Angeles, the Convoso team can be found around the globe working in either a hybrid and remote capacity. Awarded as a "best place to work" company, our culture fosters team integrity, positive persistence, and continuous growth.
Our core platform powers successful sales teams across multiple industries, giving our customers a competitive edge and streamlined productivity. With built-in Al and automations, our product is a premium offering in a competitive space. We continue to grow our product capabilities to better serve our current customers and to expand into newer markets.
Convoso is looking for people who are excited about technology and innovation. We are a company of motivated team players with diverse backgrounds driving accelerated growth in a supportive, positive culture.
The Job:
We are seeking a
Senior Information Security Engineer.
In this role, you will be responsible for designing, implementing, and maintaining secure systems and networks. You will work closely with cross-functional teams, including IT, network engineering, and SREs, to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. You will be responsible for identifying vulnerabilities and potential threats, conducting risk assessments, and developing and implementing security solutions to mitigate risks. You will also be involved in incident response, security monitoring, and security policy development. This role establishes appropriate standards and controls and leverages best-of-breed Cybersecurity frameworks.
What You'll Be Doing:
Design and drive the security initiatives (collaboratively with SRE and IT teams) to implement and maintain secure systems and networks; including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices. Collaborate with third parties to perform vulnerability assessments, penetration testing, and risk assessments to identify/ prioritize potential security risks and vulnerabilities. Recommend security policies, controls, and cyber incident response planning, including impact analysis and recommendations for avoiding breaches or incidents. Implement and provide ongoing support for cybersecurity policies and procedures. Establish Disaster Recovery and Business Continuity processes. Ensure communication of these plans within the organization. Lead incident response efforts to investigate security breaches, analyze root causes, and implement corrective actions. Conduct digital forensics investigations when necessary. Review and collaborate with LMS on security awareness and best practices training for team members. Regularly update the cyber security strategy to leverage new technology and threat information. Responsible for supporting any additional aspects of IT security strategy and advising on Security Software and Services, including but not limited to staff laptops and any other device security tools. Communicate and champion best practices and risks to various parts of the business, as appropriate. Helped infrastructure and software engineers audit and develop secure systems by advising on information technology regulatory and security best practices. Maintain and disseminate a current understanding of the industry's IT threat landscape and leverage various threat intelligence sources. Establish a 24/7 global monitoring and threat detection environment, and implement security information and event management (SIEM) solutions for centralized monitoring and analysis. Assist in the identification of new tools and systems to reduce and/or manage risks. Ensure technical documentation for security practices and procedures. Who You Are:
Bachelor's Degree in Computer Science, Information Technology,or related field preferred Significant knowledge and demonstrated track record leading SaaS security environments and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls. Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching. Familiarity with security-related regulations, such as CCPA, GDPR, HIPAA, and PCI-DSS. One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc. Security control concepts: physical, logical, administrative Minimum of 5 years of experience in cybersecurity, system security engineering, network security, or performing and running information security assessments in direct support of compliance or a related field. Excellent analytical, problem-solving, and troubleshooting skills. Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Implement security information and event management (SIEM) solutions for centralized monitoring and analysis. Work Perks Worth The Hype:
Competitive compensation package Stock options 100% covered premiums for employees; Medical, Dental, Basic life insurance, Long term disability Affordable Vision plan and optional FSA PTO, Paid Sick Time, Holidays, Bereavement time, Parental Leave Your birthday off 401k program with generous company match No cost Employee Assistance Program and Travel Assistance Monthly Gym membership reimbursement Monthly credits toward food & beverage Company Outings On and offsite team building events Paid training for departments Apple laptop (most roles) And a team of highly experienced and kind colleagues! HQ Office:
Casual office environment & dress Daily catered lunches Fully stocked kitchen (Dietary restriction-friendly) Happy Hours Monthly Massages On-site Car Wash Free Parking
Compensation:
The base salary range is: $120,000 - $140,000.
The Base Pay Range for this position is based on the industry benchmark for position, function, level and the company's compensation strategies. However, final offers may vary from the amount listed based on geography, candidate experience and expertise, and other objective business. Convoso's compensation package also includes equity for all eligible U.S full time roles and exceptional benefits, including generous 401k match.
Your California Privacy Rights:
As a California resident who is an applicant to be an employee of Convoso, you have certain rights under California law with respect to information collected by Convoso in the course and scope of its evaluation of your application. The types of information Convoso collects and your rights with respect to that information are contained in Convoso's privacy policy, which you can review by going to https://www.convoso.com/privacy-policy/.
Who We Are:
While headquartered in Los Angeles, the Convoso team can be found around the globe working in either a hybrid and remote capacity. Awarded as a "best place to work" company, our culture fosters team integrity, positive persistence, and continuous growth.
Our core platform powers successful sales teams across multiple industries, giving our customers a competitive edge and streamlined productivity. With built-in Al and automations, our product is a premium offering in a competitive space. We continue to grow our product capabilities to better serve our current customers and to expand into newer markets.
Convoso is looking for people who are excited about technology and innovation. We are a company of motivated team players with diverse backgrounds driving accelerated growth in a supportive, positive culture.
The Job:
We are seeking a
Senior Information Security Engineer.
In this role, you will be responsible for designing, implementing, and maintaining secure systems and networks. You will work closely with cross-functional teams, including IT, network engineering, and SREs, to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. You will be responsible for identifying vulnerabilities and potential threats, conducting risk assessments, and developing and implementing security solutions to mitigate risks. You will also be involved in incident response, security monitoring, and security policy development. This role establishes appropriate standards and controls and leverages best-of-breed Cybersecurity frameworks.
What You'll Be Doing:
Design and drive the security initiatives (collaboratively with SRE and IT teams) to implement and maintain secure systems and networks; including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices. Collaborate with third parties to perform vulnerability assessments, penetration testing, and risk assessments to identify/ prioritize potential security risks and vulnerabilities. Recommend security policies, controls, and cyber incident response planning, including impact analysis and recommendations for avoiding breaches or incidents. Implement and provide ongoing support for cybersecurity policies and procedures. Establish Disaster Recovery and Business Continuity processes. Ensure communication of these plans within the organization. Lead incident response efforts to investigate security breaches, analyze root causes, and implement corrective actions. Conduct digital forensics investigations when necessary. Review and collaborate with LMS on security awareness and best practices training for team members. Regularly update the cyber security strategy to leverage new technology and threat information. Responsible for supporting any additional aspects of IT security strategy and advising on Security Software and Services, including but not limited to staff laptops and any other device security tools. Communicate and champion best practices and risks to various parts of the business, as appropriate. Helped infrastructure and software engineers audit and develop secure systems by advising on information technology regulatory and security best practices. Maintain and disseminate a current understanding of the industry's IT threat landscape and leverage various threat intelligence sources. Establish a 24/7 global monitoring and threat detection environment, and implement security information and event management (SIEM) solutions for centralized monitoring and analysis. Assist in the identification of new tools and systems to reduce and/or manage risks. Ensure technical documentation for security practices and procedures. Who You Are:
Bachelor's Degree in Computer Science, Information Technology,or related field preferred Significant knowledge and demonstrated track record leading SaaS security environments and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls. Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching. Familiarity with security-related regulations, such as CCPA, GDPR, HIPAA, and PCI-DSS. One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc. Security control concepts: physical, logical, administrative Minimum of 5 years of experience in cybersecurity, system security engineering, network security, or performing and running information security assessments in direct support of compliance or a related field. Excellent analytical, problem-solving, and troubleshooting skills. Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Implement security information and event management (SIEM) solutions for centralized monitoring and analysis. Work Perks Worth The Hype:
Competitive compensation package Stock options 100% covered premiums for employees; Medical, Dental, Basic life insurance, Long term disability Affordable Vision plan and optional FSA PTO, Paid Sick Time, Holidays, Bereavement time, Parental Leave Your birthday off 401k program with generous company match No cost Employee Assistance Program and Travel Assistance Monthly Gym membership reimbursement Monthly credits toward food & beverage Company Outings On and offsite team building events Paid training for departments Apple laptop (most roles) And a team of highly experienced and kind colleagues! HQ Office:
Casual office environment & dress Daily catered lunches Fully stocked kitchen (Dietary restriction-friendly) Happy Hours Monthly Massages On-site Car Wash Free Parking
Compensation:
The base salary range is: $120,000 - $140,000.
The Base Pay Range for this position is based on the industry benchmark for position, function, level and the company's compensation strategies. However, final offers may vary from the amount listed based on geography, candidate experience and expertise, and other objective business. Convoso's compensation package also includes equity for all eligible U.S full time roles and exceptional benefits, including generous 401k match.
Your California Privacy Rights:
As a California resident who is an applicant to be an employee of Convoso, you have certain rights under California law with respect to information collected by Convoso in the course and scope of its evaluation of your application. The types of information Convoso collects and your rights with respect to that information are contained in Convoso's privacy policy, which you can review by going to https://www.convoso.com/privacy-policy/.